./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1148718159
<...>
Warning: Permanently added '10.128.0.112' (ECDSA) to the list of known hosts.
execve("./syz-executor1148718159", ["./syz-executor1148718159"], 0x7ffe4d4c58e0 /* 10 vars */) = 0
brk(NULL) = 0x555556ae3000
brk(0x555556ae3c40) = 0x555556ae3c40
arch_prctl(ARCH_SET_FS, 0x555556ae3300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor1148718159", 4096) = 28
brk(0x555556b04c40) = 0x555556b04c40
brk(0x555556b05000) = 0x555556b05000
mprotect(0x7fc57c290000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid() = 5063
mkdir("./syzkaller.YfDhn3", 0700) = 0
chmod("./syzkaller.YfDhn3", 0777) = 0
chdir("./syzkaller.YfDhn3") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5064
./strace-static-x86_64: Process 5064 attached
[pid 5064] chdir("./0") = 0
[pid 5064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5064] setpgid(0, 0) = 0
[pid 5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5064] write(3, "1000", 4) = 4
[pid 5064] close(3) = 0
[pid 5064] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5064] memfd_create("syzkaller", 0) = 3
[pid 5064] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5064] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5064] munmap(0x7fc573dd4000, 262144) = 0
[pid 5064] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5064] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5064] close(3) = 0
[pid 5064] mkdir("./file0", 0777) = 0
[ 53.015101][ T5064] loop0: detected capacity change from 0 to 512
[ 53.024592][ T5064] =======================================================
[ 53.024592][ T5064] WARNING: The mand mount option has been deprecated and
[ 53.024592][ T5064] and is ignored by this kernel. Remove the mand
[ 53.024592][ T5064] option from the mount to silence this warning.
[ 53.024592][ T5064] =======================================================
[pid 5064] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5064] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5064] chdir("./file0") = 0
[pid 5064] ioctl(4, LOOP_CLR_FD) = 0
[pid 5064] close(4) = 0
[pid 5064] exit_group(0) = ?
[pid 5064] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5064, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs") = 0
[ 53.061897][ T5064] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.072724][ T5064] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.086740][ T5064] EXT4-fs (loop0): 1 truncate cleaned up
[ 53.095089][ T5064] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5067
./strace-static-x86_64: Process 5067 attached
[pid 5067] chdir("./1") = 0
[pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5067] setpgid(0, 0) = 0
[pid 5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5067] write(3, "1000", 4) = 4
[pid 5067] close(3) = 0
[pid 5067] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5067] memfd_create("syzkaller", 0) = 3
[pid 5067] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5067] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5067] munmap(0x7fc573dd4000, 262144) = 0
[pid 5067] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 53.120420][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5067] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5067] close(3) = 0
[pid 5067] mkdir("./file0", 0777) = 0
[pid 5067] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5067] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5067] chdir("./file0") = 0
[pid 5067] ioctl(4, LOOP_CLR_FD) = 0
[pid 5067] close(4) = 0
[pid 5067] exit_group(0) = ?
[pid 5067] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5067, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./1/binderfs") = 0
[ 53.175976][ T5067] loop0: detected capacity change from 0 to 512
[ 53.185877][ T5067] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.196592][ T5067] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.206059][ T5067] EXT4-fs (loop0): 1 truncate cleaned up
[ 53.213821][ T5067] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5070
./strace-static-x86_64: Process 5070 attached
[pid 5070] chdir("./2") = 0
[pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5070] setpgid(0, 0) = 0
[pid 5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5070] write(3, "1000", 4) = 4
[pid 5070] close(3) = 0
[pid 5070] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5070] memfd_create("syzkaller", 0) = 3
[pid 5070] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5070] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5070] munmap(0x7fc573dd4000, 262144) = 0
[pid 5070] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 53.245994][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5070] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5070] close(3) = 0
[pid 5070] mkdir("./file0", 0777) = 0
[pid 5070] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5070] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5070] chdir("./file0") = 0
[pid 5070] ioctl(4, LOOP_CLR_FD) = 0
[pid 5070] close(4) = 0
[pid 5070] exit_group(0) = ?
[pid 5070] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5070, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./2/binderfs") = 0
[ 53.294590][ T5070] loop0: detected capacity change from 0 to 512
[ 53.304691][ T5070] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.315354][ T5070] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.325053][ T5070] EXT4-fs (loop0): 1 truncate cleaned up
[ 53.332521][ T5070] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5072
./strace-static-x86_64: Process 5072 attached
[pid 5072] chdir("./3") = 0
[pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5072] setpgid(0, 0) = 0
[pid 5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5072] write(3, "1000", 4) = 4
[pid 5072] close(3) = 0
[pid 5072] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5072] memfd_create("syzkaller", 0) = 3
[pid 5072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5072] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5072] munmap(0x7fc573dd4000, 262144) = 0
[pid 5072] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 53.364552][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5072] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5072] close(3) = 0
[pid 5072] mkdir("./file0", 0777) = 0
[pid 5072] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[ 53.416608][ T5072] loop0: detected capacity change from 0 to 512
[ 53.426711][ T5072] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.437966][ T5072] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.447728][ T5072] EXT4-fs (loop0): 1 truncate cleaned up
[ 53.454974][ T5072] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[pid 5072] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5072] chdir("./file0") = 0
[pid 5072] ioctl(4, LOOP_CLR_FD) = 0
[pid 5072] close(4) = 0
[pid 5072] exit_group(0) = ?
[pid 5072] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5072, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./3/binderfs") = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5074
./strace-static-x86_64: Process 5074 attached
[pid 5074] chdir("./4") = 0
[pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5074] setpgid(0, 0) = 0
[pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5074] write(3, "1000", 4) = 4
[pid 5074] close(3) = 0
[pid 5074] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5074] memfd_create("syzkaller", 0) = 3
[pid 5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5074] munmap(0x7fc573dd4000, 262144) = 0
[pid 5074] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5074] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5074] close(3) = 0
[pid 5074] mkdir("./file0", 0777) = 0
[ 53.478071][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 53.514276][ T5074] loop0: detected capacity change from 0 to 512
[pid 5074] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5074] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5074] chdir("./file0") = 0
[pid 5074] ioctl(4, LOOP_CLR_FD) = 0
[pid 5074] close(4) = 0
[pid 5074] exit_group(0) = ?
[pid 5074] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5074, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./4/binderfs") = 0
[ 53.518923][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 53.531699][ T5074] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.542597][ T5074] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.552688][ T5074] EXT4-fs (loop0): 1 truncate cleaned up
[ 53.560294][ T5074] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5076
./strace-static-x86_64: Process 5076 attached
[pid 5076] chdir("./5") = 0
[pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5076] setpgid(0, 0) = 0
[pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5076] write(3, "1000", 4) = 4
[pid 5076] close(3) = 0
[pid 5076] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5076] memfd_create("syzkaller", 0) = 3
[pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5076] munmap(0x7fc573dd4000, 262144) = 0
[pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 53.588555][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5076] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5076] close(3) = 0
[pid 5076] mkdir("./file0", 0777) = 0
[pid 5076] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5076] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5076] chdir("./file0") = 0
[pid 5076] ioctl(4, LOOP_CLR_FD) = 0
[pid 5076] close(4) = 0
[pid 5076] exit_group(0) = ?
[pid 5076] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./5/binderfs") = 0
[ 53.635063][ T5076] loop0: detected capacity change from 0 to 512
[ 53.644676][ T5076] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.655368][ T5076] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.665144][ T5076] EXT4-fs (loop0): 1 truncate cleaned up
[ 53.672059][ T5076] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5078
./strace-static-x86_64: Process 5078 attached
[pid 5078] chdir("./6") = 0
[pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5078] setpgid(0, 0) = 0
[pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5078] write(3, "1000", 4) = 4
[pid 5078] close(3) = 0
[pid 5078] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5078] memfd_create("syzkaller", 0) = 3
[pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5078] munmap(0x7fc573dd4000, 262144) = 0
[pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 53.701199][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5078] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5078] close(3) = 0
[pid 5078] mkdir("./file0", 0777) = 0
[pid 5078] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[ 53.747791][ T5078] loop0: detected capacity change from 0 to 512
[ 53.757843][ T5078] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.768435][ T5078] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.778646][ T5078] EXT4-fs (loop0): 1 truncate cleaned up
[ 53.786088][ T5078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5078] chdir("./file0") = 0
[pid 5078] ioctl(4, LOOP_CLR_FD) = 0
[pid 5078] close(4) = 0
[pid 5078] exit_group(0) = ?
[pid 5078] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./6/binderfs") = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5080
./strace-static-x86_64: Process 5080 attached
[pid 5080] chdir("./7") = 0
[pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5080] setpgid(0, 0) = 0
[pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5080] write(3, "1000", 4) = 4
[pid 5080] close(3) = 0
[pid 5080] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5080] memfd_create("syzkaller", 0) = 3
[pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5080] munmap(0x7fc573dd4000, 262144) = 0
[pid 5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 53.813519][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5080] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5080] close(3) = 0
[pid 5080] mkdir("./file0", 0777) = 0
[pid 5080] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5080] chdir("./file0") = 0
[pid 5080] ioctl(4, LOOP_CLR_FD) = 0
[pid 5080] close(4) = 0
[pid 5080] exit_group(0) = ?
[pid 5080] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./7/binderfs") = 0
[ 53.866817][ T5080] loop0: detected capacity change from 0 to 512
[ 53.876130][ T5080] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 53.886686][ T5080] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 53.896952][ T5080] EXT4-fs (loop0): 1 truncate cleaned up
[ 53.904889][ T5080] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5082
./strace-static-x86_64: Process 5082 attached
[pid 5082] chdir("./8") = 0
[pid 5082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5082] setpgid(0, 0) = 0
[pid 5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5082] write(3, "1000", 4) = 4
[pid 5082] close(3) = 0
[pid 5082] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5082] memfd_create("syzkaller", 0) = 3
[pid 5082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5082] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5082] munmap(0x7fc573dd4000, 262144) = 0
[pid 5082] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 53.933441][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5082] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5082] close(3) = 0
[pid 5082] mkdir("./file0", 0777) = 0
[ 53.980059][ T5082] loop0: detected capacity change from 0 to 512
[ 53.990361][ T5082] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.001244][ T5082] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.011706][ T5082] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5082] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5082] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5082] chdir("./file0") = 0
[pid 5082] ioctl(4, LOOP_CLR_FD) = 0
[pid 5082] close(4) = 0
[pid 5082] exit_group(0) = ?
[pid 5082] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./8/binderfs") = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5084
./strace-static-x86_64: Process 5084 attached
[pid 5084] chdir("./9") = 0
[pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5084] setpgid(0, 0) = 0
[pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5084] write(3, "1000", 4) = 4
[pid 5084] close(3) = 0
[pid 5084] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5084] memfd_create("syzkaller", 0) = 3
[pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5084] munmap(0x7fc573dd4000, 262144) = 0
[pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.037276][ T5082] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 54.067912][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5084] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5084] close(3) = 0
[pid 5084] mkdir("./file0", 0777) = 0
[pid 5084] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5084] chdir("./file0") = 0
[pid 5084] ioctl(4, LOOP_CLR_FD) = 0
[pid 5084] close(4) = 0
[pid 5084] exit_group(0) = ?
[pid 5084] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./9/binderfs") = 0
[ 54.114440][ T5084] loop0: detected capacity change from 0 to 512
[ 54.124049][ T5084] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.134697][ T5084] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.144143][ T5084] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.152133][ T5084] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./9/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./9") = 0
mkdir("./10", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5086
./strace-static-x86_64: Process 5086 attached
[pid 5086] chdir("./10") = 0
[pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5086] setpgid(0, 0) = 0
[pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5086] write(3, "1000", 4) = 4
[pid 5086] close(3) = 0
[pid 5086] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5086] memfd_create("syzkaller", 0) = 3
[pid 5086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5086] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5086] munmap(0x7fc573dd4000, 262144) = 0
[pid 5086] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.174957][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5086] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5086] close(3) = 0
[pid 5086] mkdir("./file0", 0777) = 0
[pid 5086] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5086] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5086] chdir("./file0") = 0
[pid 5086] ioctl(4, LOOP_CLR_FD) = 0
[pid 5086] close(4) = 0
[pid 5086] exit_group(0) = ?
[pid 5086] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5086, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./10/binderfs") = 0
[ 54.230024][ T5086] loop0: detected capacity change from 0 to 512
[ 54.240147][ T5086] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.250615][ T5086] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.260504][ T5086] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.267831][ T5086] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./10/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./10") = 0
mkdir("./11", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5088
./strace-static-x86_64: Process 5088 attached
[pid 5088] chdir("./11") = 0
[pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5088] setpgid(0, 0) = 0
[pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5088] write(3, "1000", 4) = 4
[pid 5088] close(3) = 0
[pid 5088] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5088] memfd_create("syzkaller", 0) = 3
[pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5088] munmap(0x7fc573dd4000, 262144) = 0
[pid 5088] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.296551][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5088] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5088] close(3) = 0
[pid 5088] mkdir("./file0", 0777) = 0
[pid 5088] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5088] chdir("./file0") = 0
[pid 5088] ioctl(4, LOOP_CLR_FD) = 0
[pid 5088] close(4) = 0
[pid 5088] exit_group(0) = ?
[pid 5088] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./11/binderfs") = 0
[ 54.349052][ T5088] loop0: detected capacity change from 0 to 512
[ 54.358841][ T5088] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.369293][ T5088] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.379481][ T5088] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.386810][ T5088] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./11/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./11") = 0
mkdir("./12", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5090
./strace-static-x86_64: Process 5090 attached
[pid 5090] chdir("./12") = 0
[pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5090] setpgid(0, 0) = 0
[pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5090] write(3, "1000", 4) = 4
[pid 5090] close(3) = 0
[pid 5090] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5090] memfd_create("syzkaller", 0) = 3
[pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5090] munmap(0x7fc573dd4000, 262144) = 0
[pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.417098][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5090] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5090] close(3) = 0
[pid 5090] mkdir("./file0", 0777) = 0
[ 54.470387][ T5090] loop0: detected capacity change from 0 to 512
[ 54.480229][ T5090] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.490828][ T5090] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.500399][ T5090] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5090] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5090] chdir("./file0") = 0
[pid 5090] ioctl(4, LOOP_CLR_FD) = 0
[pid 5090] close(4) = 0
[pid 5090] exit_group(0) = ?
[pid 5090] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./12/binderfs") = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./12/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./12") = 0
mkdir("./13", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5092
./strace-static-x86_64: Process 5092 attached
[pid 5092] chdir("./13") = 0
[pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5092] setpgid(0, 0) = 0
[pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5092] write(3, "1000", 4) = 4
[pid 5092] close(3) = 0
[pid 5092] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5092] memfd_create("syzkaller", 0) = 3
[pid 5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5092] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5092] munmap(0x7fc573dd4000, 262144) = 0
[pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.527096][ T5090] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 54.556284][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5092] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5092] close(3) = 0
[pid 5092] mkdir("./file0", 0777) = 0
[ 54.604503][ T5092] loop0: detected capacity change from 0 to 512
[ 54.613939][ T5092] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.624334][ T5092] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.633797][ T5092] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5092] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5092] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5092] chdir("./file0") = 0
[pid 5092] ioctl(4, LOOP_CLR_FD) = 0
[pid 5092] close(4) = 0
[pid 5092] exit_group(0) = ?
[pid 5092] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./13/binderfs") = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./13/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./13") = 0
mkdir("./14", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5094
./strace-static-x86_64: Process 5094 attached
[pid 5094] chdir("./14") = 0
[pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5094] setpgid(0, 0) = 0
[pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5094] write(3, "1000", 4) = 4
[pid 5094] close(3) = 0
[pid 5094] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5094] memfd_create("syzkaller", 0) = 3
[pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5094] munmap(0x7fc573dd4000, 262144) = 0
[pid 5094] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.647239][ T5092] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 54.668884][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5094] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5094] close(3) = 0
[pid 5094] mkdir("./file0", 0777) = 0
[ 54.715665][ T5094] loop0: detected capacity change from 0 to 512
[ 54.725787][ T5094] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.735848][ T5094] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.745354][ T5094] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5094] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5094] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5094] chdir("./file0") = 0
[pid 5094] ioctl(4, LOOP_CLR_FD) = 0
[pid 5094] close(4) = 0
[pid 5094] exit_group(0) = ?
[pid 5094] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./14/binderfs") = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./14/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./14") = 0
mkdir("./15", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5096
./strace-static-x86_64: Process 5096 attached
[pid 5096] chdir("./15") = 0
[pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5096] setpgid(0, 0) = 0
[pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5096] write(3, "1000", 4) = 4
[pid 5096] close(3) = 0
[pid 5096] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5096] memfd_create("syzkaller", 0) = 3
[pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5096] munmap(0x7fc573dd4000, 262144) = 0
[pid 5096] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.757225][ T5094] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 54.785989][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5096] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5096] close(3) = 0
[pid 5096] mkdir("./file0", 0777) = 0
[pid 5096] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5096] chdir("./file0") = 0
[pid 5096] ioctl(4, LOOP_CLR_FD) = 0
[pid 5096] close(4) = 0
[pid 5096] exit_group(0) = ?
[pid 5096] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./15/binderfs") = 0
[ 54.830992][ T5096] loop0: detected capacity change from 0 to 512
[ 54.840882][ T5096] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.851055][ T5096] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.860745][ T5096] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.867325][ T5096] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./15/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./15") = 0
mkdir("./16", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5098
./strace-static-x86_64: Process 5098 attached
[pid 5098] chdir("./16") = 0
[pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5098] setpgid(0, 0) = 0
[pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5098] write(3, "1000", 4) = 4
[pid 5098] close(3) = 0
[pid 5098] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5098] memfd_create("syzkaller", 0) = 3
[pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5098] munmap(0x7fc573dd4000, 262144) = 0
[pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5098] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5098] close(3) = 0
[pid 5098] mkdir("./file0", 0777) = 0
[ 54.900871][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 54.936802][ T5098] loop0: detected capacity change from 0 to 512
[pid 5098] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5098] chdir("./file0") = 0
[pid 5098] ioctl(4, LOOP_CLR_FD) = 0
[pid 5098] close(4) = 0
[pid 5098] exit_group(0) = ?
[pid 5098] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./16/binderfs") = 0
[ 54.947991][ T5098] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 54.959040][ T5098] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 54.968728][ T5098] EXT4-fs (loop0): 1 truncate cleaned up
[ 54.975965][ T5098] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./16/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./16") = 0
mkdir("./17", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5100
./strace-static-x86_64: Process 5100 attached
[pid 5100] chdir("./17") = 0
[pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5100] setpgid(0, 0) = 0
[pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5100] write(3, "1000", 4) = 4
[pid 5100] close(3) = 0
[pid 5100] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5100] memfd_create("syzkaller", 0) = 3
[pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5100] munmap(0x7fc573dd4000, 262144) = 0
[pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 54.999126][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5100] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5100] close(3) = 0
[pid 5100] mkdir("./file0", 0777) = 0
[pid 5100] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5100] chdir("./file0") = 0
[pid 5100] ioctl(4, LOOP_CLR_FD) = 0
[pid 5100] close(4) = 0
[pid 5100] exit_group(0) = ?
[pid 5100] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./17/binderfs") = 0
[ 55.050834][ T5100] loop0: detected capacity change from 0 to 512
[ 55.059921][ T5100] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.070115][ T5100] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.080184][ T5100] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.087611][ T5100] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./17/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./17") = 0
mkdir("./18", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5102
./strace-static-x86_64: Process 5102 attached
[pid 5102] chdir("./18") = 0
[pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5102] setpgid(0, 0) = 0
[pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5102] write(3, "1000", 4) = 4
[pid 5102] close(3) = 0
[pid 5102] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5102] memfd_create("syzkaller", 0) = 3
[pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5102] munmap(0x7fc573dd4000, 262144) = 0
[pid 5102] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.117141][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5102] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5102] close(3) = 0
[pid 5102] mkdir("./file0", 0777) = 0
[pid 5102] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5102] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5102] chdir("./file0") = 0
[pid 5102] ioctl(4, LOOP_CLR_FD) = 0
[pid 5102] close(4) = 0
[pid 5102] exit_group(0) = ?
[pid 5102] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./18/binderfs") = 0
[ 55.171873][ T5102] loop0: detected capacity change from 0 to 512
[ 55.181164][ T5102] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.191715][ T5102] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.201409][ T5102] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.208990][ T5102] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./18/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./18") = 0
mkdir("./19", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5104
./strace-static-x86_64: Process 5104 attached
[pid 5104] chdir("./19") = 0
[pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5104] setpgid(0, 0) = 0
[pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5104] write(3, "1000", 4) = 4
[pid 5104] close(3) = 0
[pid 5104] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5104] memfd_create("syzkaller", 0) = 3
[pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5104] munmap(0x7fc573dd4000, 262144) = 0
[pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.240486][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5104] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5104] close(3) = 0
[pid 5104] mkdir("./file0", 0777) = 0
[pid 5104] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5104] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5104] chdir("./file0") = 0
[pid 5104] ioctl(4, LOOP_CLR_FD) = 0
[pid 5104] close(4) = 0
[pid 5104] exit_group(0) = ?
[pid 5104] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./19/binderfs") = 0
[ 55.285626][ T5104] loop0: detected capacity change from 0 to 512
[ 55.294970][ T5104] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.305433][ T5104] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.314953][ T5104] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.322360][ T5104] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./19/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./19") = 0
mkdir("./20", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5106
./strace-static-x86_64: Process 5106 attached
[pid 5106] chdir("./20") = 0
[pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5106] setpgid(0, 0) = 0
[pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5106] write(3, "1000", 4) = 4
[pid 5106] close(3) = 0
[pid 5106] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5106] memfd_create("syzkaller", 0) = 3
[pid 5106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5106] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5106] munmap(0x7fc573dd4000, 262144) = 0
[pid 5106] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5106] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5106] close(3) = 0
[pid 5106] mkdir("./file0", 0777) = 0
[ 55.345294][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 55.385515][ T5106] loop0: detected capacity change from 0 to 512
[pid 5106] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5106] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5106] chdir("./file0") = 0
[pid 5106] ioctl(4, LOOP_CLR_FD) = 0
[pid 5106] close(4) = 0
[pid 5106] exit_group(0) = ?
[pid 5106] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./20/binderfs") = 0
[ 55.395784][ T5106] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.406425][ T5106] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.416420][ T5106] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.423808][ T5106] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./20/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./20") = 0
mkdir("./21", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5108
./strace-static-x86_64: Process 5108 attached
[pid 5108] chdir("./21") = 0
[pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5108] setpgid(0, 0) = 0
[pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5108] write(3, "1000", 4) = 4
[pid 5108] close(3) = 0
[pid 5108] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5108] memfd_create("syzkaller", 0) = 3
[pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5108] munmap(0x7fc573dd4000, 262144) = 0
[pid 5108] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.453090][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5108] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5108] close(3) = 0
[pid 5108] mkdir("./file0", 0777) = 0
[pid 5108] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5108] chdir("./file0") = 0
[pid 5108] ioctl(4, LOOP_CLR_FD) = 0
[pid 5108] close(4) = 0
[pid 5108] exit_group(0) = ?
[pid 5108] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./21/binderfs") = 0
[ 55.512268][ T5108] loop0: detected capacity change from 0 to 512
[ 55.523134][ T5108] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.533232][ T5108] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.543136][ T5108] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.550414][ T5108] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./21/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./21") = 0
mkdir("./22", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5110
./strace-static-x86_64: Process 5110 attached
[pid 5110] chdir("./22") = 0
[pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5110] setpgid(0, 0) = 0
[pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5110] write(3, "1000", 4) = 4
[pid 5110] close(3) = 0
[pid 5110] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5110] memfd_create("syzkaller", 0) = 3
[pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5110] munmap(0x7fc573dd4000, 262144) = 0
[pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.577998][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5110] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5110] close(3) = 0
[pid 5110] mkdir("./file0", 0777) = 0
[pid 5110] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5110] chdir("./file0") = 0
[pid 5110] ioctl(4, LOOP_CLR_FD) = 0
[pid 5110] close(4) = 0
[pid 5110] exit_group(0) = ?
[pid 5110] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./22/binderfs") = 0
[ 55.624529][ T5110] loop0: detected capacity change from 0 to 512
[ 55.634524][ T5110] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.644567][ T5110] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.654312][ T5110] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.661991][ T5110] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./22/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./22") = 0
mkdir("./23", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5112
./strace-static-x86_64: Process 5112 attached
[pid 5112] chdir("./23") = 0
[pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5112] setpgid(0, 0) = 0
[pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5112] write(3, "1000", 4) = 4
[pid 5112] close(3) = 0
[pid 5112] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5112] memfd_create("syzkaller", 0) = 3
[pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5112] munmap(0x7fc573dd4000, 262144) = 0
[pid 5112] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 55.688520][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5112] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5112] close(3) = 0
[pid 5112] mkdir("./file0", 0777) = 0
[pid 5112] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5112] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5112] chdir("./file0") = 0
[pid 5112] ioctl(4, LOOP_CLR_FD) = 0
[pid 5112] close(4) = 0
[pid 5112] exit_group(0) = ?
