./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3230173618 <...> 096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5430] <... write resumed>) = 2097152 [pid 5052] <... unlink resumed>) = 0 [pid 5051] getdents64(4, [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] close(4) = 0 [pid 5047] rmdir("./61/file0" [pid 5430] munmap(0x7f3b887a1000, 138412032 [pid 5052] umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(4, [pid 5047] <... rmdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./61") = 0 [pid 5430] <... munmap resumed>) = 0 [pid 5051] <... close resumed>) = 0 [ 92.042793][ T5429] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5048] <... umount2 resumed>) = 0 [pid 5047] mkdir("./62", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5051] rmdir("./59/file0" [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... rmdir resumed>) = 0 [pid 5430] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5431 ./strace-static-x86_64: Process 5431 attached [pid 5430] <... openat resumed>) = 4 [pid 5048] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5431] set_robust_list(0x555556629660, 24 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5431] <... set_robust_list resumed>) = 0 [pid 5430] ioctl(4, LOOP_SET_FD, 3 [pid 5048] newfstatat(AT_FDCWD, "./61/file0", [pid 5431] chdir("./62" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5431] <... chdir resumed>) = 0 [pid 5048] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5431] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5431] <... prctl resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5431] setpgid(0, 0 [pid 5048] <... openat resumed>) = 4 [pid 5431] <... setpgid resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5431] <... openat resumed>) = 3 [pid 5048] getdents64(4, [pid 5431] write(3, "1000", 4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5431] <... write resumed>) = 4 [pid 5048] getdents64(4, [pid 5431] close(3 [pid 5051] getdents64(3, [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5431] <... close resumed>) = 0 [pid 5048] close(4 [pid 5431] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... close resumed>) = 0 [pid 5431] <... symlink resumed>) = 0 [pid 5048] rmdir("./61/file0" [pid 5431] memfd_create("syzkaller", 0 [pid 5430] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] close(3 [pid 5048] <... rmdir resumed>) = 0 [pid 5430] close(3 [pid 5051] <... close resumed>) = 0 [pid 5048] getdents64(3, [pid 5430] <... close resumed>) = 0 [pid 5051] rmdir("./59" [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5431] <... memfd_create resumed>) = 3 [pid 5048] close(3 [pid 5431] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5430] mkdir("./file0", 0777 [pid 5051] <... rmdir resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5431] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] rmdir("./61" [pid 5430] <... mkdir resumed>) = 0 [pid 5430] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] mkdir("./60", 0777 [pid 5048] <... rmdir resumed>) = 0 [ 92.116799][ T5430] loop2: detected capacity change from 0 to 4096 [pid 5051] <... mkdir resumed>) = 0 [pid 5048] mkdir("./62", 0777 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5432 attached [pid 5432] set_robust_list(0x555556629660, 24 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5432 [pid 5052] newfstatat(AT_FDCWD, "./60/file0", [pid 5051] <... openat resumed>) = 3 [pid 5432] <... set_robust_list resumed>) = 0 [pid 5432] chdir("./62" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5432] <... chdir resumed>) = 0 [pid 5052] umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5432] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5432] <... prctl resumed>) = 0 [pid 5432] setpgid(0, 0) = 0 [pid 5432] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5432] write(3, "1000", 4) = 4 [pid 5052] openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] close(3 [pid 5432] close(3) = 0 [pid 5432] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5429] <... mount resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5051] <... close resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5429] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5432] memfd_create("syzkaller", 0 [pid 5429] <... openat resumed>) = 3 [pid 5429] chdir("./file0" [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5433 [pid 5432] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 5433 attached [pid 5429] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5433] set_robust_list(0x555556629660, 24 [pid 5429] ioctl(4, LOOP_CLR_FD [pid 5433] <... set_robust_list resumed>) = 0 [pid 5052] getdents64(4, [pid 5429] <... ioctl resumed>) = 0 [pid 5433] chdir("./60" [pid 5429] close(4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5433] <... chdir resumed>) = 0 [pid 5429] <... close resumed>) = 0 [ 92.165287][ T5430] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] getdents64(4, [pid 5429] exit_group(0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5433] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5432] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5431] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5429] <... exit_group resumed>) = ? [pid 5052] close(4 [pid 5433] <... prctl resumed>) = 0 [pid 5432] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... close resumed>) = 0 [pid 5433] setpgid(0, 0 [pid 5429] +++ exited with 0 +++ [pid 5052] rmdir("./60/file0" [pid 5433] <... setpgid resumed>) = 0 [pid 5433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... rmdir resumed>) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5429, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5433] <... openat resumed>) = 3 [pid 5050] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5433] write(3, "1000", 4 [pid 5052] getdents64(3, [pid 5050] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5430] <... mount resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] newfstatat(3, "", [pid 5433] <... write resumed>) = 4 [pid 5430] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5433] close(3 [pid 5430] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5050] getdents64(3, [pid 5052] rmdir("./60" [pid 5433] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5430] chdir("./file0" [pid 5433] symlink("/dev/binderfs", "./binderfs" [pid 5430] <... chdir resumed>) = 0 [pid 5050] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5430] ioctl(4, LOOP_CLR_FD) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5433] <... symlink resumed>) = 0 [pid 5430] close(4 [pid 5052] <... rmdir resumed>) = 0 [pid 5433] memfd_create("syzkaller", 0 [pid 5430] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./62/binderfs", [pid 5052] mkdir("./61", 0777 [pid 5430] exit_group(0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5430] <... exit_group resumed>) = ? [pid 5052] <... mkdir resumed>) = 0 [pid 5430] +++ exited with 0 +++ [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] unlink("./62/binderfs" [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5430, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5050] <... unlink resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5433] <... memfd_create resumed>) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5433] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5433] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] close(3 [pid 5049] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] <... close resumed>) = 0 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./62/binderfs") = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5431] <... write resumed>) = 2097152 ./strace-static-x86_64: Process 5434 attached [pid 5432] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... umount2 resumed>) = 0 [pid 5434] set_robust_list(0x555556629660, 24 [pid 5431] munmap(0x7f3b887a1000, 138412032 [pid 5049] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5434] <... set_robust_list resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5434] chdir("./61" [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5434 [pid 5049] newfstatat(AT_FDCWD, "./62/file0", [pid 5434] <... chdir resumed>) = 0 [pid 5431] <... munmap resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5434] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5434] <... prctl resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5434] setpgid(0, 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, [pid 5434] <... setpgid resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] close(4) = 0 [pid 5049] rmdir("./62/file0" [pid 5434] <... openat resumed>) = 3 [pid 5431] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5434] write(3, "1000", 4 [pid 5431] <... openat resumed>) = 4 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5434] <... write resumed>) = 4 [pid 5431] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] close(3 [pid 5431] <... ioctl resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./62" [pid 5434] close(3) = 0 [pid 5434] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... rmdir resumed>) = 0 [pid 5049] mkdir("./63", 0777 [pid 5050] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5434] <... symlink resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./62/file0", [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5434] memfd_create("syzkaller", 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5050] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... ioctl resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] close(3 [pid 5050] <... openat resumed>) = 4 [pid 5049] <... close resumed>) = 0 [pid 5434] <... memfd_create resumed>) = 3 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5434] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5431] close(3) = 0 [pid 5431] mkdir("./file0", 0777) = 0 [pid 5431] mount("/dev/loop0", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 5435 attached [pid 5433] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] newfstatat(4, "", [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5435 [ 92.343223][ T5431] loop0: detected capacity change from 0 to 4096 [pid 5435] set_robust_list(0x555556629660, 24 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5435] <... set_robust_list resumed>) = 0 [pid 5050] getdents64(4, [pid 5432] <... write resumed>) = 2097152 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5435] chdir("./63" [pid 5432] munmap(0x7f3b887a1000, 138412032 [pid 5050] close(4) = 0 [pid 5050] rmdir("./62/file0" [pid 5435] <... chdir resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5432] <... munmap resumed>) = 0 [pid 5432] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5432] ioctl(4, LOOP_SET_FD, 3 [pid 5435] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] getdents64(3, [pid 5435] <... prctl resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5435] setpgid(0, 0 [pid 5050] <... close resumed>) = 0 [pid 5435] <... setpgid resumed>) = 0 [pid 5050] rmdir("./62" [pid 5435] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5434] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... rmdir resumed>) = 0 [pid 5050] mkdir("./63", 0777 [pid 5435] <... openat resumed>) = 3 [pid 5433] <... write resumed>) = 2097152 [pid 5050] <... mkdir resumed>) = 0 [pid 5435] write(3, "1000", 4 [pid 5432] <... ioctl resumed>) = 0 [pid 5431] <... mount resumed>) = 0 [pid 5435] <... write resumed>) = 4 [pid 5431] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5435] close(3 [pid 5431] <... openat resumed>) = 3 [pid 5432] close(3 [pid 5435] <... close resumed>) = 0 [ 92.388531][ T5431] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 92.427564][ T5432] loop1: detected capacity change from 0 to 4096 [pid 5431] chdir("./file0" [pid 5435] symlink("/dev/binderfs", "./binderfs" [pid 5433] munmap(0x7f3b887a1000, 138412032 [pid 5432] <... close resumed>) = 0 [pid 5431] <... chdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5435] <... symlink resumed>) = 0 [pid 5433] <... munmap resumed>) = 0 [pid 5432] mkdir("./file0", 0777 [pid 5435] memfd_create("syzkaller", 0 [pid 5434] <... write resumed>) = 2097152 [pid 5433] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5431] ioctl(4, LOOP_CLR_FD [pid 5050] <... openat resumed>) = 3 [pid 5435] <... memfd_create resumed>) = 3 [pid 5434] munmap(0x7f3b887a1000, 138412032 [pid 5432] <... mkdir resumed>) = 0 [pid 5431] <... ioctl resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5433] <... openat resumed>) = 4 [pid 5432] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5431] close(4 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5435] <... mmap resumed>) = 0x7f3b887a1000 [pid 5434] <... munmap resumed>) = 0 [pid 5433] ioctl(4, LOOP_SET_FD, 3 [pid 5431] <... close resumed>) = 0 [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5431] exit_group(0) = ? [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5436 ./strace-static-x86_64: Process 5436 attached [pid 5434] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5433] <... ioctl resumed>) = 0 [pid 5431] +++ exited with 0 +++ [pid 5434] <... openat resumed>) = 4 [pid 5433] close(3 [pid 5436] set_robust_list(0x555556629660, 24 [pid 5434] ioctl(4, LOOP_SET_FD, 3 [pid 5433] <... close resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5431, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=4 /* 0.04 s */} --- [pid 5436] <... set_robust_list resumed>) = 0 [pid 5047] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5436] chdir("./63" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5436] <... chdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5436] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] <... openat resumed>) = 3 [pid 5436] <... prctl resumed>) = 0 [pid 5047] newfstatat(3, "", [pid 5436] setpgid(0, 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5436] <... setpgid resumed>) = 0 [pid 5047] getdents64(3, [pid 5436] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5436] <... openat resumed>) = 3 [pid 5436] write(3, "1000", 4) = 4 [pid 5047] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5436] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5436] <... close resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./62/binderfs", [pid 5436] symlink("/dev/binderfs", "./binderfs" [pid 5434] <... ioctl resumed>) = 0 [pid 5433] mkdir("./file0", 0777 [pid 5436] <... symlink resumed>) = 0 [pid 5433] <... mkdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5433] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5047] unlink("./62/binderfs") = 0 [ 92.490418][ T5432] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 92.500719][ T5433] loop4: detected capacity change from 0 to 4096 [ 92.514460][ T5434] loop5: detected capacity change from 0 to 4096 [pid 5047] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5434] close(3 [pid 5436] memfd_create("syzkaller", 0 [pid 5434] <... close resumed>) = 0 [pid 5432] <... mount resumed>) = 0 [pid 5436] <... memfd_create resumed>) = 3 [pid 5434] mkdir("./file0", 0777 [pid 5432] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5436] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5434] <... mkdir resumed>) = 0 [pid 5432] <... openat resumed>) = 3 [pid 5434] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5432] chdir("./file0") = 0 [ 92.534908][ T5433] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5432] ioctl(4, LOOP_CLR_FD) = 0 [pid 5432] close(4) = 0 [pid 5432] exit_group(0 [pid 5435] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5432] <... exit_group resumed>) = ? [pid 5432] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5432, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5433] <... mount resumed>) = 0 [pid 5048] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5433] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5433] <... openat resumed>) = 3 [pid 5433] chdir("./file0") = 0 [pid 5048] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", [pid 5433] ioctl(4, LOOP_CLR_FD [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5433] <... ioctl resumed>) = 0 [pid 5436] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5433] close(4) = 0 [pid 5048] getdents64(3, [pid 5047] <... umount2 resumed>) = 0 [pid 5433] exit_group(0) = ? [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5433] +++ exited with 0 +++ [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5433, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5048] newfstatat(AT_FDCWD, "./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] unlink("./62/binderfs" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... unlink resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... openat resumed>) = 3 [pid 5047] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(3, "", [pid 5048] <... umount2 resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 92.583692][ T5434] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5051] getdents64(3, [pid 5048] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./62/file0", [pid 5051] umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(AT_FDCWD, "./62/file0", [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] newfstatat(AT_FDCWD, "./60/binderfs", [pid 5048] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] unlink("./60/binderfs" [pid 5048] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... unlink resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5051] umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./62/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5047] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5048] rmdir("./62" [pid 5047] newfstatat(4, "", [pid 5048] <... rmdir resumed>) = 0 [pid 5048] mkdir("./63", 0777 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] getdents64(4, [pid 5051] <... umount2 resumed>) = 0 [pid 5051] umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5436] <... write resumed>) = 2097152 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... openat resumed>) = 3 [pid 5047] getdents64(4, [pid 5436] munmap(0x7f3b887a1000, 138412032 [pid 5434] <... mount resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./60/file0", [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5434] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] close(4 [pid 5434] <... openat resumed>) = 3 [pid 5051] umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... close resumed>) = 0 [pid 5434] chdir("./file0" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] close(3 [pid 5051] openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5434] <... chdir resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5048] <... close resumed>) = 0 [pid 5047] rmdir("./62/file0" [pid 5434] ioctl(4, LOOP_CLR_FD [pid 5051] newfstatat(4, "", [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5435] <... write resumed>) = 2097152 [pid 5434] <... ioctl resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5051] rmdir("./60/file0" [pid 5047] getdents64(3, [pid 5434] close(4 [pid 5051] <... rmdir resumed>) = 0 [pid 5434] <... close resumed>) = 0 [pid 5051] getdents64(3, [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5436] <... munmap resumed>) = 0 [pid 5434] exit_group(0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3./strace-static-x86_64: Process 5437 attached [pid 5436] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5434] <... exit_group resumed>) = ? [pid 5051] close(3 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5437 [pid 5047] <... close resumed>) = 0 [pid 5437] set_robust_list(0x555556629660, 24 [pid 5435] munmap(0x7f3b887a1000, 138412032 [pid 5434] +++ exited with 0 +++ [pid 5051] <... close resumed>) = 0 [pid 5047] rmdir("./62" [pid 5437] <... set_robust_list resumed>) = 0 [pid 5436] <... openat resumed>) = 4 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5434, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] rmdir("./60" [pid 5436] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5437] chdir("./63" [pid 5052] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5437] <... chdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... rmdir resumed>) = 0 [pid 5437] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] mkdir("./61", 0777 [pid 5437] <... prctl resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5051] <... mkdir resumed>) = 0 [pid 5437] setpgid(0, 0 [pid 5052] newfstatat(3, "", [pid 5437] <... setpgid resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] getdents64(3, [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5047] mkdir("./63", 0777 [pid 5437] <... openat resumed>) = 3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5437] write(3, "1000", 4 [pid 5435] <... munmap resumed>) = 0 [pid 5052] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... openat resumed>) = 3 [pid 5437] <... write resumed>) = 4 [pid 5435] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5437] close(3 [pid 5435] <... openat resumed>) = 4 [pid 5052] newfstatat(AT_FDCWD, "./61/binderfs", [pid 5051] <... ioctl resumed>) = 0 [pid 5437] <... close resumed>) = 0 [pid 5435] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] close(3 [pid 5047] <... mkdir resumed>) = 0 [pid 5437] symlink("/dev/binderfs", "./binderfs" [pid 5436] <... ioctl resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5436] close(3) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5436] mkdir("./file0", 0777 [pid 5052] unlink("./61/binderfs" [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5437] <... symlink resumed>) = 0 [pid 5436] <... mkdir resumed>) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5436] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3) = 0 [pid 5437] memfd_create("syzkaller", 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5438 attached [pid 5438] set_robust_list(0x555556629660, 24 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5438 [pid 5438] <... set_robust_list resumed>) = 0 [pid 5052] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5438] chdir("./63" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5438] <... chdir resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5438] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5437] <... memfd_create resumed>) = 3 [pid 5437] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5435] <... ioctl resumed>) = 0 [pid 5437] <... mmap resumed>) = 0x7f3b887a1000 [pid 5438] <... prctl resumed>) = 0 [pid 5435] close(3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5438] setpgid(0, 0 [pid 5052] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5438] <... setpgid resumed>) = 0 [pid 5435] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5438] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5435] mkdir("./file0", 0777 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5438] <... openat resumed>) = 3 [pid 5435] <... mkdir resumed>) = 0 [pid 5052] getdents64(4, [pid 5438] write(3, "1000", 4 [pid 5435] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5438] <... write resumed>) = 4 [pid 5052] getdents64(4, [pid 5438] close(3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5438] <... close resumed>) = 0 [ 92.731173][ T5436] loop3: detected capacity change from 0 to 4096 [ 92.739674][ T5435] loop2: detected capacity change from 0 to 4096 [ 92.765154][ T5436] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5438] symlink("/dev/binderfs", "./binderfs" [pid 5052] close(4 [pid 5438] <... symlink resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./61/file0" [pid 5051] <... close resumed>) = 0 [pid 5438] memfd_create("syzkaller", 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./61" [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5438] <... memfd_create resumed>) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5052] mkdir("./62", 0777 [pid 5438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5052] <... mkdir resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5439 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR./strace-static-x86_64: Process 5439 attached ) = 3 [pid 5439] set_robust_list(0x555556629660, 24 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5439] <... set_robust_list resumed>) = 0 [pid 5439] chdir("./61" [pid 5436] <... mount resumed>) = 0 [pid 5439] <... chdir resumed>) = 0 [pid 5439] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5436] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5436] chdir("./file0" [ 92.794499][ T5435] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5439] <... prctl resumed>) = 0 [pid 5436] <... chdir resumed>) = 0 [pid 5439] setpgid(0, 0 [pid 5436] ioctl(4, LOOP_CLR_FD [pid 5439] <... setpgid resumed>) = 0 [pid 5436] <... ioctl resumed>) = 0 [pid 5439] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5436] close(4 [pid 5439] write(3, "1000", 4 [pid 5437] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5439] <... write resumed>) = 4 [pid 5438] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5436] <... close resumed>) = 0 [pid 5435] <... mount resumed>) = 0 [pid 5439] close(3 [pid 5436] exit_group(0 [pid 5435] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5439] <... close resumed>) = 0 [pid 5436] <... exit_group resumed>) = ? [pid 5435] <... openat resumed>) = 3 [pid 5439] symlink("/dev/binderfs", "./binderfs" [pid 5436] +++ exited with 0 +++ [pid 5435] chdir("./file0" [pid 5052] <... ioctl resumed>) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5436, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5435] <... chdir resumed>) = 0 [pid 5439] <... symlink resumed>) = 0 [pid 5435] ioctl(4, LOOP_CLR_FD) = 0 [pid 5435] close(4 [pid 5052] close(3 [pid 5050] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5435] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5439] memfd_create("syzkaller", 0 [pid 5435] exit_group(0 [pid 5052] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5435] <... exit_group resumed>) = ? [pid 5439] <... memfd_create resumed>) = 3 [pid 5050] <... openat resumed>) = 3 [pid 5439] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5435] +++ exited with 0 +++ [pid 5439] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] newfstatat(3, "", [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5435, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] getdents64(3, [pid 5049] newfstatat(3, "", [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, ./strace-static-x86_64: Process 5441 attached [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5441 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5437] <... write resumed>) = 2097152 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./63/binderfs", [pid 5441] set_robust_list(0x555556629660, 24 [pid 5050] newfstatat(AT_FDCWD, "./63/binderfs", [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5441] <... set_robust_list resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./63/binderfs" [pid 5441] chdir("./62" [pid 5050] unlink("./63/binderfs" [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... unlink resumed>) = 0 [pid 5050] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5441] <... chdir resumed>) = 0 [pid 5441] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5438] <... write resumed>) = 2097152 [pid 5441] setpgid(0, 0) = 0 [pid 5437] munmap(0x7f3b887a1000, 138412032 [pid 5441] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5437] <... munmap resumed>) = 0 [pid 5441] <... openat resumed>) = 3 [pid 5438] munmap(0x7f3b887a1000, 138412032 [pid 5441] write(3, "1000", 4 [pid 5438] <... munmap resumed>) = 0 [pid 5437] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5441] <... write resumed>) = 4 [pid 5437] <... openat resumed>) = 4 [pid 5438] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5437] ioctl(4, LOOP_SET_FD, 3 [pid 5441] close(3) = 0 [pid 5438] <... openat resumed>) = 4 [pid 5441] symlink("/dev/binderfs", "./binderfs" [pid 5438] ioctl(4, LOOP_SET_FD, 3 [pid 5441] <... symlink resumed>) = 0 [pid 5441] memfd_create("syzkaller", 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5437] <... ioctl resumed>) = 0 [pid 5437] close(3) = 0 [pid 5441] <... memfd_create resumed>) = 3 [pid 5439] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5438] <... ioctl resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5437] mkdir("./file0", 0777 [pid 5441] <... mmap resumed>) = 0x7f3b887a1000 [pid 5438] close(3) = 0 [pid 