[pid 5112] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./23/binderfs") = 0
[ 55.741136][ T5112] loop0: detected capacity change from 0 to 512
[ 55.751564][ T5112] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.761836][ T5112] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.771580][ T5112] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.778576][ T5112] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./23/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./23") = 0
mkdir("./24", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5114
./strace-static-x86_64: Process 5114 attached
[pid 5114] chdir("./24") = 0
[pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5114] setpgid(0, 0) = 0
[pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5114] write(3, "1000", 4) = 4
[pid 5114] close(3) = 0
[pid 5114] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5114] memfd_create("syzkaller", 0) = 3
[pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5114] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5114] munmap(0x7fc573dd4000, 262144) = 0
[pid 5114] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5114] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5114] close(3) = 0
[pid 5114] mkdir("./file0", 0777) = 0
[ 55.802310][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 55.837517][ T5114] loop0: detected capacity change from 0 to 512
[pid 5114] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5114] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5114] chdir("./file0") = 0
[pid 5114] ioctl(4, LOOP_CLR_FD) = 0
[pid 5114] close(4) = 0
[pid 5114] exit_group(0) = ?
[pid 5114] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./24/binderfs") = 0
[ 55.839197][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 55.856821][ T5114] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.869208][ T5114] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.878794][ T5114] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.886341][ T5114] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./24/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./24") = 0
mkdir("./25", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5116
./strace-static-x86_64: Process 5116 attached
[pid 5116] chdir("./25") = 0
[pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5116] setpgid(0, 0) = 0
[pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5116] write(3, "1000", 4) = 4
[pid 5116] close(3) = 0
[pid 5116] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5116] memfd_create("syzkaller", 0) = 3
[pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5116] munmap(0x7fc573dd4000, 262144) = 0
[pid 5116] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5116] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5116] close(3) = 0
[pid 5116] mkdir("./file0", 0777) = 0
[ 55.915689][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 55.955233][ T5116] loop0: detected capacity change from 0 to 512
[pid 5116] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5116] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5116] chdir("./file0") = 0
[pid 5116] ioctl(4, LOOP_CLR_FD) = 0
[pid 5116] close(4) = 0
[pid 5116] exit_group(0) = ?
[pid 5116] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./25/binderfs") = 0
[ 55.965009][ T5116] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 55.975113][ T5116] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 55.984788][ T5116] EXT4-fs (loop0): 1 truncate cleaned up
[ 55.997309][ T5116] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./25/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./25") = 0
mkdir("./26", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5118
./strace-static-x86_64: Process 5118 attached
[pid 5118] chdir("./26") = 0
[pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5118] setpgid(0, 0) = 0
[pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5118] write(3, "1000", 4) = 4
[pid 5118] close(3) = 0
[pid 5118] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5118] memfd_create("syzkaller", 0) = 3
[pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5118] munmap(0x7fc573dd4000, 262144) = 0
[pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5118] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5118] close(3) = 0
[pid 5118] mkdir("./file0", 0777) = 0
[ 56.027992][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 56.064790][ T5118] loop0: detected capacity change from 0 to 512
[pid 5118] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5118] chdir("./file0") = 0
[pid 5118] ioctl(4, LOOP_CLR_FD) = 0
[pid 5118] close(4) = 0
[pid 5118] exit_group(0) = ?
[pid 5118] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./26/binderfs") = 0
[ 56.070111][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 56.082575][ T5118] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.093267][ T5118] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.103114][ T5118] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.110995][ T5118] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./26/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./26") = 0
mkdir("./27", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5120
./strace-static-x86_64: Process 5120 attached
[pid 5120] chdir("./27") = 0
[pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5120] setpgid(0, 0) = 0
[pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5120] write(3, "1000", 4) = 4
[pid 5120] close(3) = 0
[pid 5120] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5120] memfd_create("syzkaller", 0) = 3
[pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5120] munmap(0x7fc573dd4000, 262144) = 0
[pid 5120] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.137905][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5120] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5120] close(3) = 0
[pid 5120] mkdir("./file0", 0777) = 0
[pid 5120] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5120] chdir("./file0") = 0
[pid 5120] ioctl(4, LOOP_CLR_FD) = 0
[pid 5120] close(4) = 0
[pid 5120] exit_group(0) = ?
[pid 5120] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./27/binderfs") = 0
[ 56.191745][ T5120] loop0: detected capacity change from 0 to 512
[ 56.200836][ T5120] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.211070][ T5120] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.220831][ T5120] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.227835][ T5120] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./27/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./27") = 0
mkdir("./28", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5122
./strace-static-x86_64: Process 5122 attached
[pid 5122] chdir("./28") = 0
[pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5122] setpgid(0, 0) = 0
[pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5122] write(3, "1000", 4) = 4
[pid 5122] close(3) = 0
[pid 5122] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5122] memfd_create("syzkaller", 0) = 3
[pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5122] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5122] munmap(0x7fc573dd4000, 262144) = 0
[pid 5122] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.260266][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5122] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5122] close(3) = 0
[pid 5122] mkdir("./file0", 0777) = 0
[pid 5122] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5122] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5122] chdir("./file0") = 0
[pid 5122] ioctl(4, LOOP_CLR_FD) = 0
[pid 5122] close(4) = 0
[pid 5122] exit_group(0) = ?
[pid 5122] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./28/binderfs") = 0
[ 56.316405][ T5122] loop0: detected capacity change from 0 to 512
[ 56.326373][ T5122] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.337182][ T5122] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.346611][ T5122] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.353394][ T5122] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./28/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./28") = 0
mkdir("./29", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5124
./strace-static-x86_64: Process 5124 attached
[pid 5124] chdir("./29") = 0
[pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5124] setpgid(0, 0) = 0
[pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5124] write(3, "1000", 4) = 4
[pid 5124] close(3) = 0
[pid 5124] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5124] memfd_create("syzkaller", 0) = 3
[pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5124] munmap(0x7fc573dd4000, 262144) = 0
[pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.377836][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5124] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5124] close(3) = 0
[pid 5124] mkdir("./file0", 0777) = 0
[pid 5124] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5124] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5124] chdir("./file0") = 0
[pid 5124] ioctl(4, LOOP_CLR_FD) = 0
[pid 5124] close(4) = 0
[pid 5124] exit_group(0) = ?
[pid 5124] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./29/binderfs") = 0
[ 56.424321][ T5124] loop0: detected capacity change from 0 to 512
[ 56.433534][ T5124] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.444208][ T5124] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.453712][ T5124] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.461492][ T5124] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./29/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./29") = 0
mkdir("./30", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5126
./strace-static-x86_64: Process 5126 attached
[pid 5126] chdir("./30") = 0
[pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5126] setpgid(0, 0) = 0
[pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5126] write(3, "1000", 4) = 4
[pid 5126] close(3) = 0
[pid 5126] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5126] memfd_create("syzkaller", 0) = 3
[pid 5126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5126] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5126] munmap(0x7fc573dd4000, 262144) = 0
[pid 5126] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.488545][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5126] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5126] close(3) = 0
[pid 5126] mkdir("./file0", 0777) = 0
[pid 5126] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5126] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5126] chdir("./file0") = 0
[pid 5126] ioctl(4, LOOP_CLR_FD) = 0
[pid 5126] close(4) = 0
[pid 5126] exit_group(0) = ?
[pid 5126] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 56.533274][ T5126] loop0: detected capacity change from 0 to 512
[ 56.543513][ T5126] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.553962][ T5126] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.564328][ T5126] EXT4-fs (loop0): 1 truncate cleaned up
[ 56.571576][ T5126] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./30/binderfs") = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./30/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./30") = 0
mkdir("./31", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5128
./strace-static-x86_64: Process 5128 attached
[pid 5128] chdir("./31") = 0
[pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5128] setpgid(0, 0) = 0
[pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5128] write(3, "1000", 4) = 4
[pid 5128] close(3) = 0
[pid 5128] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5128] memfd_create("syzkaller", 0) = 3
[pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5128] munmap(0x7fc573dd4000, 262144) = 0
[pid 5128] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 56.598966][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5128] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5128] close(3) = 0
[pid 5128] mkdir("./file0", 0777) = 0
[ 56.652116][ T5128] loop0: detected capacity change from 0 to 512
[ 56.662447][ T5128] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.672943][ T5128] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.682283][ T5128] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5128] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5128] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5128] chdir("./file0") = 0
[pid 5128] ioctl(4, LOOP_CLR_FD) = 0
[pid 5128] close(4) = 0
[pid 5128] exit_group(0) = ?
[pid 5128] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./31/binderfs") = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./31/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./31") = 0
mkdir("./32", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5130
./strace-static-x86_64: Process 5130 attached
[pid 5130] chdir("./32") = 0
[pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5130] setpgid(0, 0) = 0
[pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5130] write(3, "1000", 4) = 4
[pid 5130] close(3) = 0
[pid 5130] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5130] memfd_create("syzkaller", 0) = 3
[pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[ 56.707071][ T5128] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: writeback.
[ 56.740792][ T5063] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[pid 5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5130] munmap(0x7fc573dd4000, 262144) = 0
[pid 5130] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5130] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5130] close(3) = 0
[pid 5130] mkdir("./file0", 0777) = 0
[pid 5130] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5130] chdir("./file0") = 0
[pid 5130] ioctl(4, LOOP_CLR_FD) = 0
[pid 5130] close(4) = 0
[pid 5130] exit_group(0) = ?
[pid 5130] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
[ 56.790856][ T5130] loop0: detected capacity change from 0 to 512
[ 56.801386][ T5130] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.812037][ T5130] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.821323][ T5130] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./32/binderfs") = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./32/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./32") = 0
mkdir("./33", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5132
./strace-static-x86_64: Process 5132 attached
[pid 5132] chdir("./33") = 0
[pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5132] setpgid(0, 0) = 0
[pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5132] write(3, "1000", 4) = 4
[pid 5132] close(3) = 0
[pid 5132] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5132] memfd_create("syzkaller", 0) = 3
[pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5132] munmap(0x7fc573dd4000, 262144) = 0
[pid 5132] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5132] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5132] close(3) = 0
[pid 5132] mkdir("./file0", 0777) = 0
[pid 5132] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5132] chdir("./file0") = 0
[pid 5132] ioctl(4, LOOP_CLR_FD) = 0
[pid 5132] close(4) = 0
[pid 5132] exit_group(0) = ?
[pid 5132] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./33/binderfs") = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./33/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./33") = 0
mkdir("./34", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5134
./strace-static-x86_64: Process 5134 attached
[pid 5134] chdir("./34") = 0
[pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5134] setpgid(0, 0) = 0
[pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5134] write(3, "1000", 4) = 4
[ 56.914890][ T5132] loop0: detected capacity change from 0 to 512
[ 56.924672][ T5132] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 56.934648][ T5132] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 56.944099][ T5132] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5134] close(3) = 0
[pid 5134] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5134] memfd_create("syzkaller", 0) = 3
[pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5134] munmap(0x7fc573dd4000, 262144) = 0
[pid 5134] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5134] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5134] close(3) = 0
[pid 5134] mkdir("./file0", 0777) = 0
[pid 5134] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5134] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5134] chdir("./file0") = 0
[pid 5134] ioctl(4, LOOP_CLR_FD) = 0
[pid 5134] close(4) = 0
[pid 5134] exit_group(0) = ?
[pid 5134] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./34/binderfs") = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./34/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./34") = 0
mkdir("./35", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5136
./strace-static-x86_64: Process 5136 attached
[ 57.005989][ T5134] loop0: detected capacity change from 0 to 512
[ 57.015213][ T5134] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.025591][ T5134] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.035013][ T5134] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5136] chdir("./35") = 0
[pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5136] setpgid(0, 0) = 0
[pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5136] write(3, "1000", 4) = 4
[pid 5136] close(3) = 0
[pid 5136] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5136] memfd_create("syzkaller", 0) = 3
[pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5136] munmap(0x7fc573dd4000, 262144) = 0
[pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5136] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5136] close(3) = 0
[pid 5136] mkdir("./file0", 0777) = 0
[pid 5136] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5136] chdir("./file0") = 0
[pid 5136] ioctl(4, LOOP_CLR_FD) = 0
[pid 5136] close(4) = 0
[pid 5136] exit_group(0) = ?
[pid 5136] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./35/binderfs") = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./35/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./35") = 0
mkdir("./36", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5138
./strace-static-x86_64: Process 5138 attached
[ 57.104777][ T5136] loop0: detected capacity change from 0 to 512
[ 57.114680][ T5136] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.125112][ T5136] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.134809][ T5136] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5138] chdir("./36") = 0
[pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5138] setpgid(0, 0) = 0
[pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5138] write(3, "1000", 4) = 4
[pid 5138] close(3) = 0
[pid 5138] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5138] memfd_create("syzkaller", 0) = 3
[pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5138] munmap(0x7fc573dd4000, 262144) = 0
[pid 5138] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5138] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5138] close(3) = 0
[pid 5138] mkdir("./file0", 0777) = 0
[pid 5138] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5138] chdir("./file0") = 0
[pid 5138] ioctl(4, LOOP_CLR_FD) = 0
[pid 5138] close(4) = 0
[pid 5138] exit_group(0) = ?
[pid 5138] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5138, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./36/binderfs") = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./36/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./36") = 0
mkdir("./37", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5140
./strace-static-x86_64: Process 5140 attached
[pid 5140] chdir("./37") = 0
[pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5140] setpgid(0, 0) = 0
[pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5140] write(3, "1000", 4) = 4
[pid 5140] close(3) = 0
[pid 5140] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5140] memfd_create("syzkaller", 0) = 3
[pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5140] munmap(0x7fc573dd4000, 262144) = 0
[pid 5140] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 57.205778][ T5138] loop0: detected capacity change from 0 to 512
[ 57.216144][ T5138] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.226656][ T5138] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.236234][ T5138] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5140] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5140] close(3) = 0
[pid 5140] mkdir("./file0", 0777) = 0
[pid 5140] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5140] chdir("./file0") = 0
[pid 5140] ioctl(4, LOOP_CLR_FD) = 0
[pid 5140] close(4) = 0
[pid 5140] exit_group(0) = ?
[pid 5140] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./37/binderfs") = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./37/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./37/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./37") = 0
mkdir("./38", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5142
./strace-static-x86_64: Process 5142 attached
[ 57.281435][ T5140] loop0: detected capacity change from 0 to 512
[ 57.284818][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 57.298808][ T5140] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.309774][ T5140] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.320293][ T5140] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5142] chdir("./38") = 0
[pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5142] setpgid(0, 0) = 0
[pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5142] write(3, "1000", 4) = 4
[pid 5142] close(3) = 0
[pid 5142] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5142] memfd_create("syzkaller", 0) = 3
[pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5142] munmap(0x7fc573dd4000, 262144) = 0
[pid 5142] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5142] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5142] close(3) = 0
[pid 5142] mkdir("./file0", 0777) = 0
[pid 5142] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5142] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5142] chdir("./file0") = 0
[pid 5142] ioctl(4, LOOP_CLR_FD) = 0
[pid 5142] close(4) = 0
[pid 5142] exit_group(0) = ?
[pid 5142] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./38/binderfs") = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./38/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./38") = 0
mkdir("./39", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5144
./strace-static-x86_64: Process 5144 attached
[pid 5144] chdir("./39") = 0
[pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5144] setpgid(0, 0) = 0
[pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[ 57.375596][ T5142] loop0: detected capacity change from 0 to 512
[ 57.385789][ T5142] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.396461][ T5142] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.405948][ T5142] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5144] write(3, "1000", 4) = 4
[pid 5144] close(3) = 0
[pid 5144] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5144] memfd_create("syzkaller", 0) = 3
[pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5144] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5144] munmap(0x7fc573dd4000, 262144) = 0
[pid 5144] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5144] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5144] close(3) = 0
[pid 5144] mkdir("./file0", 0777) = 0
[pid 5144] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5144] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5144] chdir("./file0") = 0
[pid 5144] ioctl(4, LOOP_CLR_FD) = 0
[pid 5144] close(4) = 0
[pid 5144] exit_group(0) = ?
[pid 5144] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./39/binderfs") = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./39/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./39") = 0
[ 57.460910][ T5144] loop0: detected capacity change from 0 to 512
[ 57.465872][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 57.477552][ T5144] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.489127][ T5144] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.499244][ T5144] EXT4-fs (loop0): 1 truncate cleaned up
mkdir("./40", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5146
./strace-static-x86_64: Process 5146 attached
[pid 5146] chdir("./40") = 0
[pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5146] setpgid(0, 0) = 0
[pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5146] write(3, "1000", 4) = 4
[pid 5146] close(3) = 0
[pid 5146] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5146] memfd_create("syzkaller", 0) = 3
[pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5146] munmap(0x7fc573dd4000, 262144) = 0
[pid 5146] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5146] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5146] close(3) = 0
[pid 5146] mkdir("./file0", 0777) = 0
[pid 5146] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5146] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5146] chdir("./file0") = 0
[pid 5146] ioctl(4, LOOP_CLR_FD) = 0
[pid 5146] close(4) = 0
[pid 5146] exit_group(0) = ?
[pid 5146] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./40/binderfs") = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./40/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./40") = 0
mkdir("./41", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5148
./strace-static-x86_64: Process 5148 attached
[pid 5148] chdir("./41") = 0
[pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5148] setpgid(0, 0) = 0
[pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5148] write(3, "1000", 4) = 4
[pid 5148] close(3) = 0
[pid 5148] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5148] memfd_create("syzkaller", 0) = 3
[pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[ 57.568156][ T5146] loop0: detected capacity change from 0 to 512
[ 57.579304][ T5146] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.589779][ T5146] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.599179][ T5146] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5148] munmap(0x7fc573dd4000, 262144) = 0
[pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5148] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5148] close(3) = 0
[pid 5148] mkdir("./file0", 0777) = 0
[pid 5148] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5148] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5148] chdir("./file0") = 0
[pid 5148] ioctl(4, LOOP_CLR_FD) = 0
[pid 5148] close(4) = 0
[pid 5148] exit_group(0) = ?
[pid 5148] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./41/binderfs") = 0
[ 57.650940][ T5148] loop0: detected capacity change from 0 to 512
[ 57.655675][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 57.669403][ T5148] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.680506][ T5148] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.690227][ T5148] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./41/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./41") = 0
mkdir("./42", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5150
./strace-static-x86_64: Process 5150 attached
[pid 5150] chdir("./42") = 0
[pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5150] setpgid(0, 0) = 0
[pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5150] write(3, "1000", 4) = 4
[pid 5150] close(3) = 0
[pid 5150] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5150] memfd_create("syzkaller", 0) = 3
[pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5150] munmap(0x7fc573dd4000, 262144) = 0
[pid 5150] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5150] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5150] close(3) = 0
[pid 5150] mkdir("./file0", 0777) = 0
[pid 5150] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5150] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5150] chdir("./file0") = 0
[pid 5150] ioctl(4, LOOP_CLR_FD) = 0
[pid 5150] close(4) = 0
[pid 5150] exit_group(0) = ?
[pid 5150] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./42/binderfs") = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./42/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./42/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./42") = 0
mkdir("./43", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 57.770239][ T5150] loop0: detected capacity change from 0 to 512
[ 57.780214][ T5150] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.790236][ T5150] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.799778][ T5150] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5152
./strace-static-x86_64: Process 5152 attached
[pid 5152] chdir("./43") = 0
[pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5152] setpgid(0, 0) = 0
[pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5152] write(3, "1000", 4) = 4
[pid 5152] close(3) = 0
[pid 5152] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5152] memfd_create("syzkaller", 0) = 3
[pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5152] munmap(0x7fc573dd4000, 262144) = 0
[pid 5152] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5152] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5152] close(3) = 0
[pid 5152] mkdir("./file0", 0777) = 0
[pid 5152] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5152] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5152] chdir("./file0") = 0
[pid 5152] ioctl(4, LOOP_CLR_FD) = 0
[pid 5152] close(4) = 0
[pid 5152] exit_group(0) = ?
[pid 5152] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./43/binderfs") = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./43/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./43") = 0
mkdir("./44", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5154
./strace-static-x86_64: Process 5154 attached
[pid 5154] chdir("./44") = 0
[pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5154] setpgid(0, 0) = 0
[ 57.867393][ T5152] loop0: detected capacity change from 0 to 512
[ 57.876429][ T5152] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.886949][ T5152] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.896532][ T5152] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5154] write(3, "1000", 4) = 4
[pid 5154] close(3) = 0
[pid 5154] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5154] memfd_create("syzkaller", 0) = 3
[pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5154] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5154] munmap(0x7fc573dd4000, 262144) = 0
[pid 5154] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5154] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5154] close(3) = 0
[pid 5154] mkdir("./file0", 0777) = 0
[pid 5154] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5154] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5154] chdir("./file0") = 0
[pid 5154] ioctl(4, LOOP_CLR_FD) = 0
[pid 5154] close(4) = 0
[pid 5154] exit_group(0) = ?
[pid 5154] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./44/binderfs") = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./44/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./44") = 0
mkdir("./45", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5156
./strace-static-x86_64: Process 5156 attached
[pid 5156] chdir("./45") = 0
[pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5156] setpgid(0, 0) = 0
[pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[ 57.963149][ T5154] loop0: detected capacity change from 0 to 512
[ 57.974431][ T5154] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 57.985432][ T5154] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 57.994776][ T5154] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5156] write(3, "1000", 4) = 4
[pid 5156] close(3) = 0
[pid 5156] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5156] memfd_create("syzkaller", 0) = 3
[pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5156] munmap(0x7fc573dd4000, 262144) = 0
[pid 5156] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5156] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5156] close(3) = 0
[pid 5156] mkdir("./file0", 0777) = 0
[pid 5156] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5156] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5156] chdir("./file0") = 0
[pid 5156] ioctl(4, LOOP_CLR_FD) = 0
[pid 5156] close(4) = 0
[pid 5156] exit_group(0) = ?
[pid 5156] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./45/binderfs") = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./45/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./45") = 0
mkdir("./46", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5158
./strace-static-x86_64: Process 5158 attached
[pid 5158] chdir("./46") = 0
[pid 5158] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5158] setpgid(0, 0) = 0
[pid 5158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5158] write(3, "1000", 4) = 4
[pid 5158] close(3) = 0
[pid 5158] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5158] memfd_create("syzkaller", 0) = 3
[pid 5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5158] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5158] munmap(0x7fc573dd4000, 262144) = 0
[pid 5158] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 58.063245][ T5156] loop0: detected capacity change from 0 to 512
[ 58.073333][ T5156] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.083778][ T5156] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.093516][ T5156] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5158] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5158] close(3) = 0
[pid 5158] mkdir("./file0", 0777) = 0
[pid 5158] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5158] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5158] chdir("./file0") = 0
[pid 5158] ioctl(4, LOOP_CLR_FD) = 0
[pid 5158] close(4) = 0
[pid 5158] exit_group(0) = ?
[pid 5158] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5158, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./46/binderfs") = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./46/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./46") = 0
mkdir("./47", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5160
./strace-static-x86_64: Process 5160 attached
[pid 5160] chdir("./47") = 0
[pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5160] setpgid(0, 0) = 0
[pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[ 58.144700][ T5158] loop0: detected capacity change from 0 to 512
[ 58.154200][ T5158] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.165157][ T5158] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.174888][ T5158] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5160] write(3, "1000", 4) = 4
[pid 5160] close(3) = 0
[pid 5160] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5160] memfd_create("syzkaller", 0) = 3
[pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5160] munmap(0x7fc573dd4000, 262144) = 0
[pid 5160] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5160] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5160] close(3) = 0
[pid 5160] mkdir("./file0", 0777) = 0
[pid 5160] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5160] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5160] chdir("./file0") = 0
[pid 5160] ioctl(4, LOOP_CLR_FD) = 0
[pid 5160] close(4) = 0
[pid 5160] exit_group(0) = ?
[pid 5160] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./47/binderfs") = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./47/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./47/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./47") = 0
mkdir("./48", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5162
./strace-static-x86_64: Process 5162 attached
[pid 5162] chdir("./48") = 0
[pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5162] setpgid(0, 0) = 0
[pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5162] write(3, "1000", 4) = 4
[pid 5162] close(3) = 0
[pid 5162] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5162] memfd_create("syzkaller", 0) = 3
[pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[ 58.238239][ T5160] loop0: detected capacity change from 0 to 512
[ 58.247458][ T5160] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.258255][ T5160] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.267866][ T5160] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5162] munmap(0x7fc573dd4000, 262144) = 0
[pid 5162] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5162] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5162] close(3) = 0
[pid 5162] mkdir("./file0", 0777) = 0
[pid 5162] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5162] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5162] chdir("./file0") = 0
[pid 5162] ioctl(4, LOOP_CLR_FD) = 0
[pid 5162] close(4) = 0
[pid 5162] exit_group(0) = ?
[pid 5162] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5162, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./48/binderfs") = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./48/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./48/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./48") = 0
mkdir("./49", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5164
./strace-static-x86_64: Process 5164 attached
[pid 5164] chdir("./49") = 0
[pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5164] setpgid(0, 0) = 0
[pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5164] write(3, "1000", 4) = 4
[pid 5164] close(3) = 0
[pid 5164] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5164] memfd_create("syzkaller", 0) = 3
[pid 5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[ 58.322491][ T5162] loop0: detected capacity change from 0 to 512
[ 58.325846][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 58.340595][ T5162] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.351227][ T5162] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.360553][ T5162] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5164] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5164] munmap(0x7fc573dd4000, 262144) = 0
[pid 5164] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5164] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5164] close(3) = 0
[pid 5164] mkdir("./file0", 0777) = 0
[pid 5164] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5164] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5164] chdir("./file0") = 0
[pid 5164] ioctl(4, LOOP_CLR_FD) = 0
[pid 5164] close(4) = 0
[pid 5164] exit_group(0) = ?
[pid 5164] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./49/binderfs") = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./49/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./49") = 0
mkdir("./50", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
[ 58.408742][ T5164] loop0: detected capacity change from 0 to 512
[ 58.412782][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 58.427969][ T5164] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.442223][ T5164] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.451628][ T5164] EXT4-fs (loop0): 1 truncate cleaned up
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5166
./strace-static-x86_64: Process 5166 attached
[pid 5166] chdir("./50") = 0
[pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5166] setpgid(0, 0) = 0
[pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5166] write(3, "1000", 4) = 4
[pid 5166] close(3) = 0
[pid 5166] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5166] memfd_create("syzkaller", 0) = 3
[pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5166] munmap(0x7fc573dd4000, 262144) = 0
[pid 5166] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5166] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5166] close(3) = 0
[pid 5166] mkdir("./file0", 0777) = 0
[pid 5166] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5166] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5166] chdir("./file0") = 0
[pid 5166] ioctl(4, LOOP_CLR_FD) = 0
[pid 5166] close(4) = 0
[pid 5166] exit_group(0) = ?
[pid 5166] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./50/binderfs") = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./50/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./50") = 0
mkdir("./51", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5168
./strace-static-x86_64: Process 5168 attached
[pid 5168] chdir("./51") = 0
[pid 5168] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5168] setpgid(0, 0) = 0
[pid 5168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5168] write(3, "1000", 4) = 4
[pid 5168] close(3) = 0
[pid 5168] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5168] memfd_create("syzkaller", 0) = 3
[pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[ 58.511553][ T5166] loop0: detected capacity change from 0 to 512
[ 58.515800][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 58.529177][ T5166] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.539244][ T5166] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.549051][ T5166] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5168] munmap(0x7fc573dd4000, 262144) = 0
[pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5168] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5168] close(3) = 0
[pid 5168] mkdir("./file0", 0777) = 0
[pid 5168] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5168] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5168] chdir("./file0") = 0
[pid 5168] ioctl(4, LOOP_CLR_FD) = 0
[pid 5168] close(4) = 0
[pid 5168] exit_group(0) = ?
[pid 5168] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5168, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./51/binderfs") = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./51/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./51") = 0
mkdir("./52", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5170
./strace-static-x86_64: Process 5170 attached
[pid 5170] chdir("./52") = 0
[pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5170] setpgid(0, 0) = 0
[ 58.600377][ T5168] loop0: detected capacity change from 0 to 512
[ 58.605069][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 58.618791][ T5168] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.629532][ T5168] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.639366][ T5168] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5170] write(3, "1000", 4) = 4
[pid 5170] close(3) = 0
[pid 5170] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5170] memfd_create("syzkaller", 0) = 3
[pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5170] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5170] munmap(0x7fc573dd4000, 262144) = 0
[pid 5170] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5170] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5170] close(3) = 0
[pid 5170] mkdir("./file0", 0777) = 0
[pid 5170] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5170] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5170] chdir("./file0") = 0
[pid 5170] ioctl(4, LOOP_CLR_FD) = 0
[pid 5170] close(4) = 0
[pid 5170] exit_group(0) = ?
[pid 5170] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5170, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./52/binderfs") = 0
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./52/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./52/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./52") = 0
mkdir("./53", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5172
./strace-static-x86_64: Process 5172 attached
[pid 5172] chdir("./53") = 0
[ 58.700941][ T5170] loop0: detected capacity change from 0 to 512
[ 58.711089][ T5170] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.721499][ T5170] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.730855][ T5170] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5172] setpgid(0, 0) = 0
[pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5172] write(3, "1000", 4) = 4
[pid 5172] close(3) = 0
[pid 5172] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5172] memfd_create("syzkaller", 0) = 3
[pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5172] munmap(0x7fc573dd4000, 262144) = 0
[pid 5172] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5172] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5172] close(3) = 0
[pid 5172] mkdir("./file0", 0777) = 0
[pid 5172] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5172] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5172] chdir("./file0") = 0
[pid 5172] ioctl(4, LOOP_CLR_FD) = 0
[pid 5172] close(4) = 0
[pid 5172] exit_group(0) = ?
[pid 5172] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./53/binderfs") = 0
[ 58.792639][ T5172] loop0: detected capacity change from 0 to 512
[ 58.796357][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 58.809954][ T5172] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.821372][ T5172] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.832097][ T5172] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./53/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./53") = 0
mkdir("./54", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5174
./strace-static-x86_64: Process 5174 attached
[pid 5174] chdir("./54") = 0
[pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5174] setpgid(0, 0) = 0
[pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5174] write(3, "1000", 4) = 4
[pid 5174] close(3) = 0
[pid 5174] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5174] memfd_create("syzkaller", 0) = 3
[pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5174] munmap(0x7fc573dd4000, 262144) = 0
[pid 5174] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5174] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5174] close(3) = 0
[pid 5174] mkdir("./file0", 0777) = 0
[pid 5174] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5174] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5174] chdir("./file0") = 0
[pid 5174] ioctl(4, LOOP_CLR_FD) = 0
[pid 5174] close(4) = 0
[pid 5174] exit_group(0) = ?
[pid 5174] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./54/binderfs") = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./54/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./54") = 0
mkdir("./55", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 58.914173][ T5174] loop0: detected capacity change from 0 to 512
[ 58.924556][ T5174] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 58.934898][ T5174] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 58.944200][ T5174] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5176
./strace-static-x86_64: Process 5176 attached
[pid 5176] chdir("./55") = 0
[pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5176] setpgid(0, 0) = 0
[pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5176] write(3, "1000", 4) = 4
[pid 5176] close(3) = 0
[pid 5176] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5176] memfd_create("syzkaller", 0) = 3
[pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5176] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5176] munmap(0x7fc573dd4000, 262144) = 0
[pid 5176] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5176] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5176] close(3) = 0
[pid 5176] mkdir("./file0", 0777) = 0
[pid 5176] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5176] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5176] chdir("./file0") = 0
[pid 5176] ioctl(4, LOOP_CLR_FD) = 0
[pid 5176] close(4) = 0
[pid 5176] exit_group(0) = ?
[pid 5176] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./55/binderfs") = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[ 59.012062][ T5176] loop0: detected capacity change from 0 to 512
[ 59.021873][ T5176] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.032058][ T5176] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.041864][ T5176] EXT4-fs (loop0): 1 truncate cleaned up
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./55/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./55") = 0
mkdir("./56", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5178
./strace-static-x86_64: Process 5178 attached
[pid 5178] chdir("./56") = 0
[pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5178] setpgid(0, 0) = 0
[pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5178] write(3, "1000", 4) = 4
[pid 5178] close(3) = 0
[pid 5178] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5178] memfd_create("syzkaller", 0) = 3
[pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5178] munmap(0x7fc573dd4000, 262144) = 0
[pid 5178] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5178] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5178] close(3) = 0
[pid 5178] mkdir("./file0", 0777) = 0
[ 59.113842][ T5178] loop0: detected capacity change from 0 to 512
[ 59.124568][ T5178] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 59.135389][ T5178] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 59.144772][ T5178]
[ 59.147089][ T5178] ======================================================
[ 59.154094][ T5178] WARNING: possible circular locking dependency detected
[ 59.161144][ T5178] 6.2.0-rc1-syzkaller #0 Not tainted
[ 59.166580][ T5178] ------------------------------------------------------
[ 59.173576][ T5178] syz-executor114/5178 is trying to acquire lock:
[ 59.179970][ T5178] ffff888075c4a268 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x51/0x570
[ 59.188852][ T5178]
[ 59.188852][ T5178] but task is already holding lock:
[ 59.196208][ T5178] ffff888073950c90 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0xf85/0x15d0
[ 59.205589][ T5178]
[ 59.205589][ T5178] which lock already depends on the new lock.
[ 59.205589][ T5178]
[ 59.215976][ T5178]
[ 59.215976][ T5178] the existing dependency chain (in reverse order) is:
[ 59.224970][ T5178]
[ 59.224970][ T5178] -> #2 (&ei->i_data_sem/2){++++}-{3:3}:
[ 59.232775][ T5178] down_read+0x9c/0x450
[ 59.237534][ T5178] ext4_map_blocks+0x267/0x18d0
[ 59.242892][ T5178] ext4_getblk+0x5f6/0x7a0
[ 59.247832][ T5178] ext4_bread+0x2e/0x190
[ 59.252583][ T5178] ext4_quota_write+0x218/0x620
[ 59.257944][ T5178] write_blk+0x12e/0x220
[ 59.263046][ T5178] get_free_dqblk+0x104/0x2f0
[ 59.268247][ T5178] do_insert_tree+0x3c5/0x12d0
[ 59.273525][ T5178] do_insert_tree+0x696/0x12d0
[ 59.278802][ T5178] qtree_write_dquot+0x3b4/0x570
[ 59.284253][ T5178] v2_write_dquot+0x120/0x250
[ 59.289443][ T5178] dquot_acquire+0x3d1/0x6c0
[ 59.294557][ T5178] ext4_acquire_dquot+0x2b1/0x3d0
[ 59.300090][ T5178] dqget+0x67d/0x1080
[ 59.304582][ T5178] __dquot_initialize+0x560/0xbe0
[ 59.310119][ T5178] ext4_process_orphan+0x47/0x410
[ 59.315650][ T5178] ext4_orphan_cleanup+0x6fb/0x10f0
[ 59.321355][ T5178] ext4_fill_super+0x9f20/0xb220
[ 59.326801][ T5178] get_tree_bdev+0x444/0x760
[ 59.331912][ T5178] vfs_get_tree+0x8d/0x2f0
[ 59.336838][ T5178] path_mount+0x132a/0x1e20
[ 59.341858][ T5178] __x64_sys_mount+0x283/0x300
[ 59.347139][ T5178] do_syscall_64+0x39/0xb0
[ 59.352329][ T5178] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 59.358731][ T5178]
[ 59.358731][ T5178] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}:
[ 59.366822][ T5178] down_read+0x9c/0x450
[ 59.371488][ T5178] v2_read_dquot+0x4d/0x120
[ 59.376504][ T5178] dquot_acquire+0x1b3/0x6c0
[ 59.381607][ T5178] ext4_acquire_dquot+0x2b1/0x3d0
[ 59.387229][ T5178] dqget+0x67d/0x1080
[ 59.391723][ T5178] __dquot_initialize+0x560/0xbe0
[ 59.397259][ T5178] ext4_process_orphan+0x47/0x410
[ 59.402788][ T5178] ext4_orphan_cleanup+0x6fb/0x10f0
[ 59.408667][ T5178] ext4_fill_super+0x9f20/0xb220
[ 59.414126][ T5178] get_tree_bdev+0x444/0x760
[ 59.419231][ T5178] vfs_get_tree+0x8d/0x2f0
[ 59.424157][ T5178] path_mount+0x132a/0x1e20
[ 59.429172][ T5178] __x64_sys_mount+0x283/0x300
[ 59.434452][ T5178] do_syscall_64+0x39/0xb0
[ 59.439383][ T5178] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 59.445789][ T5178]
[ 59.445789][ T5178] -> #0 (&dquot->dq_lock){+.+.}-{3:3}:
[ 59.453611][ T5178] __lock_acquire+0x2a43/0x56d0
[ 59.458973][ T5178] lock_acquire+0x1e3/0x630
[ 59.463981][ T5178] __mutex_lock+0x12f/0x1360
[ 59.469085][ T5178] dquot_commit+0x51/0x570
[ 59.474011][ T5178] ext4_write_dquot+0x25f/0x330
[ 59.479378][ T5178] ext4_mark_dquot_dirty+0x115/0x1b0
[ 59.485177][ T5178] __dquot_free_space+0x773/0xaf0
[ 59.490888][ T5178] ext4_free_blocks+0x11ca/0x2300
[ 59.496440][ T5178] ext4_ext_remove_space+0x203c/0x46e0
[ 59.502415][ T5178] ext4_ext_truncate+0x34b/0x400
[ 59.507866][ T5178] ext4_truncate+0xfea/0x15d0
[ 59.513057][ T5178] ext4_process_orphan+0x158/0x410
[ 59.518675][ T5178] ext4_orphan_cleanup+0x6fb/0x10f0
[ 59.524380][ T5178] ext4_fill_super+0x9f20/0xb220
[ 59.529834][ T5178] get_tree_bdev+0x444/0x760
[ 59.534934][ T5178] vfs_get_tree+0x8d/0x2f0
[ 59.539859][ T5178] path_mount+0x132a/0x1e20
[ 59.544945][ T5178] __x64_sys_mount+0x283/0x300
[ 59.550221][ T5178] do_syscall_64+0x39/0xb0
[ 59.555151][ T5178] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 59.561553][ T5178]
[ 59.561553][ T5178] other info that might help us debug this:
[ 59.561553][ T5178]
[ 59.571763][ T5178] Chain exists of:
[ 59.571763][ T5178] &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2
[ 59.571763][ T5178]
[ 59.585396][ T5178] Possible unsafe locking scenario:
[ 59.585396][ T5178]
[ 59.592829][ T5178] CPU0 CPU1
[ 59.598174][ T5178] ---- ----
[ 59.603519][ T5178] lock(&ei->i_data_sem/2);
[ 59.608187][ T5178] lock(&s->s_dquot.dqio_sem);
[ 59.615559][ T5178] lock(&ei->i_data_sem/2);
[ 59.622657][ T5178] lock(&dquot->dq_lock);
[ 59.627159][ T5178]
[ 59.627159][ T5178] *** DEADLOCK ***
[ 59.627159][ T5178]
[ 59.635284][ T5178] 4 locks held by syz-executor114/5178:
[ 59.640821][ T5178] #0: ffff88807c7240e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x22e/0xb60
[ 59.650929][ T5178] #1: ffff888073950e08 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_process_orphan+0x109/0x410
[ 59.661904][ T5178] #2: ffff888073950c90 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0xf85/0x15d0
[ 59.671660][ T5178] #3: ffffffff8c975f68 (dquot_srcu){....}-{0:0}, at: __dquot_free_space+0x1a8/0xaf0
[ 59.681134][ T5178]
[ 59.681134][ T5178] stack backtrace:
[ 59.687004][ T5178] CPU: 0 PID: 5178 Comm: syz-executor114 Not tainted 6.2.0-rc1-syzkaller #0
[ 59.695661][ T5178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 59.705700][ T5178] Call Trace:
[ 59.708966][ T5178]
[ 59.711890][ T5178] dump_stack_lvl+0xd1/0x138
[ 59.716479][ T5178] check_noncircular+0x25f/0x2e0
[ 59.721405][ T5178] ? print_circular_bug+0x1e0/0x1e0
[ 59.726588][ T5178] ? lock_chain_count+0x20/0x20
[ 59.731424][ T5178] ? __lockdep_reset_lock+0x1a0/0x1a0
[ 59.736801][ T5178] __lock_acquire+0x2a43/0x56d0
[ 59.741646][ T5178] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 59.747614][ T5178] ? check_path.constprop.0+0x24/0x50
[ 59.753000][ T5178] lock_acquire+0x1e3/0x630
[ 59.757490][ T5178] ? dquot_commit+0x51/0x570
[ 59.762071][ T5178] ? lock_release+0x810/0x810
[ 59.766736][ T5178] __mutex_lock+0x12f/0x1360
[ 59.771322][ T5178] ? dquot_commit+0x51/0x570
[ 59.775911][ T5178] ? dquot_commit+0x51/0x570
[ 59.780533][ T5178] ? lockdep_hardirqs_on_prepare+0x410/0x410
[ 59.786498][ T5178] ? mutex_lock_io_nested+0x11a0/0x11a0
[ 59.792131][ T5178] dquot_commit+0x51/0x570
[ 59.796545][ T5178] ? ext4_write_dquot+0x236/0x330
[ 59.801575][ T5178] ext4_write_dquot+0x25f/0x330
[ 59.806418][ T5178] ext4_mark_dquot_dirty+0x115/0x1b0
[ 59.811692][ T5178] __dquot_free_space+0x773/0xaf0
[ 59.816710][ T5178] ? dquot_reclaim_space_nodirty+0x6a0/0x6a0
[ 59.822701][ T5178] ? ext4_free_blocks+0x16d2/0x2300
[ 59.827886][ T5178] ? lock_downgrade+0x6e0/0x6e0
[ 59.832729][ T5178] ext4_free_blocks+0x11ca/0x2300
[ 59.837744][ T5178] ? ext4_mb_new_blocks+0x50f0/0x50f0
[ 59.843105][ T5178] ext4_ext_remove_space+0x203c/0x46e0
[ 59.848564][ T5178] ? ext4_ext_index_trans_blocks+0x160/0x160
[ 59.854538][ T5178] ? ext4_es_remove_extent+0x10a/0x510
[ 59.860080][ T5178] ? ext4_es_lookup_extent+0xe00/0xe00
[ 59.865533][ T5178] ? down_write+0x157/0x220
[ 59.870025][ T5178] ext4_ext_truncate+0x34b/0x400
[ 59.874956][ T5178] ext4_truncate+0xfea/0x15d0
[ 59.879626][ T5178] ? ext4_punch_hole+0x1260/0x1260
[ 59.884726][ T5178] ? down_write_killable+0x250/0x250
[ 59.889997][ T5178] ? __brelse+0x88/0xa0
[ 59.894146][ T5178] ext4_process_orphan+0x158/0x410
[ 59.899246][ T5178] ext4_orphan_cleanup+0x6fb/0x10f0
[ 59.904436][ T5178] ? ext4_process_orphan+0x410/0x410
[ 59.909711][ T5178] ext4_fill_super+0x9f20/0xb220
[ 59.915007][ T5178] ? ext4_reconfigure+0x2a50/0x2a50
[ 59.920200][ T5178] ? snprintf+0xbf/0x100
[ 59.924434][ T5178] ? vsprintf+0x30/0x30
[ 59.928582][ T5178] ? wait_for_completion_io_timeout+0x20/0x20
[ 59.934648][ T5178] get_tree_bdev+0x444/0x760
[ 59.939229][ T5178] ? ext4_reconfigure+0x2a50/0x2a50
[ 59.944418][ T5178] vfs_get_tree+0x8d/0x2f0
[ 59.948823][ T5178] path_mount+0x132a/0x1e20
[ 59.953317][ T5178] ? kmem_cache_free+0xee/0x5c0
[ 59.958153][ T5178] ? finish_automount+0x960/0x960
[ 59.963166][ T5178] ? putname+0x102/0x140
[ 59.967402][ T5178] __x64_sys_mount+0x283/0x300
[ 59.972154][ T5178] ? copy_mnt_ns+0xb30/0xb30
[ 59.976731][ T5178] ? lockdep_hardirqs_on+0x7d/0x100
[ 59.981918][ T5178] ? _raw_spin_unlock_irq+0x2e/0x50
[ 59.987102][ T5178] ? ptrace_notify+0xfe/0x140
[ 59.991768][ T5178] do_syscall_64+0x39/0xb0
[ 59.996174][ T5178] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 60.002052][ T5178] RIP: 0033:0x7fc57c222e4a
[ 60.006453][ T5178] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 60.026134][ T5178] RSP: 002b:00007ffdea9fe878 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 60.034533][ T5178] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fc57c222e4a
[ 60.042491][ T5178] RDX: 0000000020000040 RSI: 0000000020000500 RDI: 00007ffdea9fe880
[ 60.050447][ T5178] RBP: 00007ffdea9fe880 R08: 00007ffdea9fe8c0 R09: 00000000000004a5
[ 60.058406][ T5178] R10: 0000000000000047 R11: 0000000000000206 R12: 0000000000000004
[pid 5178] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5178] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5178] chdir("./file0") = 0
[pid 5178] ioctl(4, LOOP_CLR_FD) = 0
[pid 5178] close(4) = 0
[pid 5178] exit_group(0) = ?
[pid 5178] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5178, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./56/binderfs") = 0
[ 60.066360][ T5178] R13: 0000555556ae32c0 R14: 00007ffdea9fe8c0 R15: 0000000000000000
[ 60.074321][ T5178]
[ 60.078124][ T5178] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./56/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./56/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./56") = 0
mkdir("./57", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5180
./strace-static-x86_64: Process 5180 attached
[pid 5180] chdir("./57") = 0
[pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5180] setpgid(0, 0) = 0
[pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5180] write(3, "1000", 4) = 4
[pid 5180] close(3) = 0
[pid 5180] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5180] memfd_create("syzkaller", 0) = 3
[pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5180] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5180] munmap(0x7fc573dd4000, 262144) = 0
[pid 5180] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5180] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5180] close(3) = 0
[pid 5180] mkdir("./file0", 0777) = 0
[pid 5180] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5180] chdir("./file0") = 0
[pid 5180] ioctl(4, LOOP_CLR_FD) = 0
[pid 5180] close(4) = 0
[pid 5180] exit_group(0) = ?
[pid 5180] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5180, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./57/binderfs") = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./57/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./57/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./57") = 0
mkdir("./58", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5182
./strace-static-x86_64: Process 5182 attached
[pid 5182] chdir("./58") = 0
[pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5182] setpgid(0, 0) = 0
[pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5182] write(3, "1000", 4) = 4
[pid 5182] close(3) = 0
[pid 5182] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5182] memfd_create("syzkaller", 0) = 3
[pid 5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5182] munmap(0x7fc573dd4000, 262144) = 0
[pid 5182] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 60.156204][ T5180] loop0: detected capacity change from 0 to 512
[ 60.165026][ T5180] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.174760][ T5180] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.183332][ T5180] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5182] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5182] close(3) = 0
[pid 5182] mkdir("./file0", 0777) = 0
[pid 5182] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5182] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5182] chdir("./file0") = 0
[pid 5182] ioctl(4, LOOP_CLR_FD) = 0
[pid 5182] close(4) = 0
[pid 5182] exit_group(0) = ?
[pid 5182] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5182, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./58/binderfs") = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./58/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./58") = 0
mkdir("./59", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5184
./strace-static-x86_64: Process 5184 attached
[pid 5184] chdir("./59") = 0
[pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5184] setpgid(0, 0) = 0
[pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5184] write(3, "1000", 4) = 4
[pid 5184] close(3) = 0
[pid 5184] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5184] memfd_create("syzkaller", 0) = 3
[pid 5184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5184] munmap(0x7fc573dd4000, 262144) = 0
[pid 5184] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 60.218315][ T5182] loop0: detected capacity change from 0 to 512
[ 60.226624][ T5182] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.236208][ T5182] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.244869][ T5182] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5184] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5184] close(3) = 0
[pid 5184] mkdir("./file0", 0777) = 0
[pid 5184] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5184] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5184] chdir("./file0") = 0
[pid 5184] ioctl(4, LOOP_CLR_FD) = 0
[pid 5184] close(4) = 0
[pid 5184] exit_group(0) = ?
[pid 5184] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5184, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./59/binderfs") = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./59/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./59") = 0
mkdir("./60", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5186
./strace-static-x86_64: Process 5186 attached
[pid 5186] chdir("./60") = 0
[pid 5186] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5186] setpgid(0, 0) = 0
[pid 5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5186] write(3, "1000", 4) = 4
[pid 5186] close(3) = 0
[pid 5186] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5186] memfd_create("syzkaller", 0) = 3
[pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5186] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5186] munmap(0x7fc573dd4000, 262144) = 0
[pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 60.283653][ T5184] loop0: detected capacity change from 0 to 512
[ 60.292019][ T5184] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.301790][ T5184] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.310605][ T5184] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5186] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5186] close(3) = 0
[pid 5186] mkdir("./file0", 0777) = 0
[ 60.339841][ T5186] loop0: detected capacity change from 0 to 512
[ 60.346087][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 60.346145][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 60.365115][ T5065] Buffer I/O error on dev loop0, logical block 0, async page read
[ 60.373878][ T5186] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.383595][ T5186] EXT4-fs (loop0): orphan cleanup on readonly fs
[pid 5186] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5186] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5186] chdir("./file0") = 0
[pid 5186] ioctl(4, LOOP_CLR_FD) = 0
[pid 5186] close(4) = 0
[pid 5186] exit_group(0) = ?