5050] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./63/file0", [pid 5438] mkdir("./file0", 0777 [pid 5050] newfstatat(AT_FDCWD, "./63/file0", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5438] <... mkdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5438] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5437] <... mkdir resumed>) = 0 [pid 5050] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 93.001685][ T5437] loop1: detected capacity change from 0 to 4096 [ 93.010163][ T5438] loop0: detected capacity change from 0 to 4096 [pid 5049] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... openat resumed>) = 4 [pid 5437] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5050] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] newfstatat(4, "", [pid 5049] getdents64(4, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(4, [pid 5049] close(4 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... close resumed>) = 0 [pid 5050] getdents64(4, [pid 5049] rmdir("./63/file0" [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5050] close(4 [pid 5049] getdents64(3, [pid 5439] <... write resumed>) = 2097152 [pid 5050] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./63") = 0 [pid 5439] munmap(0x7f3b887a1000, 138412032 [pid 5441] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5439] <... munmap resumed>) = 0 [pid 5050] rmdir("./63/file0" [pid 5049] mkdir("./64", 0777 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5439] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5438] <... mount resumed>) = 0 [pid 5437] <... mount resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5050] close(3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5439] <... openat resumed>) = 4 [pid 5438] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5437] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... close resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5439] ioctl(4, LOOP_SET_FD, 3 [pid 5438] <... openat resumed>) = 3 [pid 5437] <... openat resumed>) = 3 [pid 5050] rmdir("./63" [ 93.059247][ T5438] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 93.078413][ T5437] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5049] close(3 [pid 5438] chdir("./file0" [pid 5437] chdir("./file0" [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5050] mkdir("./64", 0777 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5442 attached [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5442] set_robust_list(0x555556629660, 24 [pid 5050] <... openat resumed>) = 3 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5442 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5442] <... set_robust_list resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5442] chdir("./64" [pid 5050] close(3 [pid 5442] <... chdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5442] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5442] <... prctl resumed>) = 0 [pid 5442] setpgid(0, 0) = 0 [pid 5442] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5438] <... chdir resumed>) = 0 [pid 5437] <... chdir resumed>) = 0 [pid 5442] <... openat resumed>) = 3 [pid 5442] write(3, "1000", 4) = 4 [pid 5442] close(3./strace-static-x86_64: Process 5443 attached ) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5443 [pid 5443] set_robust_list(0x555556629660, 24 [pid 5442] symlink("/dev/binderfs", "./binderfs" [pid 5443] <... set_robust_list resumed>) = 0 [pid 5442] <... symlink resumed>) = 0 [pid 5438] ioctl(4, LOOP_CLR_FD [pid 5437] ioctl(4, LOOP_CLR_FD [pid 5443] chdir("./64" [pid 5442] memfd_create("syzkaller", 0 [pid 5443] <... chdir resumed>) = 0 [pid 5437] <... ioctl resumed>) = 0 [pid 5443] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5438] <... ioctl resumed>) = 0 [pid 5437] close(4 [pid 5443] <... prctl resumed>) = 0 [pid 5443] setpgid(0, 0 [pid 5442] <... memfd_create resumed>) = 3 [pid 5438] close(4 [pid 5437] <... close resumed>) = 0 [pid 5443] <... setpgid resumed>) = 0 [pid 5442] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5438] <... close resumed>) = 0 [pid 5437] exit_group(0 [pid 5443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5442] <... mmap resumed>) = 0x7f3b887a1000 [pid 5439] <... ioctl resumed>) = 0 [pid 5437] <... exit_group resumed>) = ? [pid 5443] <... openat resumed>) = 3 [pid 5437] +++ exited with 0 +++ [pid 5443] write(3, "1000", 4) = 4 [pid 5438] exit_group(0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5437, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5439] close(3 [pid 5438] <... exit_group resumed>) = ? [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5439] <... close resumed>) = 0 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5443] close(3) = 0 [pid 5443] symlink("/dev/binderfs", "./binderfs" [pid 5048] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5439] mkdir("./file0", 0777 [pid 5443] <... symlink resumed>) = 0 [pid 5438] +++ exited with 0 +++ [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5443] memfd_create("syzkaller", 0 [pid 5441] <... write resumed>) = 2097152 [pid 5439] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5438, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5048] <... openat resumed>) = 3 [ 93.116817][ T5439] loop4: detected capacity change from 0 to 4096 [pid 5439] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5441] munmap(0x7f3b887a1000, 138412032 [pid 5048] newfstatat(3, "", [pid 5443] <... memfd_create resumed>) = 3 [pid 5443] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./63/binderfs") = 0 [pid 5048] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5441] <... munmap resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5441] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] <... openat resumed>) = 3 [pid 5441] <... openat resumed>) = 4 [pid 5047] newfstatat(3, "", [pid 5441] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./63/binderfs", [pid 5441] <... ioctl resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5441] close(3 [pid 5047] unlink("./63/binderfs" [pid 5441] <... close resumed>) = 0 [pid 5441] mkdir("./file0", 0777 [pid 5047] <... unlink resumed>) = 0 [pid 5441] <... mkdir resumed>) = 0 [ 93.183666][ T5439] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 93.204510][ T5441] loop5: detected capacity change from 0 to 4096 [pid 5047] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5441] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5047] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./63/file0", [pid 5048] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] newfstatat(AT_FDCWD, "./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5442] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] newfstatat(4, "", [pid 5048] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] getdents64(4, [pid 5048] newfstatat(4, "", [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5048] getdents64(4, [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... close resumed>) = 0 [pid 5048] getdents64(4, [pid 5047] rmdir("./63/file0" [pid 5443] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./63/file0" [pid 5047] <... rmdir resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(3, [pid 5047] close(3 [ 93.236875][ T5441] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5439] <... mount resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./63" [pid 5439] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] close(3 [pid 5047] <... rmdir resumed>) = 0 [pid 5439] <... openat resumed>) = 3 [pid 5441] <... mount resumed>) = 0 [pid 5439] chdir("./file0" [pid 5047] mkdir("./64", 0777 [pid 5439] <... chdir resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./63" [pid 5439] ioctl(4, LOOP_CLR_FD [pid 5047] <... mkdir resumed>) = 0 [pid 5441] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5439] <... ioctl resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5439] close(4 [pid 5441] <... openat resumed>) = 3 [pid 5441] chdir("./file0" [pid 5439] <... close resumed>) = 0 [pid 5048] mkdir("./64", 0777 [pid 5047] <... openat resumed>) = 3 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5439] exit_group(0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5441] <... chdir resumed>) = 0 [pid 5439] <... exit_group resumed>) = ? [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5441] ioctl(4, LOOP_CLR_FD [pid 5048] <... close resumed>) = 0 [pid 5047] close(3 [pid 5441] <... ioctl resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5441] close(4 [pid 5439] +++ exited with 0 +++ [pid 5047] <... close resumed>) = 0 [pid 5441] <... close resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5439, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5444 ./strace-static-x86_64: Process 5444 attached [pid 5441] exit_group(0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5441] <... exit_group resumed>) = ? [pid 5444] set_robust_list(0x555556629660, 24 [pid 5051] umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5445 attached [pid 5444] <... set_robust_list resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5444] chdir("./64" [pid 5051] <... openat resumed>) = 3 [pid 5445] set_robust_list(0x555556629660, 24 [pid 5441] +++ exited with 0 +++ [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5445] <... set_robust_list resumed>) = 0 [pid 5444] <... chdir resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5441, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5051] getdents64(3, [pid 5445] chdir("./64") = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5445] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5445] <... prctl resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5445] setpgid(0, 0 [pid 5052] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(3, "", [pid 5051] newfstatat(AT_FDCWD, "./61/binderfs", [pid 5445] <... setpgid resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5445] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] getdents64(3, [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5445] <... openat resumed>) = 3 [pid 5444] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] unlink("./61/binderfs" [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5445 [pid 5445] write(3, "1000", 4 [pid 5444] <... prctl resumed>) = 0 [pid 5052] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... unlink resumed>) = 0 [pid 5051] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5444] setpgid(0, 0 [pid 5445] <... write resumed>) = 4 [pid 5444] <... setpgid resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./62/binderfs", [pid 5444] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5444] <... openat resumed>) = 3 [pid 5052] unlink("./62/binderfs" [pid 5445] close(3 [pid 5444] write(3, "1000", 4 [pid 5442] <... write resumed>) = 2097152 [pid 5445] <... close resumed>) = 0 [pid 5444] <... write resumed>) = 4 [pid 5443] <... write resumed>) = 2097152 [pid 5052] <... unlink resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5445] symlink("/dev/binderfs", "./binderfs" [pid 5444] close(3 [pid 5442] munmap(0x7f3b887a1000, 138412032 [pid 5052] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5444] <... close resumed>) = 0 [pid 5051] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./61/file0", [pid 5444] symlink("/dev/binderfs", "./binderfs" [pid 5442] <... munmap resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5443] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", [pid 5444] <... symlink resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5445] <... symlink resumed>) = 0 [pid 5051] getdents64(4, [pid 5445] memfd_create("syzkaller", 0 [pid 5443] <... munmap resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5444] memfd_create("syzkaller", 0 [pid 5051] rmdir("./61/file0" [pid 5445] <... memfd_create resumed>) = 3 [pid 5443] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5442] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... rmdir resumed>) = 0 [pid 5445] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5443] <... openat resumed>) = 4 [pid 5442] <... openat resumed>) = 4 [pid 5445] <... mmap resumed>) = 0x7f3b887a1000 [pid 5444] <... memfd_create resumed>) = 3 [pid 5442] ioctl(4, LOOP_SET_FD, 3 [pid 5443] ioctl(4, LOOP_SET_FD, 3 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5444] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5442] <... ioctl resumed>) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./61") = 0 [pid 5051] mkdir("./62", 0777 [pid 5444] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... mkdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = 0 [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5446 [pid 5052] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5446 attached [pid 5446] set_robust_list(0x555556629660, 24) = 0 [pid 5446] chdir("./62") = 0 [pid 5446] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5446] setpgid(0, 0) = 0 [pid 5446] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5446] write(3, "1000", 4 [pid 5443] <... ioctl resumed>) = 0 [pid 5446] <... write resumed>) = 4 [pid 5443] close(3 [pid 5446] close(3) = 0 [pid 5443] <... close resumed>) = 0 [pid 5446] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5443] mkdir("./file0", 0777) = 0 [ 93.374042][ T5442] loop2: detected capacity change from 0 to 4096 [ 93.374643][ T5443] loop3: detected capacity change from 0 to 4096 [pid 5443] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5446] memfd_create("syzkaller", 0) = 3 [pid 5446] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5442] close(3 [pid 5052] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5442] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5442] mkdir("./file0", 0777 [pid 5052] newfstatat(AT_FDCWD, "./62/file0", [pid 5442] <... mkdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5442] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./62/file0") = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./62") = 0 [pid 5052] mkdir("./63", 0777) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [ 93.427374][ T5443] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 93.459469][ T5442] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5444] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5445] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5447 attached [pid 5443] <... mount resumed>) = 0 [pid 5447] set_robust_list(0x555556629660, 24 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5447 [pid 5447] <... set_robust_list resumed>) = 0 [pid 5443] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5447] chdir("./63" [pid 5443] <... openat resumed>) = 3 [pid 5443] chdir("./file0") = 0 [pid 5443] ioctl(4, LOOP_CLR_FD) = 0 [pid 5443] close(4) = 0 [pid 5443] exit_group(0 [pid 5447] <... chdir resumed>) = 0 [pid 5443] <... exit_group resumed>) = ? [pid 5447] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5443] +++ exited with 0 +++ [pid 5447] <... prctl resumed>) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5443, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5050] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5447] setpgid(0, 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5447] <... setpgid resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5447] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5446] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5447] <... openat resumed>) = 3 [pid 5447] write(3, "1000", 4 [pid 5050] unlink("./64/binderfs" [pid 5447] <... write resumed>) = 4 [pid 5050] <... unlink resumed>) = 0 [pid 5050] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5447] close(3) = 0 [pid 5447] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5445] <... write resumed>) = 2097152 [pid 5447] memfd_create("syzkaller", 0) = 3 [pid 5447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5445] munmap(0x7f3b887a1000, 138412032 [pid 5444] <... write resumed>) = 2097152 [pid 5445] <... munmap resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5442] <... mount resumed>) = 0 [pid 5445] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5442] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5442] chdir("./file0" [pid 5445] <... openat resumed>) = 4 [pid 5442] <... chdir resumed>) = 0 [pid 5445] ioctl(4, LOOP_SET_FD, 3 [pid 5446] <... write resumed>) = 2097152 [pid 5444] munmap(0x7f3b887a1000, 138412032 [pid 5442] ioctl(4, LOOP_CLR_FD) = 0 [pid 5050] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5442] close(4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5442] <... close resumed>) = 0 [pid 5446] munmap(0x7f3b887a1000, 138412032 [pid 5445] <... ioctl resumed>) = 0 [pid 5444] <... munmap resumed>) = 0 [pid 5050] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5444] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5442] exit_group(0 [pid 5050] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5446] <... munmap resumed>) = 0 [pid 5445] close(3 [pid 5444] <... openat resumed>) = 4 [pid 5442] <... exit_group resumed>) = ? [pid 5050] <... openat resumed>) = 4 [pid 5445] <... close resumed>) = 0 [pid 5444] ioctl(4, LOOP_SET_FD, 3 [pid 5050] newfstatat(4, "", [pid 5445] mkdir("./file0", 0777 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5445] <... mkdir resumed>) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [ 93.623059][ T5445] loop0: detected capacity change from 0 to 4096 [pid 5445] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5050] getdents64(4, [pid 5446] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./64/file0" [pid 5446] <... openat resumed>) = 4 [pid 5050] <... rmdir resumed>) = 0 [pid 5446] ioctl(4, LOOP_SET_FD, 3 [pid 5050] getdents64(3, [pid 5447] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5442] +++ exited with 0 +++ [pid 5050] rmdir("./64") = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5442, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5050] mkdir("./65", 0777) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5049] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... openat resumed>) = 3 [pid 5444] <... ioctl resumed>) = 0 [pid 5050] close(3 [pid 5049] newfstatat(3, "", [pid 5444] close(3 [pid 5050] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5444] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] getdents64(3, [pid 5444] mkdir("./file0", 0777 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5448 [pid 5049] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5444] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5448 attached [pid 5049] newfstatat(AT_FDCWD, "./64/binderfs", [pid 5448] set_robust_list(0x555556629660, 24 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./64/binderfs") = 0 [pid 5448] <... set_robust_list resumed>) = 0 [pid 5049] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5448] chdir("./65" [pid 5444] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5049] <... umount2 resumed>) = 0 [pid 5448] <... chdir resumed>) = 0 [ 93.666757][ T5445] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 93.666869][ T5444] loop1: detected capacity change from 0 to 4096 [ 93.679485][ T5446] loop4: detected capacity change from 0 to 4096 [pid 5049] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5448] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5446] <... ioctl resumed>) = 0 [pid 5448] <... prctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5448] setpgid(0, 0 [pid 5446] close(3 [pid 5049] newfstatat(AT_FDCWD, "./64/file0", [pid 5448] <... setpgid resumed>) = 0 [pid 5446] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5448] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... openat resumed>) = 4 [pid 5446] mkdir("./file0", 0777 [pid 5049] newfstatat(4, "", [pid 5446] <... mkdir resumed>) = 0 [pid 5448] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5448] write(3, "1000", 4 [pid 5049] getdents64(4, [pid 5448] <... write resumed>) = 4 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5448] close(3 [pid 5049] close(4 [pid 5448] <... close resumed>) = 0 [pid 5448] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... close resumed>) = 0 [pid 5448] <... symlink resumed>) = 0 [pid 5446] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] rmdir("./64/file0") = 0 [pid 5448] memfd_create("syzkaller", 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./64" [pid 5447] <... write resumed>) = 2097152 [pid 5049] <... rmdir resumed>) = 0 [pid 5448] <... memfd_create resumed>) = 3 [pid 5049] mkdir("./65", 0777 [pid 5448] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5448] <... mmap resumed>) = 0x7f3b887a1000 [pid 5447] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [ 93.728064][ T5444] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 93.755371][ T5446] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5447] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5447] <... openat resumed>) = 4 [pid 5447] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5449 [pid 5444] <... mount resumed>) = 0 [pid 5444] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 5449 attached [pid 5447] <... ioctl resumed>) = 0 [pid 5445] <... mount resumed>) = 0 [pid 5449] set_robust_list(0x555556629660, 24 [pid 5447] close(3 [pid 5444] <... openat resumed>) = 3 [pid 5449] <... set_robust_list resumed>) = 0 [pid 5447] <... close resumed>) = 0 [pid 5445] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5444] chdir("./file0" [pid 5449] chdir("./65" [pid 5447] mkdir("./file0", 0777 [pid 5446] <... mount resumed>) = 0 [pid 5445] <... openat resumed>) = 3 [pid 5444] <... chdir resumed>) = 0 [pid 5449] <... chdir resumed>) = 0 [pid 5447] <... mkdir resumed>) = 0 [pid 5446] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5445] chdir("./file0" [pid 5444] ioctl(4, LOOP_CLR_FD [pid 5449] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5446] <... openat resumed>) = 3 [pid 5445] <... chdir resumed>) = 0 [pid 5444] <... ioctl resumed>) = 0 [pid 5446] chdir("./file0" [pid 5445] ioctl(4, LOOP_CLR_FD [pid 5444] close(4 [pid 5449] <... prctl resumed>) = 0 [pid 5444] <... close resumed>) = 0 [pid 5449] setpgid(0, 0) = 0 [pid 5447] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5449] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 93.789791][ T5447] loop5: detected capacity change from 0 to 4096 [pid 5449] write(3, "1000", 4) = 4 [pid 5449] close(3) = 0 [pid 5449] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5446] <... chdir resumed>) = 0 [pid 5445] <... ioctl resumed>) = 0 [pid 5444] exit_group(0 [pid 5446] ioctl(4, LOOP_CLR_FD [pid 5445] close(4 [pid 5444] <... exit_group resumed>) = ? [pid 5446] <... ioctl resumed>) = 0 [pid 5445] <... close resumed>) = 0 [pid 5449] memfd_create("syzkaller", 0 [pid 5446] close(4 [pid 5445] exit_group(0 [pid 5444] +++ exited with 0 +++ [pid 5445] <... exit_group resumed>) = ? [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5444, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5446] <... close resumed>) = 0 [pid 5446] exit_group(0) = ? [pid 5048] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5449] <... memfd_create resumed>) = 3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5449] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5449] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... openat resumed>) = 3 [pid 5446] +++ exited with 0 +++ [pid 5445] +++ exited with 0 +++ [pid 5048] newfstatat(3, "", [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5445, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5448] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5446, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=4 /* 0.04 s */} --- [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... openat resumed>) = 3 [pid 5048] newfstatat(AT_FDCWD, "./64/binderfs", [pid 5047] newfstatat(3, "", [pid 5051] umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] unlink("./64/binderfs" [pid 5047] getdents64(3, [pid 5051] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 5048] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./64/binderfs", [pid 5051] newfstatat(AT_FDCWD, "./62/binderfs", [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./64/binderfs" [pid 5051] unlink("./62/binderfs") = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5051] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 93.834494][ T5447] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5047] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5448] <... write resumed>) = 2097152 [pid 5051] <... umount2 resumed>) = 0 [pid 5051] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5449] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./62/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3 [pid 5447] <... mount resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5448] munmap(0x7f3b887a1000, 138412032 [pid 5447] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] rmdir("./62" [pid 5447] <... openat resumed>) = 3 [pid 5051] <... rmdir resumed>) = 0 [pid 5448] <... munmap resumed>) = 0 [pid 5447] chdir("./file0" [pid 5051] mkdir("./63", 0777 [pid 5447] <... chdir resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5447] ioctl(4, LOOP_CLR_FD) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5447] close(4 [pid 5047] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5447] <... close resumed>) = 0 [pid 5447] exit_group(0) = ? [pid 5447] +++ exited with 0 +++ [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5447, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./64/file0", [pid 5051] <... openat resumed>) = 3 [pid 5052] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5448] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... ioctl resumed>) = 0 [pid 5047] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5448] <... openat resumed>) = 4 [pid 5052] <... openat resumed>) = 3 [pid 5051] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5449] <... write resumed>) = 2097152 [pid 5448] ioctl(4, LOOP_SET_FD, 3 [pid 5052] newfstatat(3, "", [pid 5047] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5449] munmap(0x7f3b887a1000, 138412032 [pid 5448] <... ioctl resumed>) = 0 [pid 5052] getdents64(3, [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] newfstatat(4, "", [pid 5052] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(4, [pid 5052] newfstatat(AT_FDCWD, "./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5448] close(3 [pid 5052] unlink("./63/binderfs" [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5448] <... close resumed>) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5048] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(4, [pid 5052] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5448] mkdir("./file0", 0777 [pid 5048] newfstatat(AT_FDCWD, "./64/file0", [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5448] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] close(4 [pid 5449] <... munmap resumed>) = 0 [pid 5048] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... close resumed>) = 0 [pid 5449] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] rmdir("./64/file0" [pid 5048] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5449] <... openat resumed>) = 4 [pid 5048] <... openat resumed>) = 4 [pid 5047] <... rmdir resumed>) = 0 [pid 5449] ioctl(4, LOOP_SET_FD, 3 [pid 5448] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5048] newfstatat(4, "", [pid 5047] getdents64(3, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./64/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5449] <... ioctl resumed>) = 0 [pid 5048] close(3 [pid 5047] close(3 [pid 5052] <... umount2 resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5048] rmdir("./64") = 0 [pid 5048] mkdir("./65", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5047] rmdir("./64" [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5047] <... rmdir resumed>) = 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] mkdir("./65", 0777 [pid 5048] close(3) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5450 attached [pid 5051] <... close resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5450 [pid 5450] set_robust_list(0x555556629660, 24 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5450] <... set_robust_list resumed>) = 0 [pid 5450] chdir("./65" [pid 5047] <... openat resumed>) = 3 [pid 5450] <... chdir resumed>) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5450] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5450] setpgid(0, 