[pid 5186] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5186, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./60/binderfs") = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./60/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./60/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./60") = 0
mkdir("./61", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5188
./strace-static-x86_64: Process 5188 attached
[pid 5188] chdir("./61") = 0
[pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5188] setpgid(0, 0) = 0
[pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5188] write(3, "1000", 4) = 4
[pid 5188] close(3) = 0
[pid 5188] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5188] memfd_create("syzkaller", 0) = 3
[pid 5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5188] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5188] munmap(0x7fc573dd4000, 262144) = 0
[pid 5188] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 60.392075][ T5186] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5188] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5188] close(3) = 0
[pid 5188] mkdir("./file0", 0777) = 0
[pid 5188] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5188] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5188] chdir("./file0") = 0
[pid 5188] ioctl(4, LOOP_CLR_FD) = 0
[pid 5188] close(4) = 0
[pid 5188] exit_group(0) = ?
[pid 5188] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5188, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./61/binderfs") = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./61/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./61") = 0
mkdir("./62", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5190
./strace-static-x86_64: Process 5190 attached
[pid 5190] chdir("./62") = 0
[pid 5190] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5190] setpgid(0, 0) = 0
[pid 5190] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5190] write(3, "1000", 4) = 4
[pid 5190] close(3) = 0
[pid 5190] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5190] memfd_create("syzkaller", 0) = 3
[pid 5190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5190] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5190] munmap(0x7fc573dd4000, 262144) = 0
[pid 5190] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 60.433266][ T5188] loop0: detected capacity change from 0 to 512
[ 60.441672][ T5188] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.451475][ T5188] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.459770][ T5188] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5190] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5190] close(3) = 0
[pid 5190] mkdir("./file0", 0777) = 0
[pid 5190] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5190] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5190] chdir("./file0") = 0
[pid 5190] ioctl(4, LOOP_CLR_FD) = 0
[pid 5190] close(4) = 0
[pid 5190] exit_group(0) = ?
[pid 5190] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5190, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./62/binderfs") = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./62/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./62") = 0
mkdir("./63", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5192
./strace-static-x86_64: Process 5192 attached
[pid 5192] chdir("./63") = 0
[pid 5192] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5192] setpgid(0, 0) = 0
[pid 5192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5192] write(3, "1000", 4) = 4
[pid 5192] close(3) = 0
[pid 5192] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5192] memfd_create("syzkaller", 0) = 3
[pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5192] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[ 60.499555][ T5190] loop0: detected capacity change from 0 to 512
[ 60.507694][ T5190] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.518014][ T5190] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.526332][ T5190] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5192] munmap(0x7fc573dd4000, 262144) = 0
[pid 5192] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5192] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5192] close(3) = 0
[pid 5192] mkdir("./file0", 0777) = 0
[pid 5192] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5192] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5192] chdir("./file0") = 0
[pid 5192] ioctl(4, LOOP_CLR_FD) = 0
[pid 5192] close(4) = 0
[pid 5192] exit_group(0) = ?
[pid 5192] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5192, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./63/binderfs") = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./63/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
[ 60.582440][ T5192] loop0: detected capacity change from 0 to 512
[ 60.591661][ T5192] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.601850][ T5192] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.610320][ T5192] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
rmdir("./63") = 0
mkdir("./64", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5194 attached
[pid 5194] chdir("./64") = 0
[pid 5194] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5194] setpgid(0, 0) = 0
[pid 5194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5194] write(3, "1000", 4) = 4
[pid 5194] close(3) = 0
[pid 5194] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5194] memfd_create("syzkaller", 0) = 3
[pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5063] <... clone resumed>, child_tidptr=0x555556ae35d0) = 5194
[pid 5194] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5194] munmap(0x7fc573dd4000, 262144) = 0
[pid 5194] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5194] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5194] close(3) = 0
[pid 5194] mkdir("./file0", 0777) = 0
[pid 5194] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5194] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5194] chdir("./file0") = 0
[pid 5194] ioctl(4, LOOP_CLR_FD) = 0
[pid 5194] close(4) = 0
[pid 5194] exit_group(0) = ?
[pid 5194] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5194, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./64/binderfs") = 0
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./64/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./64") = 0
mkdir("./65", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5196
./strace-static-x86_64: Process 5196 attached
[pid 5196] chdir("./65") = 0
[pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5196] setpgid(0, 0) = 0
[pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5196] write(3, "1000", 4) = 4
[pid 5196] close(3) = 0
[pid 5196] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5196] memfd_create("syzkaller", 0) = 3
[pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5196] munmap(0x7fc573dd4000, 262144) = 0
[pid 5196] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 60.678430][ T5194] loop0: detected capacity change from 0 to 512
[ 60.686756][ T5194] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.696503][ T5194] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.705026][ T5194] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5196] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5196] close(3) = 0
[pid 5196] mkdir("./file0", 0777) = 0
[pid 5196] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5196] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5196] chdir("./file0") = 0
[pid 5196] ioctl(4, LOOP_CLR_FD) = 0
[pid 5196] close(4) = 0
[pid 5196] exit_group(0) = ?
[pid 5196] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5196, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./65/binderfs") = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./65/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./65") = 0
mkdir("./66", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5198
./strace-static-x86_64: Process 5198 attached
[pid 5198] chdir("./66") = 0
[pid 5198] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5198] setpgid(0, 0) = 0
[pid 5198] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5198] write(3, "1000", 4) = 4
[pid 5198] close(3) = 0
[pid 5198] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5198] memfd_create("syzkaller", 0) = 3
[pid 5198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5198] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5198] munmap(0x7fc573dd4000, 262144) = 0
[pid 5198] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 60.750530][ T5196] loop0: detected capacity change from 0 to 512
[ 60.759309][ T5196] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.768956][ T5196] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.777767][ T5196] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5198] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5198] close(3) = 0
[pid 5198] mkdir("./file0", 0777) = 0
[pid 5198] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5198] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5198] chdir("./file0") = 0
[pid 5198] ioctl(4, LOOP_CLR_FD) = 0
[pid 5198] close(4) = 0
[pid 5198] exit_group(0) = ?
[pid 5198] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5198, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./66/binderfs") = 0
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./66/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./66") = 0
mkdir("./67", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5200
./strace-static-x86_64: Process 5200 attached
[pid 5200] chdir("./67") = 0
[pid 5200] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5200] setpgid(0, 0) = 0
[pid 5200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5200] write(3, "1000", 4) = 4
[pid 5200] close(3) = 0
[pid 5200] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5200] memfd_create("syzkaller", 0) = 3
[pid 5200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5200] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5200] munmap(0x7fc573dd4000, 262144) = 0
[pid 5200] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 60.816641][ T5198] loop0: detected capacity change from 0 to 512
[ 60.824951][ T5198] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.834638][ T5198] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.843158][ T5198] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5200] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5200] close(3) = 0
[pid 5200] mkdir("./file0", 0777) = 0
[pid 5200] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5200] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5200] chdir("./file0") = 0
[pid 5200] ioctl(4, LOOP_CLR_FD) = 0
[pid 5200] close(4) = 0
[pid 5200] exit_group(0) = ?
[pid 5200] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5200, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./67/binderfs") = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./67/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./67") = 0
mkdir("./68", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5202
./strace-static-x86_64: Process 5202 attached
[pid 5202] chdir("./68") = 0
[pid 5202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5202] setpgid(0, 0) = 0
[pid 5202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5202] write(3, "1000", 4) = 4
[pid 5202] close(3) = 0
[pid 5202] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5202] memfd_create("syzkaller", 0) = 3
[pid 5202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5202] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5202] munmap(0x7fc573dd4000, 262144) = 0
[pid 5202] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 60.890731][ T5200] loop0: detected capacity change from 0 to 512
[ 60.899090][ T5200] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.908961][ T5200] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.917345][ T5200] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5202] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5202] close(3) = 0
[pid 5202] mkdir("./file0", 0777) = 0
[pid 5202] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5202] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5202] chdir("./file0") = 0
[pid 5202] ioctl(4, LOOP_CLR_FD) = 0
[pid 5202] close(4) = 0
[pid 5202] exit_group(0) = ?
[pid 5202] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5202, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./68/binderfs") = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./68/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./68") = 0
mkdir("./69", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5204
./strace-static-x86_64: Process 5204 attached
[pid 5204] chdir("./69") = 0
[pid 5204] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5204] setpgid(0, 0) = 0
[pid 5204] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5204] write(3, "1000", 4) = 4
[pid 5204] close(3) = 0
[pid 5204] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5204] memfd_create("syzkaller", 0) = 3
[pid 5204] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5204] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5204] munmap(0x7fc573dd4000, 262144) = 0
[pid 5204] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 60.956085][ T5202] loop0: detected capacity change from 0 to 512
[ 60.957351][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 60.973179][ T5202] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 60.983211][ T5202] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 60.992099][ T5202] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5204] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5204] close(3) = 0
[pid 5204] mkdir("./file0", 0777) = 0
[pid 5204] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5204] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5204] chdir("./file0") = 0
[pid 5204] ioctl(4, LOOP_CLR_FD) = 0
[pid 5204] close(4) = 0
[pid 5204] exit_group(0) = ?
[pid 5204] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5204, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./69/binderfs") = 0
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./69/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./69") = 0
mkdir("./70", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
[ 61.035267][ T5204] loop0: detected capacity change from 0 to 512
[ 61.043645][ T5204] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.053272][ T5204] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.061808][ T5204] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5206
./strace-static-x86_64: Process 5206 attached
[pid 5206] chdir("./70") = 0
[pid 5206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5206] setpgid(0, 0) = 0
[pid 5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5206] write(3, "1000", 4) = 4
[pid 5206] close(3) = 0
[pid 5206] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5206] memfd_create("syzkaller", 0) = 3
[pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5206] munmap(0x7fc573dd4000, 262144) = 0
[pid 5206] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5206] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5206] close(3) = 0
[pid 5206] mkdir("./file0", 0777) = 0
[pid 5206] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5206] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5206] chdir("./file0") = 0
[pid 5206] ioctl(4, LOOP_CLR_FD) = 0
[pid 5206] close(4) = 0
[pid 5206] exit_group(0) = ?
[pid 5206] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5206, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./70/binderfs") = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./70/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./70") = 0
mkdir("./71", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5208
./strace-static-x86_64: Process 5208 attached
[pid 5208] chdir("./71") = 0
[pid 5208] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5208] setpgid(0, 0) = 0
[pid 5208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5208] write(3, "1000", 4) = 4
[pid 5208] close(3) = 0
[pid 5208] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5208] memfd_create("syzkaller", 0) = 3
[pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5208] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5208] munmap(0x7fc573dd4000, 262144) = 0
[pid 5208] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.120470][ T5206] loop0: detected capacity change from 0 to 512
[ 61.129276][ T5206] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.139451][ T5206] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.147949][ T5206] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5208] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5208] close(3) = 0
[pid 5208] mkdir("./file0", 0777) = 0
[pid 5208] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5208] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5208] chdir("./file0") = 0
[pid 5208] ioctl(4, LOOP_CLR_FD) = 0
[pid 5208] close(4) = 0
[pid 5208] exit_group(0) = ?
[pid 5208] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5208, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./71/binderfs") = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./71/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./71") = 0
mkdir("./72", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5210 attached
, child_tidptr=0x555556ae35d0) = 5210
[pid 5210] chdir("./72") = 0
[pid 5210] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5210] setpgid(0, 0) = 0
[pid 5210] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5210] write(3, "1000", 4) = 4
[pid 5210] close(3) = 0
[pid 5210] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5210] memfd_create("syzkaller", 0) = 3
[pid 5210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5210] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5210] munmap(0x7fc573dd4000, 262144) = 0
[pid 5210] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.188619][ T5208] loop0: detected capacity change from 0 to 512
[ 61.199444][ T5208] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.209683][ T5208] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.218501][ T5208] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5210] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5210] close(3) = 0
[pid 5210] mkdir("./file0", 0777) = 0
[pid 5210] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5210] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5210] chdir("./file0") = 0
[pid 5210] ioctl(4, LOOP_CLR_FD) = 0
[pid 5210] close(4) = 0
[pid 5210] exit_group(0) = ?
[pid 5210] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5210, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./72/binderfs") = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./72/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./72") = 0
mkdir("./73", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5212
./strace-static-x86_64: Process 5212 attached
[pid 5212] chdir("./73") = 0
[pid 5212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5212] setpgid(0, 0) = 0
[pid 5212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5212] write(3, "1000", 4) = 4
[pid 5212] close(3) = 0
[pid 5212] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5212] memfd_create("syzkaller", 0) = 3
[pid 5212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5212] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5212] munmap(0x7fc573dd4000, 262144) = 0
[pid 5212] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.261256][ T5210] loop0: detected capacity change from 0 to 512
[ 61.270268][ T5210] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.279886][ T5210] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.288709][ T5210] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5212] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5212] close(3) = 0
[pid 5212] mkdir("./file0", 0777) = 0
[pid 5212] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5212] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5212] chdir("./file0") = 0
[pid 5212] ioctl(4, LOOP_CLR_FD) = 0
[pid 5212] close(4) = 0
[pid 5212] exit_group(0) = ?
[pid 5212] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5212, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./73/binderfs") = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./73/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./73") = 0
mkdir("./74", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5214
./strace-static-x86_64: Process 5214 attached
[pid 5214] chdir("./74") = 0
[pid 5214] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5214] setpgid(0, 0) = 0
[pid 5214] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5214] write(3, "1000", 4) = 4
[pid 5214] close(3) = 0
[pid 5214] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5214] memfd_create("syzkaller", 0) = 3
[pid 5214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5214] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5214] munmap(0x7fc573dd4000, 262144) = 0
[pid 5214] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.330323][ T5212] loop0: detected capacity change from 0 to 512
[ 61.339099][ T5212] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.349295][ T5212] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.358222][ T5212] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5214] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5214] close(3) = 0
[pid 5214] mkdir("./file0", 0777) = 0
[pid 5214] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5214] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5214] chdir("./file0") = 0
[pid 5214] ioctl(4, LOOP_CLR_FD) = 0
[pid 5214] close(4) = 0
[pid 5214] exit_group(0) = ?
[pid 5214] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5214, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./74/binderfs") = 0
umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./74/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./74") = 0
mkdir("./75", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5216
./strace-static-x86_64: Process 5216 attached
[pid 5216] chdir("./75") = 0
[pid 5216] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5216] setpgid(0, 0) = 0
[pid 5216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5216] write(3, "1000", 4) = 4
[pid 5216] close(3) = 0
[pid 5216] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5216] memfd_create("syzkaller", 0) = 3
[pid 5216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5216] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5216] munmap(0x7fc573dd4000, 262144) = 0
[pid 5216] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.404272][ T5214] loop0: detected capacity change from 0 to 512
[ 61.412655][ T5214] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.422596][ T5214] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.431286][ T5214] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5216] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5216] close(3) = 0
[pid 5216] mkdir("./file0", 0777) = 0
[pid 5216] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5216] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5216] chdir("./file0") = 0
[pid 5216] ioctl(4, LOOP_CLR_FD) = 0
[pid 5216] close(4) = 0
[pid 5216] exit_group(0) = ?
[pid 5216] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5216, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./75/binderfs") = 0
umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./75/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./75") = 0
mkdir("./76", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5218
./strace-static-x86_64: Process 5218 attached
[pid 5218] chdir("./76") = 0
[pid 5218] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5218] setpgid(0, 0) = 0
[pid 5218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5218] write(3, "1000", 4) = 4
[pid 5218] close(3) = 0
[pid 5218] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5218] memfd_create("syzkaller", 0) = 3
[pid 5218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5218] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5218] munmap(0x7fc573dd4000, 262144) = 0
[pid 5218] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.470567][ T5216] loop0: detected capacity change from 0 to 512
[ 61.479811][ T5216] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.489580][ T5216] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.497975][ T5216] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5218] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5218] close(3) = 0
[pid 5218] mkdir("./file0", 0777) = 0
[pid 5218] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5218] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5218] chdir("./file0") = 0
[pid 5218] ioctl(4, LOOP_CLR_FD) = 0
[pid 5218] close(4) = 0
[pid 5218] exit_group(0) = ?
[pid 5218] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5218, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./76/binderfs") = 0
umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./76/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./76") = 0
mkdir("./77", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5220
./strace-static-x86_64: Process 5220 attached
[pid 5220] chdir("./77") = 0
[pid 5220] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5220] setpgid(0, 0) = 0
[pid 5220] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5220] write(3, "1000", 4) = 4
[pid 5220] close(3) = 0
[pid 5220] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5220] memfd_create("syzkaller", 0) = 3
[pid 5220] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[ 61.535054][ T5218] loop0: detected capacity change from 0 to 512
[ 61.543808][ T5218] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.554064][ T5218] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.562518][ T5218] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5220] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5220] munmap(0x7fc573dd4000, 262144) = 0
[pid 5220] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5220] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5220] close(3) = 0
[pid 5220] mkdir("./file0", 0777) = 0
[pid 5220] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5220] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5220] chdir("./file0") = 0
[pid 5220] ioctl(4, LOOP_CLR_FD) = 0
[pid 5220] close(4) = 0
[pid 5220] exit_group(0) = ?
[pid 5220] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5220, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./77/binderfs") = 0
umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./77/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./77") = 0
mkdir("./78", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5222
./strace-static-x86_64: Process 5222 attached
[pid 5222] chdir("./78") = 0
[pid 5222] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5222] setpgid(0, 0) = 0
[pid 5222] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5222] write(3, "1000", 4) = 4
[pid 5222] close(3) = 0
[pid 5222] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5222] memfd_create("syzkaller", 0) = 3
[pid 5222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5222] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5222] munmap(0x7fc573dd4000, 262144) = 0
[pid 5222] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.619939][ T5220] loop0: detected capacity change from 0 to 512
[ 61.629142][ T5220] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.639198][ T5220] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.647812][ T5220] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5222] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5222] close(3) = 0
[pid 5222] mkdir("./file0", 0777) = 0
[pid 5222] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5222] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5222] chdir("./file0") = 0
[pid 5222] ioctl(4, LOOP_CLR_FD) = 0
[pid 5222] close(4) = 0
[pid 5222] exit_group(0) = ?
[pid 5222] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5222, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./78/binderfs") = 0
umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./78/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./78/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./78") = 0
mkdir("./79", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5225
./strace-static-x86_64: Process 5225 attached
[pid 5225] chdir("./79") = 0
[pid 5225] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5225] setpgid(0, 0) = 0
[pid 5225] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5225] write(3, "1000", 4) = 4
[pid 5225] close(3) = 0
[pid 5225] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5225] memfd_create("syzkaller", 0) = 3
[pid 5225] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5225] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5225] munmap(0x7fc573dd4000, 262144) = 0
[pid 5225] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.691908][ T5222] loop0: detected capacity change from 0 to 512
[ 61.700609][ T5222] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.710612][ T5222] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.719124][ T5222] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5225] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5225] close(3) = 0
[pid 5225] mkdir("./file0", 0777) = 0
[pid 5225] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5225] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5225] chdir("./file0") = 0
[pid 5225] ioctl(4, LOOP_CLR_FD) = 0
[pid 5225] close(4) = 0
[pid 5225] exit_group(0) = ?
[pid 5225] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5225, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./79/binderfs") = 0
umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./79/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./79") = 0
mkdir("./80", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5227
./strace-static-x86_64: Process 5227 attached
[pid 5227] chdir("./80") = 0
[pid 5227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5227] setpgid(0, 0) = 0
[pid 5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5227] write(3, "1000", 4) = 4
[pid 5227] close(3) = 0
[pid 5227] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5227] memfd_create("syzkaller", 0) = 3
[pid 5227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5227] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5227] munmap(0x7fc573dd4000, 262144) = 0
[pid 5227] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 61.757346][ T5225] loop0: detected capacity change from 0 to 512
[ 61.765666][ T5225] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.775281][ T5225] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.784061][ T5225] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5227] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5227] close(3) = 0
[pid 5227] mkdir("./file0", 0777) = 0
[pid 5227] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5227] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5227] chdir("./file0") = 0
[pid 5227] ioctl(4, LOOP_CLR_FD) = 0
[pid 5227] close(4) = 0
[pid 5227] exit_group(0) = ?
[pid 5227] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5227, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./80/binderfs") = 0
umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./80/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
[ 61.832816][ T5227] loop0: detected capacity change from 0 to 512
[ 61.841785][ T5227] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.851823][ T5227] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.860150][ T5227] EXT4-fs (loop0): 1 truncate cleaned up
close(3) = 0
rmdir("./80") = 0
mkdir("./81", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5229 attached
, child_tidptr=0x555556ae35d0) = 5229
[pid 5229] chdir("./81") = 0
[pid 5229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5229] setpgid(0, 0) = 0
[pid 5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5229] write(3, "1000", 4) = 4
[pid 5229] close(3) = 0
[pid 5229] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5229] memfd_create("syzkaller", 0) = 3
[pid 5229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5229] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5229] munmap(0x7fc573dd4000, 262144) = 0
[pid 5229] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5229] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5229] close(3) = 0
[pid 5229] mkdir("./file0", 0777) = 0
[pid 5229] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5229] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5229] chdir("./file0") = 0
[pid 5229] ioctl(4, LOOP_CLR_FD) = 0
[pid 5229] close(4) = 0
[pid 5229] exit_group(0) = ?
[pid 5229] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5229, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./81/binderfs") = 0
umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./81/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./81") = 0
mkdir("./82", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5231
./strace-static-x86_64: Process 5231 attached
[ 61.933806][ T5229] loop0: detected capacity change from 0 to 512
[ 61.942464][ T5229] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 61.952007][ T5229] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 61.960315][ T5229] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5231] chdir("./82") = 0
[pid 5231] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5231] setpgid(0, 0) = 0
[pid 5231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5231] write(3, "1000", 4) = 4
[pid 5231] close(3) = 0
[pid 5231] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5231] memfd_create("syzkaller", 0) = 3
[pid 5231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5231] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5231] munmap(0x7fc573dd4000, 262144) = 0
[pid 5231] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5231] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5231] close(3) = 0
[pid 5231] mkdir("./file0", 0777) = 0
[pid 5231] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5231] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5231] chdir("./file0") = 0
[pid 5231] ioctl(4, LOOP_CLR_FD) = 0
[pid 5231] close(4) = 0
[pid 5231] exit_group(0) = ?
[pid 5231] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5231, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./82/binderfs") = 0
umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./82/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./82") = 0
mkdir("./83", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5233
./strace-static-x86_64: Process 5233 attached
[pid 5233] chdir("./83") = 0
[pid 5233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5233] setpgid(0, 0) = 0
[pid 5233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5233] write(3, "1000", 4) = 4
[pid 5233] close(3) = 0
[pid 5233] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5233] memfd_create("syzkaller", 0) = 3
[pid 5233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5233] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5233] munmap(0x7fc573dd4000, 262144) = 0
[pid 5233] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.024458][ T5231] loop0: detected capacity change from 0 to 512
[ 62.032756][ T5231] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.042521][ T5231] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.050976][ T5231] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5233] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5233] close(3) = 0
[pid 5233] mkdir("./file0", 0777) = 0
[pid 5233] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5233] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5233] chdir("./file0") = 0
[pid 5233] ioctl(4, LOOP_CLR_FD) = 0
[pid 5233] close(4) = 0
[pid 5233] exit_group(0) = ?
[pid 5233] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5233, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./83/binderfs") = 0
umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
[ 62.082513][ T5233] loop0: detected capacity change from 0 to 512
[ 62.090430][ T5233] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.100963][ T5233] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.109627][ T5233] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./83/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./83") = 0
mkdir("./84", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5235 attached
, child_tidptr=0x555556ae35d0) = 5235
[pid 5235] chdir("./84") = 0
[pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5235] setpgid(0, 0) = 0
[pid 5235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5235] write(3, "1000", 4) = 4
[pid 5235] close(3) = 0
[pid 5235] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5235] memfd_create("syzkaller", 0) = 3
[pid 5235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5235] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5235] munmap(0x7fc573dd4000, 262144) = 0
[pid 5235] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5235] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5235] close(3) = 0
[pid 5235] mkdir("./file0", 0777) = 0
[pid 5235] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5235] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5235] chdir("./file0") = 0
[pid 5235] ioctl(4, LOOP_CLR_FD) = 0
[pid 5235] close(4) = 0
[pid 5235] exit_group(0) = ?
[pid 5235] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5235, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./84/binderfs") = 0
umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./84/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./84") = 0
mkdir("./85", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5237 attached
[pid 5237] chdir("./85") = 0
[pid 5237] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5237] setpgid(0, 0) = 0
[pid 5237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5237] write(3, "1000", 4) = 4
[pid 5237] close(3) = 0
[pid 5237] symlink("/dev/binderfs", "./binderfs"
[pid 5063] <... clone resumed>, child_tidptr=0x555556ae35d0) = 5237
[pid 5237] <... symlink resumed>) = 0
[pid 5237] memfd_create("syzkaller", 0) = 3
[pid 5237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5237] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5237] munmap(0x7fc573dd4000, 262144) = 0
[pid 5237] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.185018][ T5235] loop0: detected capacity change from 0 to 512
[ 62.193875][ T5235] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.203534][ T5235] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.212235][ T5235] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5237] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5237] close(3) = 0
[pid 5237] mkdir("./file0", 0777) = 0
[pid 5237] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5237] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5237] chdir("./file0") = 0
[pid 5237] ioctl(4, LOOP_CLR_FD) = 0
[pid 5237] close(4) = 0
[pid 5237] exit_group(0) = ?
[pid 5237] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5237, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./85/binderfs") = 0
umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./85/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./85") = 0
mkdir("./86", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5239
./strace-static-x86_64: Process 5239 attached
[pid 5239] chdir("./86") = 0
[pid 5239] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5239] setpgid(0, 0) = 0
[pid 5239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5239] write(3, "1000", 4) = 4
[pid 5239] close(3) = 0
[pid 5239] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5239] memfd_create("syzkaller", 0) = 3
[pid 5239] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5239] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5239] munmap(0x7fc573dd4000, 262144) = 0
[pid 5239] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.263108][ T5237] loop0: detected capacity change from 0 to 512
[ 62.272777][ T5237] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.282559][ T5237] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.291175][ T5237] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5239] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5239] close(3) = 0
[pid 5239] mkdir("./file0", 0777) = 0
[pid 5239] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5239] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5239] chdir("./file0") = 0
[pid 5239] ioctl(4, LOOP_CLR_FD) = 0
[pid 5239] close(4) = 0
[pid 5239] exit_group(0) = ?
[pid 5239] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5239, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./86/binderfs") = 0
umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./86/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./86") = 0
mkdir("./87", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5241
./strace-static-x86_64: Process 5241 attached
[pid 5241] chdir("./87") = 0
[pid 5241] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5241] setpgid(0, 0) = 0
[pid 5241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5241] write(3, "1000", 4) = 4
[pid 5241] close(3) = 0
[pid 5241] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5241] memfd_create("syzkaller", 0) = 3
[pid 5241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5241] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5241] munmap(0x7fc573dd4000, 262144) = 0
[pid 5241] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.335446][ T5239] loop0: detected capacity change from 0 to 512
[ 62.344064][ T5239] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.354224][ T5239] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.363029][ T5239] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5241] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5241] close(3) = 0
[pid 5241] mkdir("./file0", 0777) = 0
[pid 5241] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5241] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5241] chdir("./file0") = 0
[pid 5241] ioctl(4, LOOP_CLR_FD) = 0
[pid 5241] close(4) = 0
[pid 5241] exit_group(0) = ?
[pid 5241] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5241, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./87/binderfs") = 0
umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./87/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./87") = 0
mkdir("./88", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5243 attached
, child_tidptr=0x555556ae35d0) = 5243
[pid 5243] chdir("./88") = 0
[pid 5243] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5243] setpgid(0, 0) = 0
[pid 5243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5243] write(3, "1000", 4) = 4
[pid 5243] close(3) = 0
[pid 5243] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5243] memfd_create("syzkaller", 0) = 3
[pid 5243] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5243] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5243] munmap(0x7fc573dd4000, 262144) = 0
[pid 5243] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.399113][ T5241] loop0: detected capacity change from 0 to 512
[ 62.408397][ T5241] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.418710][ T5241] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.427211][ T5241] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5243] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5243] close(3) = 0
[pid 5243] mkdir("./file0", 0777) = 0
[pid 5243] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5243] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5243] chdir("./file0") = 0
[pid 5243] ioctl(4, LOOP_CLR_FD) = 0
[pid 5243] close(4) = 0
[pid 5243] exit_group(0) = ?
[pid 5243] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5243, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./88/binderfs") = 0
umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./88/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./88") = 0
mkdir("./89", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5245
./strace-static-x86_64: Process 5245 attached
[pid 5245] chdir("./89") = 0
[pid 5245] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5245] setpgid(0, 0) = 0
[pid 5245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5245] write(3, "1000", 4) = 4
[pid 5245] close(3) = 0
[pid 5245] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5245] memfd_create("syzkaller", 0) = 3
[pid 5245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5245] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5245] munmap(0x7fc573dd4000, 262144) = 0
[pid 5245] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.474053][ T5243] loop0: detected capacity change from 0 to 512
[ 62.483384][ T5243] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.493267][ T5243] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.501520][ T5243] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5245] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5245] close(3) = 0
[pid 5245] mkdir("./file0", 0777) = 0
[pid 5245] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5245] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5245] chdir("./file0") = 0
[pid 5245] ioctl(4, LOOP_CLR_FD) = 0
[pid 5245] close(4) = 0
[pid 5245] exit_group(0) = ?
[pid 5245] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5245, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./89/binderfs") = 0
umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./89/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./89") = 0
mkdir("./90", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5247
./strace-static-x86_64: Process 5247 attached
[pid 5247] chdir("./90") = 0
[pid 5247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5247] setpgid(0, 0) = 0
[pid 5247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5247] write(3, "1000", 4) = 4
[pid 5247] close(3) = 0
[pid 5247] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5247] memfd_create("syzkaller", 0) = 3
[pid 5247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[ 62.554288][ T5245] loop0: detected capacity change from 0 to 512
[ 62.562813][ T5245] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.572460][ T5245] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.580809][ T5245] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5247] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5247] munmap(0x7fc573dd4000, 262144) = 0
[pid 5247] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5247] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5247] close(3) = 0
[pid 5247] mkdir("./file0", 0777) = 0
[pid 5247] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5247] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5247] chdir("./file0") = 0
[pid 5247] ioctl(4, LOOP_CLR_FD) = 0
[pid 5247] close(4) = 0
[pid 5247] exit_group(0) = ?
[pid 5247] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5247, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./90/binderfs") = 0
umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./90/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./90") = 0
mkdir("./91", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5249
./strace-static-x86_64: Process 5249 attached
[pid 5249] chdir("./91") = 0
[pid 5249] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5249] setpgid(0, 0) = 0
[pid 5249] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5249] write(3, "1000", 4) = 4
[pid 5249] close(3) = 0
[pid 5249] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5249] memfd_create("syzkaller", 0) = 3
[pid 5249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5249] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5249] munmap(0x7fc573dd4000, 262144) = 0
[pid 5249] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.639426][ T5247] loop0: detected capacity change from 0 to 512
[ 62.647681][ T5247] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.657278][ T5247] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.665763][ T5247] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5249] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5249] close(3) = 0
[pid 5249] mkdir("./file0", 0777) = 0
[pid 5249] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5249] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5249] chdir("./file0") = 0
[pid 5249] ioctl(4, LOOP_CLR_FD) = 0
[pid 5249] close(4) = 0
[pid 5249] exit_group(0) = ?
[pid 5249] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5249, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./91/binderfs") = 0
umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./91/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./91") = 0
mkdir("./92", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5251
./strace-static-x86_64: Process 5251 attached
[pid 5251] chdir("./92") = 0
[pid 5251] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5251] setpgid(0, 0) = 0
[pid 5251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5251] write(3, "1000", 4) = 4
[pid 5251] close(3) = 0
[pid 5251] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5251] memfd_create("syzkaller", 0) = 3
[pid 5251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5251] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5251] munmap(0x7fc573dd4000, 262144) = 0
[pid 5251] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.705399][ T5249] loop0: detected capacity change from 0 to 512
[ 62.714168][ T5249] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.723700][ T5249] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.732351][ T5249] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5251] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5251] close(3) = 0
[pid 5251] mkdir("./file0", 0777) = 0
[pid 5251] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5251] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5251] chdir("./file0") = 0
[pid 5251] ioctl(4, LOOP_CLR_FD) = 0
[pid 5251] close(4) = 0
[pid 5251] exit_group(0) = ?
[pid 5251] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5251, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./92/binderfs") = 0
umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./92/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./92") = 0
mkdir("./93", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5253
./strace-static-x86_64: Process 5253 attached
[pid 5253] chdir("./93") = 0
[pid 5253] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5253] setpgid(0, 0) = 0
[pid 5253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5253] write(3, "1000", 4) = 4
[pid 5253] close(3) = 0
[pid 5253] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5253] memfd_create("syzkaller", 0) = 3
[pid 5253] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5253] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5253] munmap(0x7fc573dd4000, 262144) = 0
[pid 5253] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.770574][ T5251] loop0: detected capacity change from 0 to 512
[ 62.779442][ T5251] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.789792][ T5251] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.798258][ T5251] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5253] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5253] close(3) = 0
[pid 5253] mkdir("./file0", 0777) = 0
[pid 5253] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5253] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5253] chdir("./file0") = 0
[pid 5253] ioctl(4, LOOP_CLR_FD) = 0
[pid 5253] close(4) = 0
[pid 5253] exit_group(0) = ?
[pid 5253] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5253, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./93/binderfs") = 0
umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./93/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./93") = 0
mkdir("./94", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5255
./strace-static-x86_64: Process 5255 attached
[pid 5255] chdir("./94") = 0
[pid 5255] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5255] setpgid(0, 0) = 0
[pid 5255] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5255] write(3, "1000", 4) = 4
[pid 5255] close(3) = 0
[pid 5255] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5255] memfd_create("syzkaller", 0) = 3
[pid 5255] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5255] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5255] munmap(0x7fc573dd4000, 262144) = 0
[pid 5255] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.837702][ T5253] loop0: detected capacity change from 0 to 512
[ 62.845777][ T5253] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.855819][ T5253] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.864343][ T5253] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5255] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5255] close(3) = 0
[pid 5255] mkdir("./file0", 0777) = 0
[pid 5255] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5255] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5255] chdir("./file0") = 0
[pid 5255] ioctl(4, LOOP_CLR_FD) = 0
[pid 5255] close(4) = 0
[pid 5255] exit_group(0) = ?
[pid 5255] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5255, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./94/binderfs") = 0
umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./94/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./94") = 0
mkdir("./95", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5257
./strace-static-x86_64: Process 5257 attached
[pid 5257] chdir("./95") = 0
[pid 5257] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5257] setpgid(0, 0) = 0
[pid 5257] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5257] write(3, "1000", 4) = 4
[pid 5257] close(3) = 0
[pid 5257] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5257] memfd_create("syzkaller", 0) = 3
[pid 5257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5257] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5257] munmap(0x7fc573dd4000, 262144) = 0
[pid 5257] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.894937][ T5255] loop0: detected capacity change from 0 to 512
[ 62.899470][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 62.911641][ T5255] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.921417][ T5255] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 62.929885][ T5255] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5257] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5257] close(3) = 0
[pid 5257] mkdir("./file0", 0777) = 0
[pid 5257] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5257] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5257] chdir("./file0") = 0
[pid 5257] ioctl(4, LOOP_CLR_FD) = 0
[pid 5257] close(4) = 0
[pid 5257] exit_group(0) = ?
[pid 5257] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5257, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./95/binderfs") = 0
umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./95/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./95") = 0
mkdir("./96", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5259
./strace-static-x86_64: Process 5259 attached
[pid 5259] chdir("./96") = 0
[pid 5259] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5259] setpgid(0, 0) = 0
[pid 5259] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5259] write(3, "1000", 4) = 4
[pid 5259] close(3) = 0
[pid 5259] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5259] memfd_create("syzkaller", 0) = 3
[pid 5259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5259] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5259] munmap(0x7fc573dd4000, 262144) = 0
[pid 5259] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 62.976292][ T5257] loop0: detected capacity change from 0 to 512
[ 62.984947][ T5257] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 62.994829][ T5257] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.003148][ T5257] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5259] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5259] close(3) = 0
[pid 5259] mkdir("./file0", 0777) = 0
[pid 5259] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5259] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5259] chdir("./file0") = 0
[pid 5259] ioctl(4, LOOP_CLR_FD) = 0
[pid 5259] close(4) = 0
[pid 5259] exit_group(0) = ?
[pid 5259] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5259, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./96/binderfs") = 0
umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./96/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./96") = 0
mkdir("./97", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5261
./strace-static-x86_64: Process 5261 attached
[pid 5261] chdir("./97") = 0
[pid 5261] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5261] setpgid(0, 0) = 0
[pid 5261] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5261] write(3, "1000", 4) = 4
[pid 5261] close(3) = 0
[pid 5261] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5261] memfd_create("syzkaller", 0) = 3
[pid 5261] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5261] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5261] munmap(0x7fc573dd4000, 262144) = 0
[pid 5261] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.040100][ T5259] loop0: detected capacity change from 0 to 512
[ 63.049639][ T5259] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.060038][ T5259] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.069099][ T5259] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5261] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5261] close(3) = 0
[pid 5261] mkdir("./file0", 0777) = 0
[pid 5261] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5261] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5261] chdir("./file0") = 0
[pid 5261] ioctl(4, LOOP_CLR_FD) = 0
[pid 5261] close(4) = 0
[pid 5261] exit_group(0) = ?
[pid 5261] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5261, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./97/binderfs") = 0
umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./97/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./97") = 0
mkdir("./98", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5263
./strace-static-x86_64: Process 5263 attached
[pid 5263] chdir("./98") = 0
[pid 5263] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5263] setpgid(0, 0) = 0
[pid 5263] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5263] write(3, "1000", 4) = 4
[pid 5263] close(3) = 0
[pid 5263] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5263] memfd_create("syzkaller", 0) = 3
[pid 5263] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5263] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5263] munmap(0x7fc573dd4000, 262144) = 0
[pid 5263] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.109605][ T5261] loop0: detected capacity change from 0 to 512
[ 63.118507][ T5261] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.128249][ T5261] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.136454][ T5261] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5263] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5263] close(3) = 0
[pid 5263] mkdir("./file0", 0777) = 0
[pid 5263] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5263] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5263] chdir("./file0") = 0
[pid 5263] ioctl(4, LOOP_CLR_FD) = 0
[pid 5263] close(4) = 0
[pid 5263] exit_group(0) = ?
[pid 5263] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5263, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./98/binderfs") = 0
umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
[ 63.174209][ T5263] loop0: detected capacity change from 0 to 512
[ 63.183021][ T5263] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.192797][ T5263] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.201256][ T5263] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./98/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./98") = 0
mkdir("./99", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5265 attached
, child_tidptr=0x555556ae35d0) = 5265
[pid 5265] chdir("./99") = 0
[pid 5265] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5265] setpgid(0, 0) = 0
[pid 5265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5265] write(3, "1000", 4) = 4
[pid 5265] close(3) = 0
[pid 5265] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5265] memfd_create("syzkaller", 0) = 3
[pid 5265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5265] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5265] munmap(0x7fc573dd4000, 262144) = 0
[pid 5265] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5265] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5265] close(3) = 0
[pid 5265] mkdir("./file0", 0777) = 0
[pid 5265] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5265] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5265] chdir("./file0") = 0
[pid 5265] ioctl(4, LOOP_CLR_FD) = 0
[pid 5265] close(4) = 0
[pid 5265] exit_group(0) = ?
[pid 5265] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5265, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./99/binderfs") = 0
umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./99/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./99") = 0
mkdir("./100", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5267
./strace-static-x86_64: Process 5267 attached
[pid 5267] chdir("./100") = 0
[pid 5267] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5267] setpgid(0, 0) = 0
[pid 5267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5267] write(3, "1000", 4) = 4
[pid 5267] close(3) = 0
[pid 5267] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5267] memfd_create("syzkaller", 0) = 3
[pid 5267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5267] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5267] munmap(0x7fc573dd4000, 262144) = 0
[pid 5267] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.274117][ T5265] loop0: detected capacity change from 0 to 512
[ 63.284417][ T5265] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.294749][ T5265] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.303080][ T5265] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5267] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5267] close(3) = 0
[pid 5267] mkdir("./file0", 0777) = 0
[pid 5267] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5267] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5267] chdir("./file0") = 0
[pid 5267] ioctl(4, LOOP_CLR_FD) = 0
[pid 5267] close(4) = 0
[pid 5267] exit_group(0) = ?
[pid 5267] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5267, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./100/binderfs") = 0
umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./100/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./100") = 0
mkdir("./101", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5269
./strace-static-x86_64: Process 5269 attached
[pid 5269] chdir("./101") = 0
[pid 5269] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5269] setpgid(0, 0) = 0
[pid 5269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5269] write(3, "1000", 4) = 4
[pid 5269] close(3) = 0
[pid 5269] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5269] memfd_create("syzkaller", 0) = 3
[pid 5269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5269] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[ 63.338170][ T5267] loop0: detected capacity change from 0 to 512
[ 63.346198][ T5267] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.356066][ T5267] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.364331][ T5267] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5269] munmap(0x7fc573dd4000, 262144) = 0
[pid 5269] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5269] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5269] close(3) = 0
[pid 5269] mkdir("./file0", 0777) = 0
[pid 5269] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5269] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5269] chdir("./file0") = 0
[pid 5269] ioctl(4, LOOP_CLR_FD) = 0
[pid 5269] close(4) = 0
[pid 5269] exit_group(0) = ?
[pid 5269] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5269, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./101/binderfs") = 0
umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
[ 63.421430][ T5269] loop0: detected capacity change from 0 to 512
[ 63.430864][ T5269] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.440637][ T5269] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.449324][ T5269] EXT4-fs (loop0): 1 truncate cleaned up
close(4) = 0
rmdir("./101/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./101") = 0
mkdir("./102", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5271
./strace-static-x86_64: Process 5271 attached
[pid 5271] chdir("./102") = 0
[pid 5271] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5271] setpgid(0, 0) = 0
[pid 5271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5271] write(3, "1000", 4) = 4
[pid 5271] close(3) = 0
[pid 5271] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5271] memfd_create("syzkaller", 0) = 3
[pid 5271] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5271] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5271] munmap(0x7fc573dd4000, 262144) = 0
[pid 5271] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5271] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5271] close(3) = 0
[pid 5271] mkdir("./file0", 0777) = 0
[pid 5271] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5271] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5271] chdir("./file0") = 0
[pid 5271] ioctl(4, LOOP_CLR_FD) = 0
[pid 5271] close(4) = 0
[pid 5271] exit_group(0) = ?
[pid 5271] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5271, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./102/binderfs") = 0
umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./102/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./102/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./102") = 0
mkdir("./103", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5273 attached
, child_tidptr=0x555556ae35d0) = 5273
[pid 5273] chdir("./103") = 0
[pid 5273] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5273] setpgid(0, 0) = 0
[pid 5273] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5273] write(3, "1000", 4) = 4
[pid 5273] close(3) = 0
[pid 5273] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5273] memfd_create("syzkaller", 0) = 3
[pid 5273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[ 63.522704][ T5271] loop0: detected capacity change from 0 to 512
[ 63.531641][ T5271] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.541583][ T5271] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.550183][ T5271] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5273] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5273] munmap(0x7fc573dd4000, 262144) = 0
[pid 5273] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5273] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5273] close(3) = 0
[pid 5273] mkdir("./file0", 0777) = 0
[pid 5273] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5273] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5273] chdir("./file0") = 0
[pid 5273] ioctl(4, LOOP_CLR_FD) = 0
[pid 5273] close(4) = 0
[pid 5273] exit_group(0) = ?
[pid 5273] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5273, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./103/binderfs") = 0
umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./103/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./103") = 0
mkdir("./104", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5275
./strace-static-x86_64: Process 5275 attached
[pid 5275] chdir("./104") = 0
[pid 5275] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5275] setpgid(0, 0) = 0
[pid 5275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5275] write(3, "1000", 4) = 4
[pid 5275] close(3) = 0
[pid 5275] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5275] memfd_create("syzkaller", 0) = 3
[pid 5275] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5275] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5275] munmap(0x7fc573dd4000, 262144) = 0
[pid 5275] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.606581][ T5273] loop0: detected capacity change from 0 to 512
[ 63.615919][ T5273] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.625541][ T5273] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.634268][ T5273] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5275] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5275] close(3) = 0
[pid 5275] mkdir("./file0", 0777) = 0
[pid 5275] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5275] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5275] chdir("./file0") = 0
[pid 5275] ioctl(4, LOOP_CLR_FD) = 0
[pid 5275] close(4) = 0
[pid 5275] exit_group(0) = ?
[pid 5275] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5275, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./104/binderfs") = 0
umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./104/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./104/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./104") = 0
mkdir("./105", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5277
./strace-static-x86_64: Process 5277 attached
[pid 5277] chdir("./105") = 0
[pid 5277] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5277] setpgid(0, 0) = 0
[pid 5277] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5277] write(3, "1000", 4) = 4
[pid 5277] close(3) = 0
[pid 5277] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5277] memfd_create("syzkaller", 0) = 3
[pid 5277] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5277] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5277] munmap(0x7fc573dd4000, 262144) = 0
[pid 5277] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.675996][ T5275] loop0: detected capacity change from 0 to 512
[ 63.684841][ T5275] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.694653][ T5275] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.703213][ T5275] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5277] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5277] close(3) = 0
[pid 5277] mkdir("./file0", 0777) = 0
[pid 5277] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5277] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5277] chdir("./file0") = 0
[pid 5277] ioctl(4, LOOP_CLR_FD) = 0
[pid 5277] close(4) = 0
[pid 5277] exit_group(0) = ?
[pid 5277] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5277, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./105/binderfs") = 0
umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./105/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./105/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./105") = 0
mkdir("./106", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5279
./strace-static-x86_64: Process 5279 attached
[pid 5279] chdir("./106") = 0
[pid 5279] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5279] setpgid(0, 0) = 0
[pid 5279] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5279] write(3, "1000", 4) = 4
[pid 5279] close(3) = 0
[pid 5279] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5279] memfd_create("syzkaller", 0) = 3
[pid 5279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5279] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5279] munmap(0x7fc573dd4000, 262144) = 0
[pid 5279] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.737864][ T5277] loop0: detected capacity change from 0 to 512
[ 63.745858][ T5277] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.755403][ T5277] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.764122][ T5277] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5279] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5279] close(3) = 0
[pid 5279] mkdir("./file0", 0777) = 0
[pid 5279] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5279] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5279] chdir("./file0") = 0
[pid 5279] ioctl(4, LOOP_CLR_FD) = 0
[pid 5279] close(4) = 0
[pid 5279] exit_group(0) = ?
[pid 5279] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5279, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./106/binderfs") = 0
umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
[ 63.802035][ T5279] loop0: detected capacity change from 0 to 512
[ 63.811499][ T5279] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.821373][ T5279] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.829651][ T5279] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./106/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./106") = 0
mkdir("./107", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5281
./strace-static-x86_64: Process 5281 attached
[pid 5281] chdir("./107") = 0
[pid 5281] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5281] setpgid(0, 0) = 0
[pid 5281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5281] write(3, "1000", 4) = 4
[pid 5281] close(3) = 0
[pid 5281] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5281] memfd_create("syzkaller", 0) = 3
[pid 5281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5281] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5281] munmap(0x7fc573dd4000, 262144) = 0
[pid 5281] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5281] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5281] close(3) = 0
[pid 5281] mkdir("./file0", 0777) = 0
[pid 5281] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5281] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5281] chdir("./file0") = 0
[pid 5281] ioctl(4, LOOP_CLR_FD) = 0
[pid 5281] close(4) = 0
[pid 5281] exit_group(0) = ?
[pid 5281] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5281, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./107/binderfs") = 0
umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./107/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./107") = 0
mkdir("./108", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5283
./strace-static-x86_64: Process 5283 attached
[pid 5283] chdir("./108") = 0
[pid 5283] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5283] setpgid(0, 0) = 0
[pid 5283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5283] write(3, "1000", 4) = 4
[pid 5283] close(3) = 0
[pid 5283] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5283] memfd_create("syzkaller", 0) = 3
[pid 5283] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5283] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5283] munmap(0x7fc573dd4000, 262144) = 0
[pid 5283] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.904081][ T5281] loop0: detected capacity change from 0 to 512
[ 63.912920][ T5281] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.922762][ T5281] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 63.931280][ T5281] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5283] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5283] close(3) = 0
[pid 5283] mkdir("./file0", 0777) = 0
[pid 5283] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5283] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5283] chdir("./file0") = 0
[pid 5283] ioctl(4, LOOP_CLR_FD) = 0
[pid 5283] close(4) = 0
[pid 5283] exit_group(0) = ?
[pid 5283] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5283, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./108/binderfs") = 0
umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./108/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./108") = 0
mkdir("./109", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5285
./strace-static-x86_64: Process 5285 attached
[pid 5285] chdir("./109") = 0
[pid 5285] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5285] setpgid(0, 0) = 0
[pid 5285] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5285] write(3, "1000", 4) = 4
[pid 5285] close(3) = 0
[pid 5285] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5285] memfd_create("syzkaller", 0) = 3
[pid 5285] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5285] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5285] munmap(0x7fc573dd4000, 262144) = 0
[pid 5285] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 63.975589][ T5283] loop0: detected capacity change from 0 to 512
[ 63.983931][ T5283] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 63.994009][ T5283] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.002207][ T5283] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5285] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5285] close(3) = 0
[pid 5285] mkdir("./file0", 0777) = 0
[pid 5285] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5285] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5285] chdir("./file0") = 0
[pid 5285] ioctl(4, LOOP_CLR_FD) = 0
[pid 5285] close(4) = 0
[pid 5285] exit_group(0) = ?