0 [pid 5047] close(3 [pid 5450] <... setpgid resumed>) = 0 [pid 5450] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5451 [pid 5450] <... openat resumed>) = 3 [pid 5450] write(3, "1000", 4) = 4 [pid 5450] close(3 [pid 5449] close(3 [pid 5047] <... close resumed>) = 0 [pid 5450] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5450] symlink("/dev/binderfs", "./binderfs" [pid 5449] <... close resumed>) = 0 [pid 5450] <... symlink resumed>) = 0 [pid 5449] mkdir("./file0", 0777./strace-static-x86_64: Process 5453 attached ./strace-static-x86_64: Process 5451 attached [pid 5450] memfd_create("syzkaller", 0 [pid 5449] <... mkdir resumed>) = 0 [pid 5052] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5453 [pid 5453] set_robust_list(0x555556629660, 24 [pid 5451] set_robust_list(0x555556629660, 24 [pid 5449] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 94.014794][ T5448] loop3: detected capacity change from 0 to 4096 [ 94.045329][ T5449] loop2: detected capacity change from 0 to 4096 [ 94.053431][ T5448] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5453] <... set_robust_list resumed>) = 0 [pid 5451] <... set_robust_list resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./63/file0", [pid 5450] <... memfd_create resumed>) = 3 [pid 5450] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5453] chdir("./65" [pid 5451] chdir("./63" [pid 5052] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5453] <... chdir resumed>) = 0 [pid 5451] <... chdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5451] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5453] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5451] <... prctl resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5453] setpgid(0, 0 [pid 5451] setpgid(0, 0 [pid 5052] newfstatat(4, "", [pid 5453] <... setpgid resumed>) = 0 [pid 5451] <... setpgid resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5453] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5451] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] getdents64(4, [pid 5453] <... openat resumed>) = 3 [pid 5451] <... openat resumed>) = 3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5453] write(3, "1000", 4 [pid 5451] write(3, "1000", 4 [pid 5052] getdents64(4, [pid 5453] <... write resumed>) = 4 [pid 5451] <... write resumed>) = 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5453] close(3 [pid 5451] close(3 [pid 5052] close(4 [pid 5453] <... close resumed>) = 0 [pid 5451] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5453] symlink("/dev/binderfs", "./binderfs" [pid 5451] symlink("/dev/binderfs", "./binderfs" [pid 5052] rmdir("./63/file0" [pid 5453] <... symlink resumed>) = 0 [pid 5451] <... symlink resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5453] memfd_create("syzkaller", 0 [pid 5451] memfd_create("syzkaller", 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5453] <... memfd_create resumed>) = 3 [pid 5052] close(3) = 0 [pid 5453] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5451] <... memfd_create resumed>) = 3 [pid 5052] rmdir("./63" [pid 5453] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... rmdir resumed>) = 0 [ 94.094915][ T5449] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] mkdir("./64", 0777 [pid 5451] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5451] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5449] <... mount resumed>) = 0 [pid 5449] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3) = 0 [pid 5449] <... openat resumed>) = 3 [pid 5449] chdir("./file0") = 0 [pid 5448] <... mount resumed>) = 0 [pid 5449] ioctl(4, LOOP_CLR_FD) = 0 [pid 5449] close(4) = 0 [pid 5449] exit_group(0) = ? [pid 5448] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5449] +++ exited with 0 +++ [pid 5448] <... openat resumed>) = 3 [pid 5448] chdir("./file0") = 0 [pid 5448] ioctl(4, LOOP_CLR_FD) = 0 [pid 5448] close(4 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5448] <... close resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5449, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5448] exit_group(0./strace-static-x86_64: Process 5455 attached ) = ? [pid 5455] set_robust_list(0x555556629660, 24 [pid 5448] +++ exited with 0 +++ [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5455 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5448, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5049] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5455] <... set_robust_list resumed>) = 0 [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5455] chdir("./64" [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5455] <... chdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5455] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5450] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] newfstatat(3, "", [pid 5455] <... prctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5455] setpgid(0, 0 [pid 5050] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, [pid 5455] <... setpgid resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5455] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5455] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5455] write(3, "1000", 4 [pid 5050] newfstatat(3, "", [pid 5049] newfstatat(AT_FDCWD, "./65/binderfs", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5455] <... write resumed>) = 4 [pid 5050] getdents64(3, [pid 5049] unlink("./65/binderfs" [pid 5455] close(3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... unlink resumed>) = 0 [pid 5455] <... close resumed>) = 0 [pid 5453] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5451] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5455] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5455] <... symlink resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./65/binderfs" [pid 5455] memfd_create("syzkaller", 0 [pid 5050] <... unlink resumed>) = 0 [pid 5050] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5455] <... memfd_create resumed>) = 3 [pid 5455] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5049] <... umount2 resumed>) = 0 [pid 5049] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./65/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3 [pid 5450] <... write resumed>) = 2097152 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./65") = 0 [pid 5049] mkdir("./66", 0777) = 0 [pid 5453] <... write resumed>) = 2097152 [pid 5451] <... write resumed>) = 2097152 [pid 5450] munmap(0x7f3b887a1000, 138412032 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5453] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... openat resumed>) = 3 [pid 5453] <... munmap resumed>) = 0 [pid 5451] munmap(0x7f3b887a1000, 138412032 [pid 5450] <... munmap resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5456 attached [pid 5453] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5451] <... munmap resumed>) = 0 [pid 5450] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5450] ioctl(4, LOOP_SET_FD, 3 [pid 5456] set_robust_list(0x555556629660, 24 [pid 5453] <... openat resumed>) = 4 [pid 5451] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5450] <... ioctl resumed>) = 0 [pid 5456] <... set_robust_list resumed>) = 0 [pid 5453] ioctl(4, LOOP_SET_FD, 3 [pid 5451] <... openat resumed>) = 4 [pid 5456] chdir("./66" [pid 5455] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5453] <... ioctl resumed>) = 0 [pid 5451] ioctl(4, LOOP_SET_FD, 3 [pid 5450] close(3 [pid 5050] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5456 [pid 5456] <... chdir resumed>) = 0 [pid 5453] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5456] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5450] <... close resumed>) = 0 [pid 5050] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5456] <... prctl resumed>) = 0 [pid 5453] <... close resumed>) = 0 [pid 5451] <... ioctl resumed>) = 0 [pid 5450] mkdir("./file0", 0777 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5456] setpgid(0, 0 [pid 5453] mkdir("./file0", 0777 [pid 5451] close(3 [pid 5450] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5456] <... setpgid resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5453] <... mkdir resumed>) = 0 [pid 5050] newfstatat(4, "", [pid 5456] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5451] <... close resumed>) = 0 [pid 5456] <... openat resumed>) = 3 [pid 5453] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5451] mkdir("./file0", 0777 [pid 5450] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5456] write(3, "1000", 4) = 4 [ 94.344850][ T5450] loop1: detected capacity change from 0 to 4096 [ 94.353055][ T5453] loop0: detected capacity change from 0 to 4096 [ 94.364840][ T5451] loop4: detected capacity change from 0 to 4096 [ 94.386294][ T5450] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5456] close(3 [pid 5451] <... mkdir resumed>) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./65/file0") = 0 [pid 5050] getdents64(3, [pid 5456] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./65") = 0 [pid 5456] symlink("/dev/binderfs", "./binderfs" [pid 5451] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5050] mkdir("./66", 0777) = 0 [pid 5456] <... symlink resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5458 attached [pid 5458] set_robust_list(0x555556629660, 24 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5458 [pid 5458] <... set_robust_list resumed>) = 0 [pid 5458] chdir("./66") = 0 [pid 5458] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5458] setpgid(0, 0) = 0 [pid 5458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5458] write(3, "1000", 4) = 4 [pid 5458] close(3) = 0 [pid 5458] symlink("/dev/binderfs", "./binderfs" [pid 5456] memfd_create("syzkaller", 0 [pid 5458] <... symlink resumed>) = 0 [pid 5456] <... memfd_create resumed>) = 3 [pid 5458] memfd_create("syzkaller", 0 [pid 5456] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5455] <... write resumed>) = 2097152 [pid 5455] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5458] <... memfd_create resumed>) = 3 [pid 5458] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5456] <... mmap resumed>) = 0x7f3b887a1000 [ 94.386574][ T5453] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 94.420785][ T5451] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5455] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5451] <... mount resumed>) = 0 [pid 5450] <... mount resumed>) = 0 [pid 5455] <... openat resumed>) = 4 [pid 5455] ioctl(4, LOOP_SET_FD, 3 [pid 5451] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5450] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5451] <... openat resumed>) = 3 [pid 5450] <... openat resumed>) = 3 [pid 5451] chdir("./file0" [pid 5450] chdir("./file0" [pid 5451] <... chdir resumed>) = 0 [pid 5450] <... chdir resumed>) = 0 [pid 5450] ioctl(4, LOOP_CLR_FD [pid 5451] ioctl(4, LOOP_CLR_FD [pid 5450] <... ioctl resumed>) = 0 [pid 5450] close(4) = 0 [pid 5455] <... ioctl resumed>) = 0 [pid 5455] close(3) = 0 [pid 5455] mkdir("./file0", 0777 [pid 5451] <... ioctl resumed>) = 0 [pid 5450] exit_group(0 [pid 5455] <... mkdir resumed>) = 0 [pid 5451] close(4 [pid 5450] <... exit_group resumed>) = ? [pid 5455] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5451] <... close resumed>) = 0 [pid 5451] exit_group(0) = ? [pid 5450] +++ exited with 0 +++ [pid 5456] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5450, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5451] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5451, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5051] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5051] umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... openat resumed>) = 3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] newfstatat(3, "", [pid 5048] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, [pid 5051] getdents64(3, [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./65/binderfs" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./63/binderfs", [pid 5048] <... unlink resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./63/binderfs" [pid 5048] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... unlink resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [ 94.484329][ T5455] loop5: detected capacity change from 0 to 4096 [ 94.514121][ T5455] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5051] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5458] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5453] <... mount resumed>) = 0 [pid 5048] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5453] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5453] <... openat resumed>) = 3 [pid 5048] newfstatat(AT_FDCWD, "./65/file0", [pid 5453] chdir("./file0") = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5453] ioctl(4, LOOP_CLR_FD [pid 5048] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5453] <... ioctl resumed>) = 0 [pid 5453] close(4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5456] <... write resumed>) = 2097152 [pid 5453] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5051] <... umount2 resumed>) = 0 [pid 5051] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(4, "", [pid 5456] munmap(0x7f3b887a1000, 138412032 [pid 5453] exit_group(0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5453] <... exit_group resumed>) = ? [pid 5051] newfstatat(AT_FDCWD, "./63/file0", [pid 5048] getdents64(4, [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] newfstatat(4, "", [pid 5048] close(4 [pid 5456] <... munmap resumed>) = 0 [pid 5453] +++ exited with 0 +++ [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... close resumed>) = 0 [pid 5456] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] getdents64(4, [pid 5048] rmdir("./65/file0" [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5453, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5048] <... rmdir resumed>) = 0 [pid 5456] <... openat resumed>) = 4 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(3, [pid 5456] ioctl(4, LOOP_SET_FD, 3 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] close(4 [pid 5048] close(3 [pid 5047] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... close resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5051] rmdir("./63/file0" [pid 5048] rmdir("./65" [pid 5051] <... rmdir resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] newfstatat(3, "", [pid 5051] getdents64(3, [pid 5048] mkdir("./66", 0777 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] getdents64(3, [pid 5051] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] rmdir("./63" [pid 5048] <... openat resumed>) = 3 [pid 5051] <... rmdir resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5047] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] mkdir("./64", 0777 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5456] <... ioctl resumed>) = 0 [pid 5455] <... mount resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5048] close(3 [pid 5047] newfstatat(AT_FDCWD, "./65/binderfs", [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5458] <... write resumed>) = 2097152 [pid 5051] <... openat resumed>) = 3 [pid 5048] <... close resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5455] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5456] close(3 [pid 5455] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] unlink("./65/binderfs" [pid 5455] chdir("./file0") = 0 [pid 5455] ioctl(4, LOOP_CLR_FD) = 0 [pid 5455] close(4) = 0 [pid 5455] exit_group(0 [pid 5458] munmap(0x7f3b887a1000, 138412032 [pid 5455] <... exit_group resumed>) = ? [pid 5456] <... close resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... unlink resumed>) = 0 [pid 5456] mkdir("./file0", 0777 [pid 5051] close(3 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5459 [pid 5047] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 ./strace-static-x86_64: Process 5459 attached [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5459] set_robust_list(0x555556629660, 24) = 0 [pid 5459] chdir("./66" [pid 5456] <... mkdir resumed>) = 0 [pid 5459] <... chdir resumed>) = 0 [pid 5459] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 94.628930][ T5456] loop2: detected capacity change from 0 to 4096 [pid 5459] setpgid(0, 0./strace-static-x86_64: Process 5460 attached ) = 0 [pid 5456] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5455] +++ exited with 0 +++ [pid 5460] set_robust_list(0x555556629660, 24 [pid 5459] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5458] <... munmap resumed>) = 0 [pid 5460] <... set_robust_list resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5455, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5460 [pid 5459] <... openat resumed>) = 3 [pid 5459] write(3, "1000", 4 [pid 5458] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5459] <... write resumed>) = 4 [pid 5458] <... openat resumed>) = 4 [pid 5459] close(3 [pid 5458] ioctl(4, LOOP_SET_FD, 3 [pid 5460] chdir("./64" [pid 5459] <... close resumed>) = 0 [pid 5460] <... chdir resumed>) = 0 [pid 5459] symlink("/dev/binderfs", "./binderfs" [pid 5460] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5459] <... symlink resumed>) = 0 [pid 5052] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5460] setpgid(0, 0 [pid 5459] memfd_create("syzkaller", 0 [pid 5460] <... setpgid resumed>) = 0 [pid 5459] <... memfd_create resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5459] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5460] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5459] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... openat resumed>) = 3 [pid 5460] <... openat resumed>) = 3 [pid 5460] write(3, "1000", 4 [pid 5052] newfstatat(3, "", [pid 5460] <... write resumed>) = 4 [pid 5460] close(3) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5460] symlink("/dev/binderfs", "./binderfs" [pid 5052] getdents64(3, [pid 5460] <... symlink resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5458] <... ioctl resumed>) = 0 [pid 5052] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5458] close(3 [pid 5052] newfstatat(AT_FDCWD, "./64/binderfs", [pid 5458] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5460] memfd_create("syzkaller", 0 [pid 5458] mkdir("./file0", 0777 [pid 5052] unlink("./64/binderfs" [pid 5047] <... umount2 resumed>) = 0 [pid 5047] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... unlink resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 94.676272][ T5456] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 94.679883][ T5458] loop3: detected capacity change from 0 to 4096 [pid 5460] <... memfd_create resumed>) = 3 [pid 5052] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(AT_FDCWD, "./65/file0", [pid 5460] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5458] <... mkdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5458] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5047] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5456] <... mount resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5047] newfstatat(4, "", [pid 5456] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5456] <... openat resumed>) = 3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5456] chdir("./file0") = 0 [pid 5047] getdents64(4, [pid 5456] ioctl(4, LOOP_CLR_FD [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4 [pid 5456] <... ioctl resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5456] close(4 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] rmdir("./65/file0" [pid 5456] <... close resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5459] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5456] exit_group(0 [ 94.747298][ T5458] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5052] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(3, [pid 5456] <... exit_group resumed>) = ? [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5456] +++ exited with 0 +++ [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5456, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5047] close(3) = 0 [pid 5052] newfstatat(AT_FDCWD, "./64/file0", [pid 5047] rmdir("./65" [pid 5049] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] <... rmdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] mkdir("./66", 0777 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... mkdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] newfstatat(4, "", [pid 5049] newfstatat(AT_FDCWD, "./66/binderfs", [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5052] getdents64(4, [pid 5049] unlink("./66/binderfs" [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... unlink resumed>) = 0 [pid 5052] getdents64(4, [pid 5049] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4 [pid 5047] close(3 [pid 5460] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... umount2 resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... close resumed>) = 0 [pid 5052] rmdir("./64/file0" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./66/file0", [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(3, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5461 attached [pid 5052] close(3 [pid 5049] <... openat resumed>) = 4 [pid 5461] set_robust_list(0x555556629660, 24 [pid 5052] <... close resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5461 [pid 5461] <... set_robust_list resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5461] chdir("./66" [pid 5049] getdents64(4, [pid 5461] <... chdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] rmdir("./64") = 0 [pid 5052] mkdir("./65", 0777 [pid 5461] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... mkdir resumed>) = 0 [pid 5049] getdents64(4, [pid 5461] <... prctl resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5461] setpgid(0, 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./66/file0") = 0 [pid 5458] <... mount resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] getdents64(3, [pid 5458] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5458] <... openat resumed>) = 3 [pid 5052] close(3 [pid 5458] chdir("./file0" [pid 5052] <... close resumed>) = 0 [pid 5458] <... chdir resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5458] ioctl(4, LOOP_CLR_FD [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5462 attached [pid 5458] <... ioctl resumed>) = 0 [pid 5049] close(3 [pid 5462] set_robust_list(0x555556629660, 24 [pid 5458] close(4 [pid 5461] <... setpgid resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5462] <... set_robust_list resumed>) = 0 [pid 5458] <... close resumed>) = 0 [pid 5462] chdir("./65" [pid 5461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5458] exit_group(0 [pid 5049] rmdir("./66" [pid 5462] <... chdir resumed>) = 0 [pid 5458] <... exit_group resumed>) = ? [pid 5462] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5461] <... openat resumed>) = 3 [pid 5458] +++ exited with 0 +++ [pid 5049] <... rmdir resumed>) = 0 [pid 5462] <... prctl resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5462 [pid 5462] setpgid(0, 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5458, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5049] mkdir("./67", 0777 [pid 5462] <... setpgid resumed>) = 0 [pid 5462] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5461] write(3, "1000", 4 [pid 5049] <... mkdir resumed>) = 0 [pid 5462] <... openat resumed>) = 3 [pid 5461] <... write resumed>) = 4 [pid 5050] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5462] write(3, "1000", 4 [pid 5461] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5462] <... write resumed>) = 4 [pid 5461] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5462] close(3 [pid 5461] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... openat resumed>) = 3 [pid 5049] <... openat resumed>) = 3 [pid 5462] <... close resumed>) = 0 [pid 5050] newfstatat(3, "", [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5462] symlink("/dev/binderfs", "./binderfs" [pid 5461] <... symlink resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5462] <... symlink resumed>) = 0 [pid 5459] <... write resumed>) = 2097152 [pid 5050] getdents64(3, [pid 5462] memfd_create("syzkaller", 0 [pid 5461] memfd_create("syzkaller", 0 [pid 5049] close(3 [pid 5462] <... memfd_create resumed>) = 3 [pid 5459] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... close resumed>) = 0 [pid 5462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5459] <... munmap resumed>) = 0 [pid 5050] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5462] <... mmap resumed>) = 0x7f3b887a1000 ./strace-static-x86_64: Process 5463 attached [pid 5461] <... memfd_create resumed>) = 3 [pid 5460] <... write resumed>) = 2097152 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5463] set_robust_list(0x555556629660, 24) = 0 [pid 5463] chdir("./67" [pid 5050] newfstatat(AT_FDCWD, "./66/binderfs", [pid 5463] <... chdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5463] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] unlink("./66/binderfs" [pid 5463] <... prctl resumed>) = 0 [pid 5461] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5460] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... unlink resumed>) = 0 [pid 5463] setpgid(0, 0 [pid 5461] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5463 [pid 5463] <... setpgid resumed>) = 0 [pid 5459] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5459] ioctl(4, LOOP_SET_FD, 3 [pid 5463] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5460] <... munmap resumed>) = 0 [pid 5463] <... openat resumed>) = 3 [pid 5463] write(3, "1000", 4) = 4 [pid 5463] close(3) = 0 [pid 5460] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5463] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5460] <... openat resumed>) = 4 [pid 5460] ioctl(4, LOOP_SET_FD, 3 [pid 5463] memfd_create("syzkaller", 0 [pid 5459] <... ioctl resumed>) = 0 [pid 5459] close(3) = 0 [pid 5459] mkdir("./file0", 0777) = 0 [pid 5460] <... ioctl resumed>) = 0 [pid 5463] <... memfd_create resumed>) = 3 [pid 5459] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5463] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5463] <... mmap resumed>) = 0x7f3b887a1000 [ 94.923992][ T5459] loop1: detected capacity change from 0 to 4096 [ 94.944135][ T5460] loop4: detected capacity change from 0 to 4096 [pid 5460] close(3) = 0 [pid 5460] mkdir("./file0", 0777 [pid 5462] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5461] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5460] <... mkdir resumed>) = 0 [pid 5050] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./66/file0", [pid 5460] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5463] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./66/file0") = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [ 94.973162][ T5459] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 95.011690][ T5460] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5050] close(3) = 0 [pid 5050] rmdir("./66" [pid 5462] <... write resumed>) = 2097152 [pid 5461] <... write resumed>) = 2097152 [pid 5459] <... mount resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5459] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5462] munmap(0x7f3b887a1000, 138412032 [pid 5050] mkdir("./67", 0777 [pid 5459] <... openat resumed>) = 3 [pid 5459] chdir("./file0") = 0 [pid 5459] ioctl(4, LOOP_CLR_FD) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5459] close(4) = 0 [pid 5459] exit_group(0) = ? [pid 5459] +++ exited with 0 +++ [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5459, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5048] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] close(3 [pid 5462] <... munmap resumed>) = 0 [pid 5461] munmap(0x7f3b887a1000, 138412032 [pid 5460] <... mount resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5464 attached [pid 5464] set_robust_list(0x555556629660, 24) = 0 [pid 5464] chdir("./67") = 0 [pid 5464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5464] setpgid(0, 0) = 0 [pid 5462] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5462] <... openat resumed>) = 4 [pid 5464] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", [pid 5464] write(3, "1000", 4) = 4 [pid 5460] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5464] close(3 [pid 5462] ioctl(4, LOOP_SET_FD, 