[pid 5285] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5285, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./109/binderfs") = 0
umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./109/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./109") = 0
mkdir("./110", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5287
./strace-static-x86_64: Process 5287 attached
[pid 5287] chdir("./110") = 0
[pid 5287] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5287] setpgid(0, 0) = 0
[pid 5287] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5287] write(3, "1000", 4) = 4
[pid 5287] close(3) = 0
[pid 5287] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5287] memfd_create("syzkaller", 0) = 3
[pid 5287] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5287] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5287] munmap(0x7fc573dd4000, 262144) = 0
[pid 5287] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.044308][ T5285] loop0: detected capacity change from 0 to 512
[ 64.052938][ T5285] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.062588][ T5285] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.071065][ T5285] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5287] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5287] close(3) = 0
[pid 5287] mkdir("./file0", 0777) = 0
[pid 5287] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5287] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5287] chdir("./file0") = 0
[pid 5287] ioctl(4, LOOP_CLR_FD) = 0
[pid 5287] close(4) = 0
[pid 5287] exit_group(0) = ?
[pid 5287] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5287, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./110/binderfs") = 0
umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./110/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./110") = 0
mkdir("./111", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5289
./strace-static-x86_64: Process 5289 attached
[pid 5289] chdir("./111") = 0
[pid 5289] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5289] setpgid(0, 0) = 0
[pid 5289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5289] write(3, "1000", 4) = 4
[pid 5289] close(3) = 0
[pid 5289] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5289] memfd_create("syzkaller", 0) = 3
[pid 5289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5289] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5289] munmap(0x7fc573dd4000, 262144) = 0
[pid 5289] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.125368][ T5287] loop0: detected capacity change from 0 to 512
[ 64.133761][ T5287] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.143415][ T5287] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.151944][ T5287] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5289] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5289] close(3) = 0
[pid 5289] mkdir("./file0", 0777) = 0
[pid 5289] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5289] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5289] chdir("./file0") = 0
[pid 5289] ioctl(4, LOOP_CLR_FD) = 0
[pid 5289] close(4) = 0
[pid 5289] exit_group(0) = ?
[pid 5289] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5289, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./111/binderfs") = 0
umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./111/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./111") = 0
mkdir("./112", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5291
./strace-static-x86_64: Process 5291 attached
[pid 5291] chdir("./112") = 0
[pid 5291] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5291] setpgid(0, 0) = 0
[pid 5291] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5291] write(3, "1000", 4) = 4
[pid 5291] close(3) = 0
[pid 5291] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5291] memfd_create("syzkaller", 0) = 3
[pid 5291] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5291] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5291] munmap(0x7fc573dd4000, 262144) = 0
[pid 5291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.193639][ T5289] loop0: detected capacity change from 0 to 512
[ 64.202398][ T5289] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.212569][ T5289] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.221493][ T5289] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5291] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5291] close(3) = 0
[pid 5291] mkdir("./file0", 0777) = 0
[pid 5291] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5291] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5291] chdir("./file0") = 0
[pid 5291] ioctl(4, LOOP_CLR_FD) = 0
[pid 5291] close(4) = 0
[pid 5291] exit_group(0) = ?
[pid 5291] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5291, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./112/binderfs") = 0
umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./112/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./112/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./112") = 0
mkdir("./113", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5293
./strace-static-x86_64: Process 5293 attached
[pid 5293] chdir("./113") = 0
[pid 5293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5293] setpgid(0, 0) = 0
[pid 5293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5293] write(3, "1000", 4) = 4
[pid 5293] close(3) = 0
[pid 5293] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5293] memfd_create("syzkaller", 0) = 3
[pid 5293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5293] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5293] munmap(0x7fc573dd4000, 262144) = 0
[pid 5293] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.262004][ T5291] loop0: detected capacity change from 0 to 512
[ 64.270753][ T5291] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.280501][ T5291] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.289346][ T5291] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5293] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5293] close(3) = 0
[pid 5293] mkdir("./file0", 0777) = 0
[pid 5293] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5293] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5293] chdir("./file0") = 0
[pid 5293] ioctl(4, LOOP_CLR_FD) = 0
[pid 5293] close(4) = 0
[pid 5293] exit_group(0) = ?
[pid 5293] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5293, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./113/binderfs") = 0
umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./113/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./113") = 0
mkdir("./114", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5295
./strace-static-x86_64: Process 5295 attached
[pid 5295] chdir("./114") = 0
[pid 5295] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5295] setpgid(0, 0) = 0
[pid 5295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5295] write(3, "1000", 4) = 4
[pid 5295] close(3) = 0
[pid 5295] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5295] memfd_create("syzkaller", 0) = 3
[pid 5295] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5295] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5295] munmap(0x7fc573dd4000, 262144) = 0
[pid 5295] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.327651][ T5293] loop0: detected capacity change from 0 to 512
[ 64.336331][ T5293] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.346305][ T5293] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.354892][ T5293] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5295] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5295] close(3) = 0
[pid 5295] mkdir("./file0", 0777) = 0
[pid 5295] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5295] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5295] chdir("./file0") = 0
[pid 5295] ioctl(4, LOOP_CLR_FD) = 0
[pid 5295] close(4) = 0
[pid 5295] exit_group(0) = ?
[pid 5295] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5295, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./114/binderfs") = 0
umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./114/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./114") = 0
mkdir("./115", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5297 attached
, child_tidptr=0x555556ae35d0) = 5297
[pid 5297] chdir("./115") = 0
[pid 5297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5297] setpgid(0, 0) = 0
[pid 5297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5297] write(3, "1000", 4) = 4
[pid 5297] close(3) = 0
[pid 5297] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5297] memfd_create("syzkaller", 0) = 3
[pid 5297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5297] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5297] munmap(0x7fc573dd4000, 262144) = 0
[pid 5297] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.389545][ T5295] loop0: detected capacity change from 0 to 512
[ 64.390280][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 64.406574][ T5295] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.416169][ T5295] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.424701][ T5295] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5297] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5297] close(3) = 0
[pid 5297] mkdir("./file0", 0777) = 0
[pid 5297] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5297] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5297] chdir("./file0") = 0
[pid 5297] ioctl(4, LOOP_CLR_FD) = 0
[pid 5297] close(4) = 0
[pid 5297] exit_group(0) = ?
[pid 5297] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5297, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./115/binderfs") = 0
umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./115/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./115") = 0
mkdir("./116", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5299
./strace-static-x86_64: Process 5299 attached
[pid 5299] chdir("./116") = 0
[pid 5299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5299] setpgid(0, 0) = 0
[pid 5299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5299] write(3, "1000", 4) = 4
[pid 5299] close(3) = 0
[pid 5299] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5299] memfd_create("syzkaller", 0) = 3
[pid 5299] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5299] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5299] munmap(0x7fc573dd4000, 262144) = 0
[pid 5299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.468857][ T5297] loop0: detected capacity change from 0 to 512
[ 64.478165][ T5297] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.488226][ T5297] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.496538][ T5297] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5299] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5299] close(3) = 0
[pid 5299] mkdir("./file0", 0777) = 0
[pid 5299] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5299] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5299] chdir("./file0") = 0
[pid 5299] ioctl(4, LOOP_CLR_FD) = 0
[pid 5299] close(4) = 0
[pid 5299] exit_group(0) = ?
[pid 5299] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5299, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./116/binderfs") = 0
umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./116/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./116") = 0
mkdir("./117", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
[ 64.534330][ T5299] loop0: detected capacity change from 0 to 512
[ 64.543431][ T5299] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.553746][ T5299] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.562498][ T5299] EXT4-fs (loop0): 1 truncate cleaned up
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5301
./strace-static-x86_64: Process 5301 attached
[pid 5301] chdir("./117") = 0
[pid 5301] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5301] setpgid(0, 0) = 0
[pid 5301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5301] write(3, "1000", 4) = 4
[pid 5301] close(3) = 0
[pid 5301] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5301] memfd_create("syzkaller", 0) = 3
[pid 5301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5301] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5301] munmap(0x7fc573dd4000, 262144) = 0
[pid 5301] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5301] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5301] close(3) = 0
[pid 5301] mkdir("./file0", 0777) = 0
[pid 5301] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5301] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5301] chdir("./file0") = 0
[pid 5301] ioctl(4, LOOP_CLR_FD) = 0
[pid 5301] close(4) = 0
[pid 5301] exit_group(0) = ?
[pid 5301] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5301, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./117/binderfs") = 0
umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./117/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./117") = 0
mkdir("./118", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5303
./strace-static-x86_64: Process 5303 attached
[pid 5303] chdir("./118") = 0
[pid 5303] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5303] setpgid(0, 0) = 0
[pid 5303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5303] write(3, "1000", 4) = 4
[pid 5303] close(3) = 0
[pid 5303] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5303] memfd_create("syzkaller", 0) = 3
[pid 5303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5303] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5303] munmap(0x7fc573dd4000, 262144) = 0
[pid 5303] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.629142][ T5301] loop0: detected capacity change from 0 to 512
[ 64.638390][ T5301] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.648110][ T5301] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.656262][ T5301] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5303] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5303] close(3) = 0
[pid 5303] mkdir("./file0", 0777) = 0
[pid 5303] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5303] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5303] chdir("./file0") = 0
[pid 5303] ioctl(4, LOOP_CLR_FD) = 0
[pid 5303] close(4) = 0
[pid 5303] exit_group(0) = ?
[pid 5303] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5303, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./118/binderfs") = 0
umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./118/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./118/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./118") = 0
mkdir("./119", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5305
./strace-static-x86_64: Process 5305 attached
[pid 5305] chdir("./119") = 0
[pid 5305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5305] setpgid(0, 0) = 0
[pid 5305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5305] write(3, "1000", 4) = 4
[pid 5305] close(3) = 0
[pid 5305] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5305] memfd_create("syzkaller", 0) = 3
[pid 5305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5305] munmap(0x7fc573dd4000, 262144) = 0
[pid 5305] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.698490][ T5303] loop0: detected capacity change from 0 to 512
[ 64.706539][ T5303] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.716433][ T5303] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.724710][ T5303] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5305] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5305] close(3) = 0
[pid 5305] mkdir("./file0", 0777) = 0
[pid 5305] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5305] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5305] chdir("./file0") = 0
[pid 5305] ioctl(4, LOOP_CLR_FD) = 0
[pid 5305] close(4) = 0
[pid 5305] exit_group(0) = ?
[pid 5305] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5305, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./119/binderfs") = 0
umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./119/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./119") = 0
mkdir("./120", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
[ 64.766638][ T5305] loop0: detected capacity change from 0 to 512
[ 64.774640][ T5305] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.784357][ T5305] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.793031][ T5305] EXT4-fs (loop0): 1 truncate cleaned up
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5307
./strace-static-x86_64: Process 5307 attached
[pid 5307] chdir("./120") = 0
[pid 5307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5307] setpgid(0, 0) = 0
[pid 5307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5307] write(3, "1000", 4) = 4
[pid 5307] close(3) = 0
[pid 5307] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5307] memfd_create("syzkaller", 0) = 3
[pid 5307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5307] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5307] munmap(0x7fc573dd4000, 262144) = 0
[pid 5307] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5307] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5307] close(3) = 0
[pid 5307] mkdir("./file0", 0777) = 0
[pid 5307] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5307] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5307] chdir("./file0") = 0
[pid 5307] ioctl(4, LOOP_CLR_FD) = 0
[pid 5307] close(4) = 0
[pid 5307] exit_group(0) = ?
[pid 5307] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5307, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./120/binderfs") = 0
umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./120/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./120") = 0
mkdir("./121", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5309
./strace-static-x86_64: Process 5309 attached
[pid 5309] chdir("./121") = 0
[pid 5309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5309] setpgid(0, 0) = 0
[pid 5309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5309] write(3, "1000", 4) = 4
[pid 5309] close(3) = 0
[pid 5309] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5309] memfd_create("syzkaller", 0) = 3
[pid 5309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5309] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5309] munmap(0x7fc573dd4000, 262144) = 0
[pid 5309] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.861637][ T5307] loop0: detected capacity change from 0 to 512
[ 64.870315][ T5307] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.880179][ T5307] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.888767][ T5307] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5309] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5309] close(3) = 0
[pid 5309] mkdir("./file0", 0777) = 0
[pid 5309] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5309] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5309] chdir("./file0") = 0
[pid 5309] ioctl(4, LOOP_CLR_FD) = 0
[pid 5309] close(4) = 0
[pid 5309] exit_group(0) = ?
[pid 5309] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5309, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./121/binderfs") = 0
umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./121/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./121/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./121") = 0
mkdir("./122", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5311
./strace-static-x86_64: Process 5311 attached
[pid 5311] chdir("./122") = 0
[pid 5311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5311] setpgid(0, 0) = 0
[pid 5311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5311] write(3, "1000", 4) = 4
[pid 5311] close(3) = 0
[pid 5311] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5311] memfd_create("syzkaller", 0) = 3
[pid 5311] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5311] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5311] munmap(0x7fc573dd4000, 262144) = 0
[pid 5311] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.927639][ T5309] loop0: detected capacity change from 0 to 512
[ 64.930150][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 64.944241][ T5309] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 64.953824][ T5309] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 64.962324][ T5309] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5311] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5311] close(3) = 0
[pid 5311] mkdir("./file0", 0777) = 0
[pid 5311] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5311] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5311] chdir("./file0") = 0
[pid 5311] ioctl(4, LOOP_CLR_FD) = 0
[pid 5311] close(4) = 0
[pid 5311] exit_group(0) = ?
[pid 5311] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5311, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./122/binderfs") = 0
umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./122/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./122") = 0
mkdir("./123", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5313
./strace-static-x86_64: Process 5313 attached
[pid 5313] chdir("./123") = 0
[pid 5313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5313] setpgid(0, 0) = 0
[pid 5313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5313] write(3, "1000", 4) = 4
[pid 5313] close(3) = 0
[pid 5313] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5313] memfd_create("syzkaller", 0) = 3
[pid 5313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5313] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5313] munmap(0x7fc573dd4000, 262144) = 0
[pid 5313] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 64.999745][ T5311] loop0: detected capacity change from 0 to 512
[ 65.008678][ T5311] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.018465][ T5311] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.026784][ T5311] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5313] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5313] close(3) = 0
[pid 5313] mkdir("./file0", 0777) = 0
[pid 5313] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5313] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5313] chdir("./file0") = 0
[pid 5313] ioctl(4, LOOP_CLR_FD) = 0
[pid 5313] close(4) = 0
[pid 5313] exit_group(0) = ?
[pid 5313] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5313, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./123/binderfs") = 0
umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./123/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./123/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./123") = 0
mkdir("./124", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5315
./strace-static-x86_64: Process 5315 attached
[pid 5315] chdir("./124") = 0
[pid 5315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5315] setpgid(0, 0) = 0
[pid 5315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5315] write(3, "1000", 4) = 4
[pid 5315] close(3) = 0
[pid 5315] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5315] memfd_create("syzkaller", 0) = 3
[pid 5315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5315] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5315] munmap(0x7fc573dd4000, 262144) = 0
[pid 5315] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.061761][ T5313] loop0: detected capacity change from 0 to 512
[ 65.064766][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 65.078260][ T5313] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.088347][ T5313] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.096693][ T5313] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5315] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5315] close(3) = 0
[pid 5315] mkdir("./file0", 0777) = 0
[pid 5315] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5315] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5315] chdir("./file0") = 0
[pid 5315] ioctl(4, LOOP_CLR_FD) = 0
[pid 5315] close(4) = 0
[pid 5315] exit_group(0) = ?
[pid 5315] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5315, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./124/binderfs") = 0
umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./124/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./124/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./124") = 0
mkdir("./125", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5317
./strace-static-x86_64: Process 5317 attached
[pid 5317] chdir("./125") = 0
[pid 5317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5317] setpgid(0, 0) = 0
[pid 5317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5317] write(3, "1000", 4) = 4
[pid 5317] close(3) = 0
[pid 5317] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5317] memfd_create("syzkaller", 0) = 3
[pid 5317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5317] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5317] munmap(0x7fc573dd4000, 262144) = 0
[pid 5317] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.131638][ T5315] loop0: detected capacity change from 0 to 512
[ 65.140323][ T5315] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.150228][ T5315] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.159403][ T5315] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5317] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5317] close(3) = 0
[pid 5317] mkdir("./file0", 0777) = 0
[pid 5317] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5317] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5317] chdir("./file0") = 0
[pid 5317] ioctl(4, LOOP_CLR_FD) = 0
[pid 5317] close(4) = 0
[pid 5317] exit_group(0) = ?
[pid 5317] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5317, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./125/binderfs") = 0
umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./125/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./125/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./125") = 0
mkdir("./126", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5319
./strace-static-x86_64: Process 5319 attached
[pid 5319] chdir("./126") = 0
[pid 5319] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5319] setpgid(0, 0) = 0
[pid 5319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5319] write(3, "1000", 4) = 4
[pid 5319] close(3) = 0
[pid 5319] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5319] memfd_create("syzkaller", 0) = 3
[pid 5319] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5319] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5319] munmap(0x7fc573dd4000, 262144) = 0
[pid 5319] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.201399][ T5317] loop0: detected capacity change from 0 to 512
[ 65.220306][ T5317] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.230309][ T5317] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.239161][ T5317] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5319] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5319] close(3) = 0
[pid 5319] mkdir("./file0", 0777) = 0
[pid 5319] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5319] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5319] chdir("./file0") = 0
[pid 5319] ioctl(4, LOOP_CLR_FD) = 0
[pid 5319] close(4) = 0
[pid 5319] exit_group(0) = ?
[pid 5319] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5319, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./126/binderfs") = 0
umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./126/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./126/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./126") = 0
mkdir("./127", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5321
./strace-static-x86_64: Process 5321 attached
[pid 5321] chdir("./127") = 0
[pid 5321] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5321] setpgid(0, 0) = 0
[pid 5321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5321] write(3, "1000", 4) = 4
[pid 5321] close(3) = 0
[pid 5321] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5321] memfd_create("syzkaller", 0) = 3
[pid 5321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5321] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[ 65.271759][ T5319] loop0: detected capacity change from 0 to 512
[ 65.280552][ T5319] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.290317][ T5319] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.299137][ T5319] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5321] munmap(0x7fc573dd4000, 262144) = 0
[pid 5321] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5321] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5321] close(3) = 0
[pid 5321] mkdir("./file0", 0777) = 0
[pid 5321] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5321] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5321] chdir("./file0") = 0
[pid 5321] ioctl(4, LOOP_CLR_FD) = 0
[pid 5321] close(4) = 0
[pid 5321] exit_group(0) = ?
[pid 5321] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5321, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./127/binderfs") = 0
umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./127/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./127") = 0
mkdir("./128", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5323
./strace-static-x86_64: Process 5323 attached
[pid 5323] chdir("./128") = 0
[pid 5323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5323] setpgid(0, 0) = 0
[pid 5323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5323] write(3, "1000", 4) = 4
[pid 5323] close(3) = 0
[pid 5323] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5323] memfd_create("syzkaller", 0) = 3
[pid 5323] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5323] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5323] munmap(0x7fc573dd4000, 262144) = 0
[pid 5323] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.328219][ T5321] loop0: detected capacity change from 0 to 512
[ 65.329543][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 65.344688][ T5321] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.355306][ T5321] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.363830][ T5321] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5323] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5323] close(3) = 0
[pid 5323] mkdir("./file0", 0777) = 0
[pid 5323] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5323] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5323] chdir("./file0") = 0
[pid 5323] ioctl(4, LOOP_CLR_FD) = 0
[pid 5323] close(4) = 0
[pid 5323] exit_group(0) = ?
[pid 5323] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5323, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./128/binderfs") = 0
umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./128/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 65.406096][ T5323] loop0: detected capacity change from 0 to 512
[ 65.414236][ T5323] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.423882][ T5323] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.432523][ T5323] EXT4-fs (loop0): 1 truncate cleaned up
openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./128/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./128") = 0
mkdir("./129", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5325 attached
, child_tidptr=0x555556ae35d0) = 5325
[pid 5325] chdir("./129") = 0
[pid 5325] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5325] setpgid(0, 0) = 0
[pid 5325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5325] write(3, "1000", 4) = 4
[pid 5325] close(3) = 0
[pid 5325] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5325] memfd_create("syzkaller", 0) = 3
[pid 5325] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5325] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5325] munmap(0x7fc573dd4000, 262144) = 0
[pid 5325] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5325] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5325] close(3) = 0
[pid 5325] mkdir("./file0", 0777) = 0
[pid 5325] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5325] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5325] chdir("./file0") = 0
[pid 5325] ioctl(4, LOOP_CLR_FD) = 0
[pid 5325] close(4) = 0
[pid 5325] exit_group(0) = ?
[pid 5325] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5325, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./129/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./129/binderfs") = 0
umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./129/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./129") = 0
mkdir("./130", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5327
./strace-static-x86_64: Process 5327 attached
[pid 5327] chdir("./130") = 0
[pid 5327] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5327] setpgid(0, 0) = 0
[pid 5327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5327] write(3, "1000", 4) = 4
[pid 5327] close(3) = 0
[pid 5327] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5327] memfd_create("syzkaller", 0) = 3
[pid 5327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5327] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5327] munmap(0x7fc573dd4000, 262144) = 0
[pid 5327] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.512951][ T5325] loop0: detected capacity change from 0 to 512
[ 65.521939][ T5325] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.531677][ T5325] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.540230][ T5325] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5327] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5327] close(3) = 0
[pid 5327] mkdir("./file0", 0777) = 0
[pid 5327] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5327] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5327] chdir("./file0") = 0
[pid 5327] ioctl(4, LOOP_CLR_FD) = 0
[pid 5327] close(4) = 0
[pid 5327] exit_group(0) = ?
[pid 5327] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5327, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./130/binderfs") = 0
umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./130/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./130") = 0
mkdir("./131", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5329
./strace-static-x86_64: Process 5329 attached
[pid 5329] chdir("./131") = 0
[pid 5329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5329] setpgid(0, 0) = 0
[pid 5329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5329] write(3, "1000", 4) = 4
[pid 5329] close(3) = 0
[pid 5329] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5329] memfd_create("syzkaller", 0) = 3
[pid 5329] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5329] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5329] munmap(0x7fc573dd4000, 262144) = 0
[pid 5329] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.572191][ T5327] loop0: detected capacity change from 0 to 512
[ 65.580691][ T5327] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.590309][ T5327] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.599488][ T5327] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5329] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5329] close(3) = 0
[pid 5329] mkdir("./file0", 0777) = 0
[pid 5329] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5329] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5329] chdir("./file0") = 0
[pid 5329] ioctl(4, LOOP_CLR_FD) = 0
[pid 5329] close(4) = 0
[pid 5329] exit_group(0) = ?
[pid 5329] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5329, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./131/binderfs") = 0
umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./131/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./131/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./131") = 0
mkdir("./132", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5331
./strace-static-x86_64: Process 5331 attached
[pid 5331] chdir("./132") = 0
[pid 5331] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5331] setpgid(0, 0) = 0
[pid 5331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5331] write(3, "1000", 4) = 4
[pid 5331] close(3) = 0
[pid 5331] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5331] memfd_create("syzkaller", 0) = 3
[pid 5331] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5331] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5331] munmap(0x7fc573dd4000, 262144) = 0
[pid 5331] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.643747][ T5329] loop0: detected capacity change from 0 to 512
[ 65.652625][ T5329] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.662497][ T5329] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.671147][ T5329] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5331] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5331] close(3) = 0
[pid 5331] mkdir("./file0", 0777) = 0
[pid 5331] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5331] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5331] chdir("./file0") = 0
[pid 5331] ioctl(4, LOOP_CLR_FD) = 0
[pid 5331] close(4) = 0
[pid 5331] exit_group(0) = ?
[pid 5331] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5331, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./132/binderfs") = 0
[ 65.705220][ T5331] loop0: detected capacity change from 0 to 512
[ 65.713933][ T5331] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.723778][ T5331] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.732570][ T5331] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./132/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./132/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./132") = 0
mkdir("./133", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5333
./strace-static-x86_64: Process 5333 attached
[pid 5333] chdir("./133") = 0
[pid 5333] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5333] setpgid(0, 0) = 0
[pid 5333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5333] write(3, "1000", 4) = 4
[pid 5333] close(3) = 0
[pid 5333] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5333] memfd_create("syzkaller", 0) = 3
[pid 5333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5333] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5333] munmap(0x7fc573dd4000, 262144) = 0
[pid 5333] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5333] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5333] close(3) = 0
[pid 5333] mkdir("./file0", 0777) = 0
[pid 5333] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5333] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5333] chdir("./file0") = 0
[pid 5333] ioctl(4, LOOP_CLR_FD) = 0
[pid 5333] close(4) = 0
[pid 5333] exit_group(0) = ?
[pid 5333] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5333, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./133/binderfs") = 0
umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./133/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./133/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./133") = 0
mkdir("./134", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5335
./strace-static-x86_64: Process 5335 attached
[pid 5335] chdir("./134") = 0
[pid 5335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5335] setpgid(0, 0) = 0
[pid 5335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5335] write(3, "1000", 4) = 4
[pid 5335] close(3) = 0
[pid 5335] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5335] memfd_create("syzkaller", 0) = 3
[pid 5335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5335] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5335] munmap(0x7fc573dd4000, 262144) = 0
[pid 5335] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.801489][ T5333] loop0: detected capacity change from 0 to 512
[ 65.810336][ T5333] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.819932][ T5333] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.828610][ T5333] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5335] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5335] close(3) = 0
[pid 5335] mkdir("./file0", 0777) = 0
[pid 5335] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5335] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5335] chdir("./file0") = 0
[pid 5335] ioctl(4, LOOP_CLR_FD) = 0
[pid 5335] close(4) = 0
[pid 5335] exit_group(0) = ?
[pid 5335] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5335, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./134/binderfs") = 0
umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./134/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./134/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./134") = 0
mkdir("./135", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5337
./strace-static-x86_64: Process 5337 attached
[pid 5337] chdir("./135") = 0
[pid 5337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5337] setpgid(0, 0) = 0
[pid 5337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5337] write(3, "1000", 4) = 4
[pid 5337] close(3) = 0
[pid 5337] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5337] memfd_create("syzkaller", 0) = 3
[pid 5337] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5337] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5337] munmap(0x7fc573dd4000, 262144) = 0
[pid 5337] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.869134][ T5335] loop0: detected capacity change from 0 to 512
[ 65.878512][ T5335] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.888153][ T5335] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.896442][ T5335] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5337] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5337] close(3) = 0
[pid 5337] mkdir("./file0", 0777) = 0
[pid 5337] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5337] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5337] chdir("./file0") = 0
[pid 5337] ioctl(4, LOOP_CLR_FD) = 0
[pid 5337] close(4) = 0
[pid 5337] exit_group(0) = ?
[pid 5337] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5337, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./135/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./135/binderfs") = 0
umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./135/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./135/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./135") = 0
mkdir("./136", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5339
./strace-static-x86_64: Process 5339 attached
[pid 5339] chdir("./136") = 0
[pid 5339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5339] setpgid(0, 0) = 0
[pid 5339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5339] write(3, "1000", 4) = 4
[pid 5339] close(3) = 0
[pid 5339] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5339] memfd_create("syzkaller", 0) = 3
[pid 5339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5339] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5339] munmap(0x7fc573dd4000, 262144) = 0
[pid 5339] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 65.935041][ T5337] loop0: detected capacity change from 0 to 512
[ 65.944030][ T5337] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 65.953597][ T5337] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 65.962689][ T5337] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5339] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5339] close(3) = 0
[pid 5339] mkdir("./file0", 0777) = 0
[pid 5339] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5339] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5339] chdir("./file0") = 0
[pid 5339] ioctl(4, LOOP_CLR_FD) = 0
[pid 5339] close(4) = 0
[pid 5339] exit_group(0) = ?
[pid 5339] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5339, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./136/binderfs") = 0
umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./136/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./136") = 0
mkdir("./137", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5341
./strace-static-x86_64: Process 5341 attached
[pid 5341] chdir("./137") = 0
[pid 5341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5341] setpgid(0, 0) = 0
[pid 5341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5341] write(3, "1000", 4) = 4
[pid 5341] close(3) = 0
[pid 5341] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5341] memfd_create("syzkaller", 0) = 3
[pid 5341] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5341] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5341] munmap(0x7fc573dd4000, 262144) = 0
[pid 5341] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.003409][ T5339] loop0: detected capacity change from 0 to 512
[ 66.011903][ T5339] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.021597][ T5339] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.030132][ T5339] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5341] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5341] close(3) = 0
[pid 5341] mkdir("./file0", 0777) = 0
[pid 5341] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5341] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5341] chdir("./file0") = 0
[pid 5341] ioctl(4, LOOP_CLR_FD) = 0
[pid 5341] close(4) = 0
[pid 5341] exit_group(0) = ?
[pid 5341] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5341, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./137/binderfs") = 0
umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 66.073265][ T5341] loop0: detected capacity change from 0 to 512
[ 66.081940][ T5341] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.092153][ T5341] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.100543][ T5341] EXT4-fs (loop0): 1 truncate cleaned up
openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./137/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./137") = 0
mkdir("./138", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5343
./strace-static-x86_64: Process 5343 attached
[pid 5343] chdir("./138") = 0
[pid 5343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5343] setpgid(0, 0) = 0
[pid 5343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5343] write(3, "1000", 4) = 4
[pid 5343] close(3) = 0
[pid 5343] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5343] memfd_create("syzkaller", 0) = 3
[pid 5343] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5343] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5343] munmap(0x7fc573dd4000, 262144) = 0
[pid 5343] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5343] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5343] close(3) = 0
[pid 5343] mkdir("./file0", 0777) = 0
[pid 5343] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5343] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5343] chdir("./file0") = 0
[pid 5343] ioctl(4, LOOP_CLR_FD) = 0
[pid 5343] close(4) = 0
[pid 5343] exit_group(0) = ?
[pid 5343] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5343, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./138/binderfs") = 0
umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./138/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./138/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./138") = 0
mkdir("./139", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5345
./strace-static-x86_64: Process 5345 attached
[pid 5345] chdir("./139") = 0
[pid 5345] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5345] setpgid(0, 0) = 0
[pid 5345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5345] write(3, "1000", 4) = 4
[pid 5345] close(3) = 0
[pid 5345] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5345] memfd_create("syzkaller", 0) = 3
[pid 5345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5345] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5345] munmap(0x7fc573dd4000, 262144) = 0
[pid 5345] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.180550][ T5343] loop0: detected capacity change from 0 to 512
[ 66.188879][ T5343] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.198754][ T5343] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.207140][ T5343] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5345] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5345] close(3) = 0
[pid 5345] mkdir("./file0", 0777) = 0
[pid 5345] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5345] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5345] chdir("./file0") = 0
[pid 5345] ioctl(4, LOOP_CLR_FD) = 0
[pid 5345] close(4) = 0
[pid 5345] exit_group(0) = ?
[pid 5345] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5345, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./139/binderfs") = 0
umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./139/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./139/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./139") = 0
mkdir("./140", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5347
./strace-static-x86_64: Process 5347 attached
[pid 5347] chdir("./140") = 0
[pid 5347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5347] setpgid(0, 0) = 0
[pid 5347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5347] write(3, "1000", 4) = 4
[pid 5347] close(3) = 0
[pid 5347] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5347] memfd_create("syzkaller", 0) = 3
[pid 5347] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5347] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5347] munmap(0x7fc573dd4000, 262144) = 0
[pid 5347] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.248408][ T5345] loop0: detected capacity change from 0 to 512
[ 66.257677][ T5345] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.268136][ T5345] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.276373][ T5345] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5347] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5347] close(3) = 0
[pid 5347] mkdir("./file0", 0777) = 0
[pid 5347] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5347] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5347] chdir("./file0") = 0
[pid 5347] ioctl(4, LOOP_CLR_FD) = 0
[pid 5347] close(4) = 0
[pid 5347] exit_group(0) = ?
[pid 5347] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5347, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./140/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./140/binderfs") = 0
umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./140/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./140/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./140") = 0
mkdir("./141", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5349
./strace-static-x86_64: Process 5349 attached
[pid 5349] chdir("./141") = 0
[pid 5349] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5349] setpgid(0, 0) = 0
[pid 5349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5349] write(3, "1000", 4) = 4
[pid 5349] close(3) = 0
[pid 5349] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5349] memfd_create("syzkaller", 0) = 3
[pid 5349] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5349] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5349] munmap(0x7fc573dd4000, 262144) = 0
[pid 5349] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.314184][ T5347] loop0: detected capacity change from 0 to 512
[ 66.317081][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 66.330452][ T5347] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.340140][ T5347] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.348890][ T5347] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5349] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5349] close(3) = 0
[pid 5349] mkdir("./file0", 0777) = 0
[pid 5349] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5349] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5349] chdir("./file0") = 0
[pid 5349] ioctl(4, LOOP_CLR_FD) = 0
[pid 5349] close(4) = 0
[pid 5349] exit_group(0) = ?
[pid 5349] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5349, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./141/binderfs") = 0
umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./141/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./141/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./141") = 0
mkdir("./142", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5351
./strace-static-x86_64: Process 5351 attached
[pid 5351] chdir("./142") = 0
[pid 5351] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5351] setpgid(0, 0) = 0
[pid 5351] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5351] write(3, "1000", 4) = 4
[pid 5351] close(3) = 0
[pid 5351] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5351] memfd_create("syzkaller", 0) = 3
[pid 5351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5351] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5351] munmap(0x7fc573dd4000, 262144) = 0
[pid 5351] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.384668][ T5349] loop0: detected capacity change from 0 to 512
[ 66.394064][ T5349] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.403927][ T5349] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.412692][ T5349] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5351] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5351] close(3) = 0
[pid 5351] mkdir("./file0", 0777) = 0
[pid 5351] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5351] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5351] chdir("./file0") = 0
[pid 5351] ioctl(4, LOOP_CLR_FD) = 0
[pid 5351] close(4) = 0
[pid 5351] exit_group(0) = ?
[pid 5351] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5351, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./142/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./142/binderfs") = 0
umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./142/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./142/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./142") = 0
mkdir("./143", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
[ 66.454622][ T5351] loop0: detected capacity change from 0 to 512
[ 66.463425][ T5351] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.474320][ T5351] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.482876][ T5351] EXT4-fs (loop0): 1 truncate cleaned up
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5353 attached
[pid 5353] chdir("./143"
[pid 5063] <... clone resumed>, child_tidptr=0x555556ae35d0) = 5353
[pid 5353] <... chdir resumed>) = 0
[pid 5353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5353] setpgid(0, 0) = 0
[pid 5353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5353] write(3, "1000", 4) = 4
[pid 5353] close(3) = 0
[pid 5353] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5353] memfd_create("syzkaller", 0) = 3
[pid 5353] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5353] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5353] munmap(0x7fc573dd4000, 262144) = 0
[pid 5353] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5353] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5353] close(3) = 0
[pid 5353] mkdir("./file0", 0777) = 0
[pid 5353] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5353] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5353] chdir("./file0") = 0
[pid 5353] ioctl(4, LOOP_CLR_FD) = 0
[pid 5353] close(4) = 0
[pid 5353] exit_group(0) = ?
[pid 5353] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5353, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./143/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./143/binderfs") = 0
umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./143/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./143/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./143") = 0
mkdir("./144", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5355
./strace-static-x86_64: Process 5355 attached
[pid 5355] chdir("./144") = 0
[pid 5355] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5355] setpgid(0, 0) = 0
[pid 5355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5355] write(3, "1000", 4) = 4
[pid 5355] close(3) = 0
[pid 5355] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5355] memfd_create("syzkaller", 0) = 3
[pid 5355] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5355] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5355] munmap(0x7fc573dd4000, 262144) = 0
[pid 5355] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.546997][ T5353] loop0: detected capacity change from 0 to 512
[ 66.555659][ T5353] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.565648][ T5353] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.574212][ T5353] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5355] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5355] close(3) = 0
[pid 5355] mkdir("./file0", 0777) = 0
[pid 5355] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5355] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5355] chdir("./file0") = 0
[pid 5355] ioctl(4, LOOP_CLR_FD) = 0
[pid 5355] close(4) = 0
[pid 5355] exit_group(0) = ?
[pid 5355] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5355, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./144/binderfs") = 0
umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./144/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./144/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./144") = 0
mkdir("./145", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5357 attached
, child_tidptr=0x555556ae35d0) = 5357
[pid 5357] chdir("./145") = 0
[pid 5357] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5357] setpgid(0, 0) = 0
[pid 5357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5357] write(3, "1000", 4) = 4
[pid 5357] close(3) = 0
[pid 5357] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5357] memfd_create("syzkaller", 0) = 3
[pid 5357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5357] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5357] munmap(0x7fc573dd4000, 262144) = 0
[pid 5357] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.611665][ T5355] loop0: detected capacity change from 0 to 512
[ 66.620185][ T5355] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.630295][ T5355] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.638679][ T5355] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5357] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5357] close(3) = 0
[pid 5357] mkdir("./file0", 0777) = 0
[pid 5357] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5357] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5357] chdir("./file0") = 0
[pid 5357] ioctl(4, LOOP_CLR_FD) = 0
[pid 5357] close(4) = 0
[pid 5357] exit_group(0) = ?
[pid 5357] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5357, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./145/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./145/binderfs") = 0
umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./145/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
[ 66.683726][ T5357] loop0: detected capacity change from 0 to 512
[ 66.692315][ T5357] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.701986][ T5357] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.710678][ T5357] EXT4-fs (loop0): 1 truncate cleaned up
rmdir("./145/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./145") = 0
mkdir("./146", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5359
./strace-static-x86_64: Process 5359 attached
[pid 5359] chdir("./146") = 0
[pid 5359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5359] setpgid(0, 0) = 0
[pid 5359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5359] write(3, "1000", 4) = 4
[pid 5359] close(3) = 0
[pid 5359] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5359] memfd_create("syzkaller", 0) = 3
[pid 5359] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5359] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5359] munmap(0x7fc573dd4000, 262144) = 0
[pid 5359] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5359] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5359] close(3) = 0
[pid 5359] mkdir("./file0", 0777) = 0
[pid 5359] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5359] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5359] chdir("./file0") = 0
[pid 5359] ioctl(4, LOOP_CLR_FD) = 0
[pid 5359] close(4) = 0
[pid 5359] exit_group(0) = ?
[pid 5359] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5359, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./146/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./146/binderfs") = 0
umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./146/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./146/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./146") = 0
mkdir("./147", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5361
./strace-static-x86_64: Process 5361 attached
[pid 5361] chdir("./147") = 0
[pid 5361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5361] setpgid(0, 0) = 0
[pid 5361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5361] write(3, "1000", 4) = 4
[pid 5361] close(3) = 0
[pid 5361] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5361] memfd_create("syzkaller", 0) = 3
[pid 5361] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5361] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5361] munmap(0x7fc573dd4000, 262144) = 0
[pid 5361] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.780789][ T5359] loop0: detected capacity change from 0 to 512
[ 66.788971][ T5359] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.798998][ T5359] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.807376][ T5359] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5361] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5361] close(3) = 0
[pid 5361] mkdir("./file0", 0777) = 0
[pid 5361] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5361] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5361] chdir("./file0") = 0
[pid 5361] ioctl(4, LOOP_CLR_FD) = 0
[pid 5361] close(4) = 0
[pid 5361] exit_group(0) = ?
[pid 5361] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5361, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./147/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./147/binderfs") = 0
umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./147/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./147/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./147") = 0
mkdir("./148", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5363 attached
, child_tidptr=0x555556ae35d0) = 5363
[pid 5363] chdir("./148") = 0
[pid 5363] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5363] setpgid(0, 0) = 0
[pid 5363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5363] write(3, "1000", 4) = 4
[pid 5363] close(3) = 0
[pid 5363] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5363] memfd_create("syzkaller", 0) = 3
[pid 5363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5363] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5363] munmap(0x7fc573dd4000, 262144) = 0
[pid 5363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.849765][ T5361] loop0: detected capacity change from 0 to 512
[ 66.859001][ T5361] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.868817][ T5361] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.877226][ T5361] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5363] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5363] close(3) = 0
[pid 5363] mkdir("./file0", 0777) = 0
[pid 5363] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5363] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5363] chdir("./file0") = 0
[pid 5363] ioctl(4, LOOP_CLR_FD) = 0
[pid 5363] close(4) = 0
[pid 5363] exit_group(0) = ?
[pid 5363] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5363, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./148/binderfs") = 0
umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./148/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./148/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./148") = 0
mkdir("./149", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5365
./strace-static-x86_64: Process 5365 attached
[pid 5365] chdir("./149") = 0
[pid 5365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5365] setpgid(0, 0) = 0
[pid 5365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5365] write(3, "1000", 4) = 4
[pid 5365] close(3) = 0
[pid 5365] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5365] memfd_create("syzkaller", 0) = 3
[pid 5365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5365] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5365] munmap(0x7fc573dd4000, 262144) = 0
[pid 5365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.916880][ T5363] loop0: detected capacity change from 0 to 512
[ 66.925098][ T5363] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 66.935135][ T5363] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 66.943661][ T5363] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5365] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5365] close(3) = 0
[pid 5365] mkdir("./file0", 0777) = 0
[pid 5365] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5365] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5365] chdir("./file0") = 0
[pid 5365] ioctl(4, LOOP_CLR_FD) = 0
[pid 5365] close(4) = 0
[pid 5365] exit_group(0) = ?
[pid 5365] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5365, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./149/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./149/binderfs") = 0
umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./149/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./149/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./149") = 0
mkdir("./150", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5367
./strace-static-x86_64: Process 5367 attached
[pid 5367] chdir("./150") = 0
[pid 5367] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5367] setpgid(0, 0) = 0
[pid 5367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5367] write(3, "1000", 4) = 4
[pid 5367] close(3) = 0
[pid 5367] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5367] memfd_create("syzkaller", 0) = 3
[pid 5367] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5367] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5367] munmap(0x7fc573dd4000, 262144) = 0
[pid 5367] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 66.987931][ T5365] loop0: detected capacity change from 0 to 512
[ 66.997029][ T5365] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.006521][ T5365] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.015464][ T5365] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5367] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5367] close(3) = 0
[pid 5367] mkdir("./file0", 0777) = 0
[pid 5367] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5367] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5367] chdir("./file0") = 0
[pid 5367] ioctl(4, LOOP_CLR_FD) = 0
[pid 5367] close(4) = 0
[pid 5367] exit_group(0) = ?
[pid 5367] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5367, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./150/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./150/binderfs") = 0
umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./150/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./150/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./150") = 0
mkdir("./151", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
[ 67.063102][ T5367] loop0: detected capacity change from 0 to 512
[ 67.071791][ T5367] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.081805][ T5367] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.090048][ T5367] EXT4-fs (loop0): 1 truncate cleaned up
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5369
./strace-static-x86_64: Process 5369 attached
[pid 5369] chdir("./151") = 0
[pid 5369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5369] setpgid(0, 0) = 0
[pid 5369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5369] write(3, "1000", 4) = 4
[pid 5369] close(3) = 0
[pid 5369] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5369] memfd_create("syzkaller", 0) = 3
[pid 5369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5369] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5369] munmap(0x7fc573dd4000, 262144) = 0
[pid 5369] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5369] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5369] close(3) = 0
[pid 5369] mkdir("./file0", 0777) = 0
[pid 5369] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5369] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5369] chdir("./file0") = 0
[pid 5369] ioctl(4, LOOP_CLR_FD) = 0
[pid 5369] close(4) = 0
[pid 5369] exit_group(0) = ?
[pid 5369] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5369, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./151/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./151/binderfs") = 0
umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./151/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./151/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./151") = 0
mkdir("./152", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5371
./strace-static-x86_64: Process 5371 attached
[pid 5371] chdir("./152") = 0
[pid 5371] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5371] setpgid(0, 0) = 0
[pid 5371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5371] write(3, "1000", 4) = 4
[pid 5371] close(3) = 0
[pid 5371] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5371] memfd_create("syzkaller", 0) = 3
[pid 5371] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5371] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5371] munmap(0x7fc573dd4000, 262144) = 0
[pid 5371] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.150278][ T5369] loop0: detected capacity change from 0 to 512
[ 67.154036][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 67.167088][ T5369] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.176543][ T5369] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.185197][ T5369] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5371] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5371] close(3) = 0
[pid 5371] mkdir("./file0", 0777) = 0
[pid 5371] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5371] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5371] chdir("./file0") = 0
[pid 5371] ioctl(4, LOOP_CLR_FD) = 0
[pid 5371] close(4) = 0
[pid 5371] exit_group(0) = ?
[pid 5371] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5371, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./152/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./152/binderfs") = 0
umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./152/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./152/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./152") = 0
mkdir("./153", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5373
./strace-static-x86_64: Process 5373 attached
[pid 5373] chdir("./153") = 0
[pid 5373] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5373] setpgid(0, 0) = 0
[pid 5373] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5373] write(3, "1000", 4) = 4
[pid 5373] close(3) = 0
[pid 5373] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5373] memfd_create("syzkaller", 0) = 3
[pid 5373] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5373] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5373] munmap(0x7fc573dd4000, 262144) = 0
[pid 5373] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.231216][ T5371] loop0: detected capacity change from 0 to 512
[ 67.239555][ T5371] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.249185][ T5371] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.257734][ T5371] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5373] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5373] close(3) = 0
[pid 5373] mkdir("./file0", 0777) = 0
[pid 5373] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5373] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5373] chdir("./file0") = 0
[pid 5373] ioctl(4, LOOP_CLR_FD) = 0
[pid 5373] close(4) = 0
[pid 5373] exit_group(0) = ?
[pid 5373] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5373, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./153/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./153/binderfs") = 0
umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./153/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./153/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./153") = 0
mkdir("./154", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5375
./strace-static-x86_64: Process 5375 attached
[pid 5375] chdir("./154") = 0
[pid 5375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5375] setpgid(0, 0) = 0
[pid 5375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5375] write(3, "1000", 4) = 4
[pid 5375] close(3) = 0
[pid 5375] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5375] memfd_create("syzkaller", 0) = 3
[pid 5375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5375] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5375] munmap(0x7fc573dd4000, 262144) = 0
[pid 5375] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.289417][ T5373] loop0: detected capacity change from 0 to 512
[ 67.297770][ T5373] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.307918][ T5373] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.316505][ T5373] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5375] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5375] close(3) = 0
[pid 5375] mkdir("./file0", 0777) = 0
[pid 5375] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5375] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5375] chdir("./file0") = 0
[pid 5375] ioctl(4, LOOP_CLR_FD) = 0
[pid 5375] close(4) = 0
[pid 5375] exit_group(0) = ?
[pid 5375] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5375, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./154/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./154/binderfs") = 0
umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./154/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./154/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./154/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./154") = 0
mkdir("./155", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5377 attached
, child_tidptr=0x555556ae35d0) = 5377
[pid 5377] chdir("./155") = 0
[pid 5377] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5377] setpgid(0, 0) = 0
[pid 5377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5377] write(3, "1000", 4) = 4
[pid 5377] close(3) = 0
[pid 5377] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5377] memfd_create("syzkaller", 0) = 3
[pid 5377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5377] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5377] munmap(0x7fc573dd4000, 262144) = 0
[pid 5377] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.363453][ T5375] loop0: detected capacity change from 0 to 512
[ 67.371935][ T5375] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.381797][ T5375] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.390410][ T5375] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5377] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5377] close(3) = 0
[pid 5377] mkdir("./file0", 0777) = 0
[pid 5377] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5377] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5377] chdir("./file0") = 0
[pid 5377] ioctl(4, LOOP_CLR_FD) = 0
[pid 5377] close(4) = 0
[pid 5377] exit_group(0) = ?
[pid 5377] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5377, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./155", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./155/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./155/binderfs") = 0
umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./155/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./155/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./155/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./155") = 0
mkdir("./156", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5379
./strace-static-x86_64: Process 5379 attached
[pid 5379] chdir("./156") = 0
[pid 5379] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5379] setpgid(0, 0) = 0
[pid 5379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5379] write(3, "1000", 4) = 4
[pid 5379] close(3) = 0
[pid 5379] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5379] memfd_create("syzkaller", 0) = 3
[pid 5379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5379] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5379] munmap(0x7fc573dd4000, 262144) = 0
[pid 5379] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.432208][ T5377] loop0: detected capacity change from 0 to 512
[ 67.441187][ T5377] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.451242][ T5377] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.459551][ T5377] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5379] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5379] close(3) = 0
[pid 5379] mkdir("./file0", 0777) = 0
[pid 5379] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5379] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5379] chdir("./file0") = 0
[pid 5379] ioctl(4, LOOP_CLR_FD) = 0
[pid 5379] close(4) = 0
[pid 5379] exit_group(0) = ?
[pid 5379] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5379, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./156", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./156", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./156/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./156/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./156/binderfs") = 0
umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./156/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./156/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./156/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./156") = 0
mkdir("./157", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5381
./strace-static-x86_64: Process 5381 attached
[pid 5381] chdir("./157") = 0
[pid 5381] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5381] setpgid(0, 0) = 0
[pid 5381] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5381] write(3, "1000", 4) = 4
[pid 5381] close(3) = 0
[pid 5381] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5381] memfd_create("syzkaller", 0) = 3
[pid 5381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5381] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5381] munmap(0x7fc573dd4000, 262144) = 0
[pid 5381] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.494193][ T5379] loop0: detected capacity change from 0 to 512
[ 67.502405][ T5379] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.512250][ T5379] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.521337][ T5379] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5381] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5381] close(3) = 0
[pid 5381] mkdir("./file0", 0777) = 0
[pid 5381] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5381] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5381] chdir("./file0") = 0
[pid 5381] ioctl(4, LOOP_CLR_FD) = 0
[pid 5381] close(4) = 0
[pid 5381] exit_group(0) = ?