3 [pid 5464] <... close resumed>) = 0 [pid 5460] <... openat resumed>) = 3 [pid 5464] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5464] memfd_create("syzkaller", 0) = 3 [pid 5464] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5463] <... write resumed>) = 2097152 [pid 5462] <... ioctl resumed>) = 0 [pid 5461] <... munmap resumed>) = 0 [pid 5460] chdir("./file0" [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5464 [pid 5048] getdents64(3, [pid 5463] munmap(0x7f3b887a1000, 138412032 [pid 5461] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5460] <... chdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5463] <... munmap resumed>) = 0 [pid 5461] <... openat resumed>) = 4 [pid 5460] ioctl(4, LOOP_CLR_FD [pid 5048] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5462] close(3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5462] <... close resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./66/binderfs", [pid 5462] mkdir("./file0", 0777 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5462] <... mkdir resumed>) = 0 [pid 5048] unlink("./66/binderfs") = 0 [pid 5462] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5461] ioctl(4, LOOP_SET_FD, 3 [pid 5460] <... ioctl resumed>) = 0 [pid 5048] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5463] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5461] <... ioctl resumed>) = 0 [pid 5460] close(4 [pid 5048] <... umount2 resumed>) = 0 [pid 5460] <... close resumed>) = 0 [pid 5463] <... openat resumed>) = 4 [pid 5460] exit_group(0 [pid 5048] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5463] ioctl(4, LOOP_SET_FD, 3 [pid 5461] close(3 [pid 5460] <... exit_group resumed>) = ? [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 95.096610][ T5462] loop5: detected capacity change from 0 to 4096 [ 95.125922][ T5461] loop0: detected capacity change from 0 to 4096 [ 95.126845][ T5462] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5461] <... close resumed>) = 0 [pid 5463] <... ioctl resumed>) = 0 [pid 5461] mkdir("./file0", 0777 [pid 5460] +++ exited with 0 +++ [pid 5048] newfstatat(AT_FDCWD, "./66/file0", [pid 5463] close(3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5460, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5463] <... close resumed>) = 0 [pid 5461] <... mkdir resumed>) = 0 [pid 5048] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5463] mkdir("./file0", 0777 [pid 5461] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... restart_syscall resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5463] <... mkdir resumed>) = 0 [pid 5051] umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5463] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", [pid 5048] newfstatat(4, "", [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5048] getdents64(4, [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] close(4 [pid 5051] newfstatat(AT_FDCWD, "./64/binderfs", [pid 5048] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] rmdir("./66/file0" [pid 5051] unlink("./64/binderfs") = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5051] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./66") = 0 [pid 5048] mkdir("./67", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 95.153683][ T5463] loop2: detected capacity change from 0 to 4096 [ 95.167399][ T5461] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 95.184671][ T5463] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5051] <... umount2 resumed>) = 0 [pid 5048] close(3 [pid 5462] <... mount resumed>) = 0 [pid 5051] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5461] <... mount resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5462] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5051] newfstatat(AT_FDCWD, "./64/file0", [pid 5461] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... close resumed>) = 0 [pid 5464] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5462] chdir("./file0" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5462] <... chdir resumed>) = 0 [pid 5051] umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5462] ioctl(4, LOOP_CLR_FD [pid 5461] <... openat resumed>) = 3 [pid 5461] chdir("./file0" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5462] <... ioctl resumed>) = 0 [pid 5462] close(4 [pid 5051] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5461] <... chdir resumed>) = 0 [pid 5462] <... close resumed>) = 0 [pid 5461] ioctl(4, LOOP_CLR_FD [pid 5051] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5466 attached [pid 5466] set_robust_list(0x555556629660, 24 [pid 5462] exit_group(0 [pid 5461] <... ioctl resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5466 [pid 5466] <... set_robust_list resumed>) = 0 [pid 5461] close(4 [pid 5466] chdir("./67" [pid 5461] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5462] <... exit_group resumed>) = ? [pid 5461] exit_group(0) = ? [pid 5466] <... chdir resumed>) = 0 [pid 5462] +++ exited with 0 +++ [pid 5461] +++ exited with 0 +++ [pid 5051] getdents64(4, [pid 5466] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5462, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5461, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=2 /* 0.02 s */} --- [pid 5466] <... prctl resumed>) = 0 [pid 5051] getdents64(4, [pid 5466] setpgid(0, 0 [pid 5463] <... mount resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5466] <... setpgid resumed>) = 0 [pid 5051] close(4 [pid 5047] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5466] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5463] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5466] <... openat resumed>) = 3 [pid 5463] <... openat resumed>) = 3 [pid 5051] rmdir("./64/file0" [pid 5047] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5466] write(3, "1000", 4) = 4 [pid 5047] <... openat resumed>) = 3 [pid 5466] close(3 [pid 5052] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... rmdir resumed>) = 0 [pid 5047] newfstatat(3, "", [pid 5466] <... close resumed>) = 0 [pid 5463] chdir("./file0" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(3, [pid 5466] symlink("/dev/binderfs", "./binderfs" [pid 5463] <... chdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5466] <... symlink resumed>) = 0 [pid 5463] ioctl(4, LOOP_CLR_FD [pid 5052] <... openat resumed>) = 3 [pid 5051] close(3 [pid 5466] memfd_create("syzkaller", 0 [pid 5463] <... ioctl resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5047] getdents64(3, [pid 5466] <... memfd_create resumed>) = 3 [pid 5463] close(4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... close resumed>) = 0 [pid 5466] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5463] <... close resumed>) = 0 [pid 5052] getdents64(3, [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5466] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] rmdir("./64" [pid 5047] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(AT_FDCWD, "./66/binderfs", [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5463] exit_group(0 [pid 5052] newfstatat(AT_FDCWD, "./65/binderfs", [pid 5047] unlink("./66/binderfs" [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5047] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5463] <... exit_group resumed>) = ? [pid 5052] unlink("./65/binderfs" [pid 5463] +++ exited with 0 +++ [pid 5052] <... unlink resumed>) = 0 [pid 5052] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5463, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5049] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... rmdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./67/binderfs") = 0 [pid 5049] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] mkdir("./65", 0777) = 0 [pid 5464] <... write resumed>) = 2097152 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5464] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5464] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] <... umount2 resumed>) = 0 [pid 5464] <... openat resumed>) = 4 [pid 5047] <... umount2 resumed>) = 0 [pid 5464] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... umount2 resumed>) = 0 [pid 5464] <... ioctl resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5467 attached ) = -1 EINVAL (Invalid argument) [pid 5467] set_robust_list(0x555556629660, 24 [pid 5052] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./67/file0", [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] newfstatat(AT_FDCWD, "./65/file0", [pid 5049] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5467] <... set_robust_list resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5467] chdir("./65" [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5467 [pid 5049] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5467] <... chdir resumed>) = 0 [pid 5052] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 4 [pid 5467] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(4, "", [pid 5047] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5467] <... prctl resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5464] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5464] <... close resumed>) = 0 [pid 5464] mkdir("./file0", 0777 [pid 5467] setpgid(0, 0 [pid 5464] <... mkdir resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5047] newfstatat(AT_FDCWD, "./66/file0", [pid 5467] <... setpgid resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5467] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5466] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5464] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5467] <... openat resumed>) = 3 [pid 5052] getdents64(4, [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... openat resumed>) = 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, [pid 5052] getdents64(4, [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5052] close(4 [pid 5049] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] rmdir("./67/file0" [pid 5052] rmdir("./65/file0" [pid 5049] <... rmdir resumed>) = 0 [pid 5467] write(3, "1000", 4 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5467] <... write resumed>) = 4 [pid 5052] getdents64(3, [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5467] close(3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3 [pid 5047] newfstatat(4, "", [pid 5467] <... close resumed>) = 0 [pid 5052] close(3 [pid 5049] <... close resumed>) = 0 [pid 5467] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... close resumed>) = 0 [pid 5049] rmdir("./67" [pid 5467] <... symlink resumed>) = 0 [pid 5052] rmdir("./65" [pid 5049] <... rmdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] mkdir("./68", 0777) = 0 [pid 5052] mkdir("./66", 0777 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5468 attached [pid 5467] memfd_create("syzkaller", 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5468 [pid 5468] set_robust_list(0x555556629660, 24 [pid 5052] <... openat resumed>) = 3 [pid 5468] <... set_robust_list resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5468] chdir("./68" [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5468] <... chdir resumed>) = 0 [pid 5052] close(3 [pid 5468] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... close resumed>) = 0 [pid 5468] <... prctl resumed>) = 0 [pid 5468] setpgid(0, 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] getdents64(4, [pid 5468] <... setpgid resumed>) = 0 [pid 5468] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5468] <... openat resumed>) = 3 [pid 5047] getdents64(4, [pid 5468] write(3, "1000", 4 [pid 5467] <... memfd_create resumed>) = 3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5469 attached [pid 5468] <... write resumed>) = 4 [ 95.355875][ T5464] loop3: detected capacity change from 0 to 4096 [ 95.384187][ T5464] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5467] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5469 [pid 5047] close(4 [pid 5469] set_robust_list(0x555556629660, 24 [pid 5468] close(3 [pid 5467] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] <... close resumed>) = 0 [pid 5466] <... write resumed>) = 2097152 [pid 5047] rmdir("./66/file0" [pid 5469] <... set_robust_list resumed>) = 0 [pid 5468] <... close resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5469] chdir("./66" [pid 5468] symlink("/dev/binderfs", "./binderfs" [pid 5047] rmdir("./66" [pid 5469] <... chdir resumed>) = 0 [pid 5468] <... symlink resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5469] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5468] memfd_create("syzkaller", 0 [pid 5047] mkdir("./67", 0777 [pid 5469] <... prctl resumed>) = 0 [pid 5469] setpgid(0, 0) = 0 [pid 5469] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5468] <... memfd_create resumed>) = 3 [pid 5468] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] <... mkdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5469] <... openat resumed>) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5469] write(3, "1000", 4) = 4 [pid 5469] close(3) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5469] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5469] memfd_create("syzkaller", 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5466] munmap(0x7f3b887a1000, 138412032 [pid 5047] close(3 [pid 5469] <... memfd_create resumed>) = 3 [pid 5047] <... close resumed>) = 0 [pid 5469] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5469] <... mmap resumed>) = 0x7f3b887a1000 ./strace-static-x86_64: Process 5470 attached [pid 5466] <... munmap resumed>) = 0 [pid 5470] set_robust_list(0x555556629660, 24) = 0 [pid 5466] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5464] <... mount resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5470 [pid 5464] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5464] chdir("./file0") = 0 [pid 5464] ioctl(4, LOOP_CLR_FD) = 0 [pid 5464] close(4) = 0 [pid 5464] exit_group(0) = ? [pid 5464] +++ exited with 0 +++ [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5464, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5466] <... openat resumed>) = 4 [pid 5466] ioctl(4, LOOP_SET_FD, 3 [pid 5467] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5468] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... openat