[pid 5381] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5381, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./157", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./157", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./157/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./157/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./157/binderfs") = 0
umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./157/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./157/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./157/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./157") = 0
mkdir("./158", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5383
./strace-static-x86_64: Process 5383 attached
[pid 5383] chdir("./158") = 0
[pid 5383] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5383] setpgid(0, 0) = 0
[pid 5383] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5383] write(3, "1000", 4) = 4
[pid 5383] close(3) = 0
[pid 5383] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5383] memfd_create("syzkaller", 0) = 3
[pid 5383] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5383] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5383] munmap(0x7fc573dd4000, 262144) = 0
[pid 5383] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.548924][ T5381] loop0: detected capacity change from 0 to 512
[ 67.551704][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 67.565667][ T5381] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.576019][ T5381] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.584575][ T5381] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5383] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5383] close(3) = 0
[pid 5383] mkdir("./file0", 0777) = 0
[pid 5383] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5383] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5383] chdir("./file0") = 0
[pid 5383] ioctl(4, LOOP_CLR_FD) = 0
[pid 5383] close(4) = 0
[pid 5383] exit_group(0) = ?
[pid 5383] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5383, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./158", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./158", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./158/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./158/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./158/binderfs") = 0
umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./158/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./158/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./158/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./158") = 0
mkdir("./159", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5385 attached
, child_tidptr=0x555556ae35d0) = 5385
[pid 5385] chdir("./159") = 0
[pid 5385] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5385] setpgid(0, 0) = 0
[pid 5385] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5385] write(3, "1000", 4) = 4
[pid 5385] close(3) = 0
[pid 5385] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5385] memfd_create("syzkaller", 0) = 3
[pid 5385] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5385] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5385] munmap(0x7fc573dd4000, 262144) = 0
[pid 5385] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.624133][ T5383] loop0: detected capacity change from 0 to 512
[ 67.632704][ T5383] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.642566][ T5383] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.651461][ T5383] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5385] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5385] close(3) = 0
[pid 5385] mkdir("./file0", 0777) = 0
[pid 5385] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5385] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5385] chdir("./file0") = 0
[pid 5385] ioctl(4, LOOP_CLR_FD) = 0
[pid 5385] close(4) = 0
[pid 5385] exit_group(0) = ?
[pid 5385] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5385, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./159", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./159", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./159/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./159/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./159/binderfs") = 0
umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./159/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./159/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./159/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./159") = 0
mkdir("./160", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5387
./strace-static-x86_64: Process 5387 attached
[pid 5387] chdir("./160") = 0
[pid 5387] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5387] setpgid(0, 0) = 0
[pid 5387] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5387] write(3, "1000", 4) = 4
[pid 5387] close(3) = 0
[pid 5387] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5387] memfd_create("syzkaller", 0) = 3
[pid 5387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5387] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5387] munmap(0x7fc573dd4000, 262144) = 0
[pid 5387] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.692490][ T5385] loop0: detected capacity change from 0 to 512
[ 67.701524][ T5385] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.711339][ T5385] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.719783][ T5385] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5387] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5387] close(3) = 0
[pid 5387] mkdir("./file0", 0777) = 0
[pid 5387] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5387] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5387] chdir("./file0") = 0
[pid 5387] ioctl(4, LOOP_CLR_FD) = 0
[pid 5387] close(4) = 0
[pid 5387] exit_group(0) = ?
[pid 5387] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5387, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./160", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./160", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./160/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./160/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./160/binderfs") = 0
umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./160/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./160/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./160/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./160/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./160") = 0
mkdir("./161", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5389
./strace-static-x86_64: Process 5389 attached
[pid 5389] chdir("./161") = 0
[pid 5389] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5389] setpgid(0, 0) = 0
[pid 5389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5389] write(3, "1000", 4) = 4
[pid 5389] close(3) = 0
[pid 5389] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5389] memfd_create("syzkaller", 0) = 3
[pid 5389] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5389] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5389] munmap(0x7fc573dd4000, 262144) = 0
[pid 5389] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.759369][ T5387] loop0: detected capacity change from 0 to 512
[ 67.767715][ T5387] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.777693][ T5387] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.786045][ T5387] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5389] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5389] close(3) = 0
[pid 5389] mkdir("./file0", 0777) = 0
[pid 5389] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5389] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5389] chdir("./file0") = 0
[pid 5389] ioctl(4, LOOP_CLR_FD) = 0
[pid 5389] close(4) = 0
[pid 5389] exit_group(0) = ?
[pid 5389] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5389, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./161", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./161", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./161/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./161/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./161/binderfs") = 0
umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./161/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./161/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./161/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./161/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./161") = 0
mkdir("./162", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5391
./strace-static-x86_64: Process 5391 attached
[pid 5391] chdir("./162") = 0
[pid 5391] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5391] setpgid(0, 0) = 0
[pid 5391] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5391] write(3, "1000", 4) = 4
[pid 5391] close(3) = 0
[pid 5391] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5391] memfd_create("syzkaller", 0) = 3
[pid 5391] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5391] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5391] munmap(0x7fc573dd4000, 262144) = 0
[pid 5391] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.831314][ T5389] loop0: detected capacity change from 0 to 512
[ 67.839842][ T5389] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.849556][ T5389] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.858710][ T5389] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5391] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5391] close(3) = 0
[pid 5391] mkdir("./file0", 0777) = 0
[pid 5391] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5391] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5391] chdir("./file0") = 0
[pid 5391] ioctl(4, LOOP_CLR_FD) = 0
[pid 5391] close(4) = 0
[pid 5391] exit_group(0) = ?
[pid 5391] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5391, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./162", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./162", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./162/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./162/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./162/binderfs") = 0
umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./162/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./162/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./162/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./162/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./162") = 0
mkdir("./163", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5393
./strace-static-x86_64: Process 5393 attached
[pid 5393] chdir("./163") = 0
[pid 5393] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5393] setpgid(0, 0) = 0
[pid 5393] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5393] write(3, "1000", 4) = 4
[pid 5393] close(3) = 0
[pid 5393] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5393] memfd_create("syzkaller", 0) = 3
[pid 5393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5393] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5393] munmap(0x7fc573dd4000, 262144) = 0
[pid 5393] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 67.902544][ T5391] loop0: detected capacity change from 0 to 512
[ 67.910846][ T5391] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.920674][ T5391] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 67.928998][ T5391] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5393] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5393] close(3) = 0
[pid 5393] mkdir("./file0", 0777) = 0
[pid 5393] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5393] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5393] chdir("./file0") = 0
[pid 5393] ioctl(4, LOOP_CLR_FD) = 0
[pid 5393] close(4) = 0
[pid 5393] exit_group(0) = ?
[pid 5393] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5393, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./163", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./163", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./163/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./163/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./163/binderfs") = 0
umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 67.962829][ T5393] loop0: detected capacity change from 0 to 512
[ 67.967645][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 67.982375][ T5393] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 67.992098][ T5393] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.000639][ T5393] EXT4-fs (loop0): 1 truncate cleaned up
umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./163/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./163/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./163/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./163/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./163") = 0
mkdir("./164", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5395
./strace-static-x86_64: Process 5395 attached
[pid 5395] chdir("./164") = 0
[pid 5395] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5395] setpgid(0, 0) = 0
[pid 5395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5395] write(3, "1000", 4) = 4
[pid 5395] close(3) = 0
[pid 5395] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5395] memfd_create("syzkaller", 0) = 3
[pid 5395] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5395] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5395] munmap(0x7fc573dd4000, 262144) = 0
[pid 5395] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5395] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5395] close(3) = 0
[pid 5395] mkdir("./file0", 0777) = 0
[pid 5395] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5395] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5395] chdir("./file0") = 0
[pid 5395] ioctl(4, LOOP_CLR_FD) = 0
[pid 5395] close(4) = 0
[pid 5395] exit_group(0) = ?
[pid 5395] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5395, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./164", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./164", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./164/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./164/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./164/binderfs") = 0
umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./164/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./164/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./164/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./164/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./164") = 0
mkdir("./165", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5397
./strace-static-x86_64: Process 5397 attached
[pid 5397] chdir("./165") = 0
[pid 5397] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5397] setpgid(0, 0) = 0
[pid 5397] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5397] write(3, "1000", 4) = 4
[pid 5397] close(3) = 0
[pid 5397] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5397] memfd_create("syzkaller", 0) = 3
[pid 5397] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5397] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5397] munmap(0x7fc573dd4000, 262144) = 0
[pid 5397] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.068120][ T5395] loop0: detected capacity change from 0 to 512
[ 68.077815][ T5395] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.087408][ T5395] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.095727][ T5395] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5397] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5397] close(3) = 0
[pid 5397] mkdir("./file0", 0777) = 0
[pid 5397] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5397] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5397] chdir("./file0") = 0
[pid 5397] ioctl(4, LOOP_CLR_FD) = 0
[pid 5397] close(4) = 0
[pid 5397] exit_group(0) = ?
[pid 5397] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5397, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./165", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./165", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./165/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./165/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./165/binderfs") = 0
umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./165/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./165/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./165/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./165/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./165") = 0
mkdir("./166", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5399
./strace-static-x86_64: Process 5399 attached
[pid 5399] chdir("./166") = 0
[pid 5399] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5399] setpgid(0, 0) = 0
[pid 5399] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5399] write(3, "1000", 4) = 4
[pid 5399] close(3) = 0
[pid 5399] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5399] memfd_create("syzkaller", 0) = 3
[pid 5399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5399] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5399] munmap(0x7fc573dd4000, 262144) = 0
[pid 5399] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.134086][ T5397] loop0: detected capacity change from 0 to 512
[ 68.135280][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 68.150872][ T5397] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.160967][ T5397] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.169707][ T5397] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5399] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5399] close(3) = 0
[pid 5399] mkdir("./file0", 0777) = 0
[pid 5399] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5399] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5399] chdir("./file0") = 0
[pid 5399] ioctl(4, LOOP_CLR_FD) = 0
[pid 5399] close(4) = 0
[pid 5399] exit_group(0) = ?
[pid 5399] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5399, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./166", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./166", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./166/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./166/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./166/binderfs") = 0
umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./166/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./166/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./166/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./166/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./166") = 0
mkdir("./167", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5401
./strace-static-x86_64: Process 5401 attached
[pid 5401] chdir("./167") = 0
[pid 5401] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5401] setpgid(0, 0) = 0
[pid 5401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5401] write(3, "1000", 4) = 4
[pid 5401] close(3) = 0
[pid 5401] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5401] memfd_create("syzkaller", 0) = 3
[pid 5401] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5401] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5401] munmap(0x7fc573dd4000, 262144) = 0
[pid 5401] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.207632][ T5399] loop0: detected capacity change from 0 to 512
[ 68.215600][ T5399] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.225309][ T5399] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.234177][ T5399] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5401] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5401] close(3) = 0
[pid 5401] mkdir("./file0", 0777) = 0
[pid 5401] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5401] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5401] chdir("./file0") = 0
[pid 5401] ioctl(4, LOOP_CLR_FD) = 0
[pid 5401] close(4) = 0
[pid 5401] exit_group(0) = ?
[pid 5401] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5401, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./167", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./167", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./167/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./167/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./167/binderfs") = 0
umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./167/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./167/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./167/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./167/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./167") = 0
mkdir("./168", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5403
./strace-static-x86_64: Process 5403 attached
[pid 5403] chdir("./168") = 0
[pid 5403] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5403] setpgid(0, 0) = 0
[pid 5403] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5403] write(3, "1000", 4) = 4
[pid 5403] close(3) = 0
[pid 5403] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5403] memfd_create("syzkaller", 0) = 3
[pid 5403] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5403] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5403] munmap(0x7fc573dd4000, 262144) = 0
[pid 5403] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.277197][ T5401] loop0: detected capacity change from 0 to 512
[ 68.285691][ T5401] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.295176][ T5401] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.304035][ T5401] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5403] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5403] close(3) = 0
[pid 5403] mkdir("./file0", 0777) = 0
[pid 5403] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5403] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5403] chdir("./file0") = 0
[pid 5403] ioctl(4, LOOP_CLR_FD) = 0
[pid 5403] close(4) = 0
[pid 5403] exit_group(0) = ?
[pid 5403] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5403, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./168", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./168", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./168/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./168/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./168/binderfs") = 0
umount2("./168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./168/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./168/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./168/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./168/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./168") = 0
mkdir("./169", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5405
./strace-static-x86_64: Process 5405 attached
[pid 5405] chdir("./169") = 0
[pid 5405] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5405] setpgid(0, 0) = 0
[pid 5405] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5405] write(3, "1000", 4) = 4
[pid 5405] close(3) = 0
[pid 5405] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5405] memfd_create("syzkaller", 0) = 3
[pid 5405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5405] munmap(0x7fc573dd4000, 262144) = 0
[pid 5405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.336093][ T5403] loop0: detected capacity change from 0 to 512
[ 68.338369][ T5065] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 68.352609][ T5403] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.362580][ T5403] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.371159][ T5403] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5405] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5405] close(3) = 0
[pid 5405] mkdir("./file0", 0777) = 0
[pid 5405] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5405] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5405] chdir("./file0") = 0
[pid 5405] ioctl(4, LOOP_CLR_FD) = 0
[pid 5405] close(4) = 0
[pid 5405] exit_group(0) = ?
[pid 5405] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5405, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./169", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./169", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./169/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./169/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./169/binderfs") = 0
umount2("./169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./169/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./169/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./169/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./169/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./169") = 0
mkdir("./170", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5407
./strace-static-x86_64: Process 5407 attached
[pid 5407] chdir("./170") = 0
[pid 5407] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5407] setpgid(0, 0) = 0
[pid 5407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5407] write(3, "1000", 4) = 4
[pid 5407] close(3) = 0
[pid 5407] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5407] memfd_create("syzkaller", 0) = 3
[pid 5407] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5407] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5407] munmap(0x7fc573dd4000, 262144) = 0
[pid 5407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.414870][ T5405] loop0: detected capacity change from 0 to 512
[ 68.416677][ T5065] Buffer I/O error on dev loop0, logical block 0, async page read
[ 68.430364][ T5405] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.440740][ T5405] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.449271][ T5405] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5407] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5407] close(3) = 0
[pid 5407] mkdir("./file0", 0777) = 0
[pid 5407] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5407] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5407] chdir("./file0") = 0
[pid 5407] ioctl(4, LOOP_CLR_FD) = 0
[pid 5407] close(4) = 0
[pid 5407] exit_group(0) = ?
[pid 5407] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5407, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./170", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./170", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./170/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./170/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./170/binderfs") = 0
umount2("./170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./170/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./170/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./170/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./170/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./170") = 0
mkdir("./171", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5409
./strace-static-x86_64: Process 5409 attached
[pid 5409] chdir("./171") = 0
[pid 5409] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5409] setpgid(0, 0) = 0
[pid 5409] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5409] write(3, "1000", 4) = 4
[pid 5409] close(3) = 0
[pid 5409] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5409] memfd_create("syzkaller", 0) = 3
[pid 5409] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5409] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5409] munmap(0x7fc573dd4000, 262144) = 0
[pid 5409] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.492105][ T5407] loop0: detected capacity change from 0 to 512
[ 68.500571][ T5407] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.510320][ T5407] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.519127][ T5407] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5409] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5409] close(3) = 0
[pid 5409] mkdir("./file0", 0777) = 0
[pid 5409] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5409] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5409] chdir("./file0") = 0
[pid 5409] ioctl(4, LOOP_CLR_FD) = 0
[pid 5409] close(4) = 0
[pid 5409] exit_group(0) = ?
[pid 5409] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5409, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./171", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./171", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./171/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./171/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./171/binderfs") = 0
umount2("./171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./171/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./171/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./171/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./171/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./171") = 0
mkdir("./172", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5411
./strace-static-x86_64: Process 5411 attached
[pid 5411] chdir("./172") = 0
[pid 5411] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5411] setpgid(0, 0) = 0
[pid 5411] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5411] write(3, "1000", 4) = 4
[pid 5411] close(3) = 0
[pid 5411] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5411] memfd_create("syzkaller", 0) = 3
[pid 5411] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5411] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5411] munmap(0x7fc573dd4000, 262144) = 0
[pid 5411] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.557433][ T5409] loop0: detected capacity change from 0 to 512
[ 68.565632][ T5409] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.575336][ T5409] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.583633][ T5409] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5411] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5411] close(3) = 0
[pid 5411] mkdir("./file0", 0777) = 0
[pid 5411] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5411] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5411] chdir("./file0") = 0
[pid 5411] ioctl(4, LOOP_CLR_FD) = 0
[pid 5411] close(4) = 0
[pid 5411] exit_group(0) = ?
[pid 5411] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5411, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./172", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./172", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./172/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./172/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./172/binderfs") = 0
umount2("./172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./172/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./172/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./172/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./172/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./172") = 0
mkdir("./173", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5413 attached
, child_tidptr=0x555556ae35d0) = 5413
[pid 5413] chdir("./173") = 0
[pid 5413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5413] setpgid(0, 0) = 0
[pid 5413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5413] write(3, "1000", 4) = 4
[pid 5413] close(3) = 0
[pid 5413] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5413] memfd_create("syzkaller", 0) = 3
[pid 5413] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5413] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5413] munmap(0x7fc573dd4000, 262144) = 0
[pid 5413] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.620817][ T5411] loop0: detected capacity change from 0 to 512
[ 68.629520][ T5411] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.639423][ T5411] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.648263][ T5411] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5413] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5413] close(3) = 0
[pid 5413] mkdir("./file0", 0777) = 0
[pid 5413] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5413] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5413] chdir("./file0") = 0
[pid 5413] ioctl(4, LOOP_CLR_FD) = 0
[pid 5413] close(4) = 0
[pid 5413] exit_group(0) = ?
[pid 5413] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5413, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./173", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./173", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./173/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./173/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./173/binderfs") = 0
umount2("./173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./173/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./173/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./173/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./173/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./173") = 0
mkdir("./174", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5415
./strace-static-x86_64: Process 5415 attached
[pid 5415] chdir("./174") = 0
[pid 5415] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5415] setpgid(0, 0) = 0
[pid 5415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5415] write(3, "1000", 4) = 4
[pid 5415] close(3) = 0
[pid 5415] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5415] memfd_create("syzkaller", 0) = 3
[pid 5415] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5415] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5415] munmap(0x7fc573dd4000, 262144) = 0
[pid 5415] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.689404][ T5413] loop0: detected capacity change from 0 to 512
[ 68.690438][ T5065] Buffer I/O error on dev loop0, logical block 0, async page read
[ 68.704241][ T5413] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.714092][ T5413] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.722519][ T5413] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5415] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5415] close(3) = 0
[pid 5415] mkdir("./file0", 0777) = 0
[pid 5415] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5415] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5415] chdir("./file0") = 0
[pid 5415] ioctl(4, LOOP_CLR_FD) = 0
[pid 5415] close(4) = 0
[pid 5415] exit_group(0) = ?
[pid 5415] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5415, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./174", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./174", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./174/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./174/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./174/binderfs") = 0
umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./174/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./174/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./174/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./174") = 0
mkdir("./175", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5417
./strace-static-x86_64: Process 5417 attached
[pid 5417] chdir("./175") = 0
[pid 5417] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5417] setpgid(0, 0) = 0
[pid 5417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5417] write(3, "1000", 4) = 4
[pid 5417] close(3) = 0
[pid 5417] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5417] memfd_create("syzkaller", 0) = 3
[pid 5417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5417] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5417] munmap(0x7fc573dd4000, 262144) = 0
[pid 5417] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.762954][ T5415] loop0: detected capacity change from 0 to 512
[ 68.771581][ T5415] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.781628][ T5415] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.790094][ T5415] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5417] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5417] close(3) = 0
[pid 5417] mkdir("./file0", 0777) = 0
[pid 5417] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5417] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5417] chdir("./file0") = 0
[pid 5417] ioctl(4, LOOP_CLR_FD) = 0
[pid 5417] close(4) = 0
[pid 5417] exit_group(0) = ?
[pid 5417] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5417, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./175", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./175", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./175/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./175/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./175/binderfs") = 0
umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./175/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./175/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./175/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./175") = 0
mkdir("./176", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5419
./strace-static-x86_64: Process 5419 attached
[pid 5419] chdir("./176") = 0
[pid 5419] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5419] setpgid(0, 0) = 0
[pid 5419] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5419] write(3, "1000", 4) = 4
[pid 5419] close(3) = 0
[pid 5419] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5419] memfd_create("syzkaller", 0) = 3
[pid 5419] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5419] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5419] munmap(0x7fc573dd4000, 262144) = 0
[pid 5419] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.831494][ T5417] loop0: detected capacity change from 0 to 512
[ 68.839880][ T5417] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.849779][ T5417] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.858538][ T5417] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5419] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5419] close(3) = 0
[pid 5419] mkdir("./file0", 0777) = 0
[pid 5419] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5419] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5419] chdir("./file0") = 0
[pid 5419] ioctl(4, LOOP_CLR_FD) = 0
[pid 5419] close(4) = 0
[pid 5419] exit_group(0) = ?
[pid 5419] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5419, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./176", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./176", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./176/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./176/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./176/binderfs") = 0
umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./176/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./176/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./176/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./176") = 0
mkdir("./177", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5421
./strace-static-x86_64: Process 5421 attached
[pid 5421] chdir("./177") = 0
[pid 5421] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5421] setpgid(0, 0) = 0
[pid 5421] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5421] write(3, "1000", 4) = 4
[pid 5421] close(3) = 0
[pid 5421] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5421] memfd_create("syzkaller", 0) = 3
[pid 5421] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5421] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5421] munmap(0x7fc573dd4000, 262144) = 0
[pid 5421] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.889897][ T5419] loop0: detected capacity change from 0 to 512
[ 68.898391][ T5419] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.907864][ T5419] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.916073][ T5419] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5421] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5421] close(3) = 0
[pid 5421] mkdir("./file0", 0777) = 0
[pid 5421] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5421] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5421] chdir("./file0") = 0
[pid 5421] ioctl(4, LOOP_CLR_FD) = 0
[pid 5421] close(4) = 0
[pid 5421] exit_group(0) = ?
[pid 5421] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5421, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./177", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./177", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./177/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./177/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./177/binderfs") = 0
umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./177/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./177/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./177/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./177") = 0
mkdir("./178", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5423
./strace-static-x86_64: Process 5423 attached
[pid 5423] chdir("./178") = 0
[pid 5423] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5423] setpgid(0, 0) = 0
[pid 5423] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5423] write(3, "1000", 4) = 4
[pid 5423] close(3) = 0
[pid 5423] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5423] memfd_create("syzkaller", 0) = 3
[pid 5423] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5423] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 5423] munmap(0x7fc573dd4000, 262144) = 0
[pid 5423] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 68.955968][ T5421] loop0: detected capacity change from 0 to 512
[ 68.964612][ T5421] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 68.974501][ T5421] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 68.983162][ T5421] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5423] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5423] close(3) = 0
[pid 5423] mkdir("./file0", 0777) = 0
[pid 5423] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5423] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5423] chdir("./file0") = 0
[pid 5423] ioctl(4, LOOP_CLR_FD) = 0
[pid 5423] close(4) = 0
[pid 5423] exit_group(0) = ?
[pid 5423] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5423, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./178", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./178", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./178/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./178/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./178/binderfs") = 0
umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./178/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./178/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./178/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./178") = 0
mkdir("./179", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5425
./strace-static-x86_64: Process 5425 attached
[pid 5425] chdir("./179") = 0
[pid 5425] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5425] setpgid(0, 0) = 0
[pid 5425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5425] write(3, "1000", 4) = 4
[pid 5425] close(3) = 0
[pid 5425] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5425] memfd_create("syzkaller", 0) = 3
[pid 5425] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc573dd4000
[pid 5425] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[ 69.031396][ T5423] loop0: detected capacity change from 0 to 512
[ 69.040251][ T5423] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 69.050796][ T5423] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 69.059339][ T5423] EXT4-fs (loop0): 1 truncate cleaned up
[pid 5425] munmap(0x7fc573dd4000, 262144) = 0
[pid 5425] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5425] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5425] close(3) = 0
[pid 5425] mkdir("./file0", 0777) = 0
[pid 5425] mount("/dev/loop0", "./file0", "ext4", MS_RDONLY|MS_NOSUID|MS_NODEV|MS_MANDLOCK, "nojournal_checksum,nodelalloc,grpjquota=,barrier=0x0000000080000000,data_err=abort,abort,discard,jqf"...) = 0
[pid 5425] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5425] chdir("./file0") = 0
[pid 5425] ioctl(4, LOOP_CLR_FD) = 0
[pid 5425] close(4) = 0
[pid 5425] exit_group(0) = ?
[pid 5425] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5425, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./179", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./179", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555556ae4620 /* 4 entries */, 32768) = 112
umount2("./179/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./179/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./179/binderfs") = 0
umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./179/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./179/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555556aec660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555556aec660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./179/file0") = 0
getdents64(3, 0x555556ae4620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./179") = 0
mkdir("./180", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556ae35d0) = 5427
./strace-static-x86_64: Process 5427 attached
[pid 5427] chdir("./180") = 0
[pid 5427] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5427] setpgid(0, 0) = 0
[pid 5427] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3