resumed>) = 3 [pid 5470] chdir("./67" [pid 5466] <... ioctl resumed>) = 0 [pid 5470] <... chdir resumed>) = 0 [pid 5470] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5466] close(3 [pid 5050] newfstatat(3, "", [pid 5466] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./67/binderfs", [pid 5466] mkdir("./file0", 0777 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5470] <... prctl resumed>) = 0 [pid 5466] <... mkdir resumed>) = 0 [pid 5050] unlink("./67/binderfs" [pid 5470] setpgid(0, 0) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5466] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5470] <... openat resumed>) = 3 [pid 5470] write(3, "1000", 4) = 4 [pid 5470] close(3) = 0 [pid 5470] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5470] memfd_create("syzkaller", 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5050] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5470] <... memfd_create resumed>) = 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5470] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] newfstatat(AT_FDCWD, "./67/file0", [pid 5470] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5467] <... write resumed>) = 2097152 [pid 5050] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5467] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... openat resumed>) = 4 [pid 5050] newfstatat(4, "", [pid 5469] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [ 95.517761][ T5466] loop1: detected capacity change from 0 to 4096 [ 95.555577][ T5466] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5050] rmdir("./67/file0") = 0 [pid 5469] <... write resumed>) = 2097152 [pid 5467] <... munmap resumed>) = 0 [pid 5050] getdents64(3, [pid 5469] munmap(0x7f3b887a1000, 138412032 [pid 5467] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5467] <... openat resumed>) = 4 [pid 5050] close(3) = 0 [pid 5050] rmdir("./67") = 0 [pid 5469] <... munmap resumed>) = 0 [pid 5467] ioctl(4, LOOP_SET_FD, 3 [pid 5468] <... write resumed>) = 2097152 [pid 5467] <... ioctl resumed>) = 0 [pid 5050] mkdir("./68", 0777 [pid 5469] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5468] munmap(0x7f3b887a1000, 138412032 [pid 5467] close(3 [pid 5469] <... openat resumed>) = 4 [pid 5468] <... munmap resumed>) = 0 [pid 5467] <... close resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5469] ioctl(4, LOOP_SET_FD, 3 [pid 5467] mkdir("./file0", 0777 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5468] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5468] ioctl(4, LOOP_SET_FD, 3 [pid 5470] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5469] <... ioctl resumed>) = 0 [pid 5467] <... mkdir resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5467] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] close(3 [pid 5468] <... ioctl resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5468] close(3) = 0 [pid 5468] mkdir("./file0", 0777) = 0 [pid 5469] close(3) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5471 [pid 5469] mkdir("./file0", 0777 [ 95.623013][ T5467] loop4: detected capacity change from 0 to 4096 [ 95.647416][ T5469] loop5: detected capacity change from 0 to 4096 [ 95.649398][ T5468] loop2: detected capacity change from 0 to 4096 [ 95.663922][ T5467] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5468] mount("/dev/loop2", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 5471 attached [pid 5469] <... mkdir resumed>) = 0 [pid 5466] <... mount resumed>) = 0 [pid 5471] set_robust_list(0x555556629660, 24 [pid 5469] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5466] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5471] <... set_robust_list resumed>) = 0 [pid 5470] <... write resumed>) = 2097152 [pid 5466] <... openat resumed>) = 3 [pid 5471] chdir("./68" [pid 5466] chdir("./file0" [pid 5467] <... mount resumed>) = 0 [pid 5466] <... chdir resumed>) = 0 [pid 5467] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5467] chdir("./file0") = 0 [pid 5467] ioctl(4, LOOP_CLR_FD) = 0 [pid 5467] close(4) = 0 [pid 5467] exit_group(0 [pid 5466] ioctl(4, LOOP_CLR_FD [pid 5467] <... exit_group resumed>) = ? [pid 5466] <... ioctl resumed>) = 0 [pid 5471] <... chdir resumed>) = 0 [pid 5470] munmap(0x7f3b887a1000, 138412032 [pid 5467] +++ exited with 0 +++ [pid 5466] close(4 [pid 5471] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5466] <... close resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5467, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5466] exit_group(0 [pid 5051] umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5471] <... prctl resumed>) = 0 [pid 5466] <... exit_group resumed>) = ? [pid 5471] setpgid(0, 0 [pid 5470] <... munmap resumed>) = 0 [pid 5466] +++ exited with 0 +++ [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5471] <... setpgid resumed>) = 0 [pid 5470] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5466, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5471] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5470] <... openat resumed>) = 4 [pid 5051] <... openat resumed>) = 3 [ 95.701403][ T5468] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 95.713244][ T5469] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5471] <... openat resumed>) = 3 [pid 5470] ioctl(4, LOOP_SET_FD, 3 [pid 5051] newfstatat(3, "", [pid 5471] write(3, "1000", 4 [pid 5048] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5469] <... mount resumed>) = 0 [pid 5471] <... write resumed>) = 4 [pid 5048] unlink("./67/binderfs" [pid 5471] close(3 [pid 5470] <... ioctl resumed>) = 0 [pid 5469] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5471] <... close resumed>) = 0 [pid 5470] close(3 [pid 5469] <... openat resumed>) = 3 [pid 5051] getdents64(3, [pid 5048] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5471] symlink("/dev/binderfs", "./binderfs" [pid 5470] <... close resumed>) = 0 [pid 5469] chdir("./file0" [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5471] <... symlink resumed>) = 0 [pid 5470] mkdir("./file0", 0777 [pid 5469] <... chdir resumed>) = 0 [pid 5051] umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5469] ioctl(4, LOOP_CLR_FD [pid 5470] <... mkdir resumed>) = 0 [pid 5469] <... ioctl resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5469] close(4 [pid 5051] newfstatat(AT_FDCWD, "./65/binderfs", [pid 5469] <... close resumed>) = 0 [pid 5471] memfd_create("syzkaller", 0 [pid 5470] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5469] exit_group(0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5471] <... memfd_create resumed>) = 3 [pid 5469] <... exit_group resumed>) = ? [pid 5051] unlink("./65/binderfs" [pid 5469] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5469, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5471] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... unlink resumed>) = 0 [pid 5471] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5468] <... mount resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./66/binderfs", [pid 5468] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5468] <... openat resumed>) = 3 [pid 5052] unlink("./66/binderfs" [pid 5468] chdir("./file0" [pid 5052] <... unlink resumed>) = 0 [pid 5468] <... chdir resumed>) = 0 [pid 5468] ioctl(4, LOOP_CLR_FD [pid 5052] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5468] <... ioctl resumed>) = 0 [pid 5051] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./65/file0", [pid 5468] close(4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5468] <... close resumed>) = 0 [pid 5051] umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5468] exit_group(0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5468] <... exit_group resumed>) = ? [ 95.745516][ T5470] loop0: detected capacity change from 0 to 4096 [ 95.764734][ T5470] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5468] +++ exited with 0 +++ [pid 5051] getdents64(4, [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5468, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5470] <... mount resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] newfstatat(AT_FDCWD, "./67/file0", [pid 5470] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] getdents64(4, [pid 5470] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5470] chdir("./file0" [pid 5051] close(4 [pid 5049] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5470] <... chdir resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5470] ioctl(4, LOOP_CLR_FD [pid 5051] rmdir("./65/file0" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5470] <... ioctl resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5470] close(4 [pid 5051] getdents64(3, [pid 5049] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 4 [pid 5470] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] newfstatat(3, "", [pid 5048] newfstatat(4, "", [pid 5470] exit_group(0 [pid 5051] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5470] <... exit_group resumed>) = ? [pid 5051] <... close resumed>) = 0 [pid 5049] getdents64(3, [pid 5470] +++ exited with 0 +++ [pid 5051] rmdir("./65" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] getdents64(4, [pid 5051] <... rmdir resumed>) = 0 [pid 5049] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] mkdir("./66", 0777 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5470, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- [pid 5051] <... mkdir resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./68/binderfs" [pid 5047] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... unlink resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... umount2 resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] newfstatat(3, "", [pid 5051] <... openat resumed>) = 3 [pid 5048] getdents64(4, [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] getdents64(3, [pid 5052] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(4 [pid 5051] close(3 [pid 5048] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... close resumed>) = 0 [pid 5048] rmdir("./67/file0" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... rmdir resumed>) = 0 [pid 5047] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(3, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] newfstatat(AT_FDCWD, "./67/binderfs", [pid 5048] close(3) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] rmdir("./67" [pid 5047] unlink("./67/binderfs" [pid 5048] <... rmdir resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5048] mkdir("./68", 0777 [pid 5047] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] newfstatat(AT_FDCWD, "./66/file0", [pid 5048] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5473 attached [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5473 [pid 5473] set_robust_list(0x555556629660, 24 [pid 5052] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5473] <... set_robust_list resumed>) = 0 [pid 5471] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5473] chdir("./66" [pid 5052] <... openat resumed>) = 4 [pid 5048] <... openat resumed>) = 3 [pid 5052] newfstatat(4, "", [pid 5473] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5473] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] getdents64(4, [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5473] <... prctl resumed>) = 0 [pid 5048] close(3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5473] setpgid(0, 0 [pid 5052] getdents64(4, [pid 5048] <... close resumed>) = 0 [pid 5473] <... setpgid resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5473] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] close(4 [pid 5473] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./66/file0"./strace-static-x86_64: Process 5474 attached [pid 5473] write(3, "1000", 4 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5474 [pid 5473] <... write resumed>) = 4 [pid 5474] set_robust_list(0x555556629660, 24 [pid 5473] close(3 [pid 5052] <... rmdir resumed>) = 0 [pid 5474] <... set_robust_list resumed>) = 0 [pid 5473] <... close resumed>) = 0 [pid 5052] getdents64(3, [pid 5473] symlink("/dev/binderfs", "./binderfs" [pid 5474] chdir("./68" [pid 5473] <... symlink resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5474] <... chdir resumed>) = 0 [pid 5473] memfd_create("syzkaller", 0) = 3 [pid 5473] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5049] <... umount2 resumed>) = 0 [pid 5052] close(3 [pid 5049] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./68/file0", [pid 5474] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5474] <... prctl resumed>) = 0 [pid 5049] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5474] setpgid(0, 0 [pid 5049] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5474] <... setpgid resumed>) = 0 [pid 5052] rmdir("./66" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5474] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... openat resumed>) = 4 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5474] <... openat resumed>) = 3 [pid 5052] mkdir("./67", 0777 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] newfstatat(AT_FDCWD, "./67/file0", [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5474] write(3, "1000", 4 [pid 5052] <... openat resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 5047] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] rmdir("./68/file0" [pid 5474] <... write resumed>) = 4 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] <... rmdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5474] close(3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] getdents64(3, [pid 5474] <... close resumed>) = 0 [pid 5052] close(3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5474] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... close resumed>) = 0 [pid 5049] close(3 [pid 5474] <... symlink resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5049] rmdir("./68"./strace-static-x86_64: Process 5475 attached [pid 5474] memfd_create("syzkaller", 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5047] newfstatat(4, "", [pid 5049] mkdir("./69", 0777 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5475] set_robust_list(0x555556629660, 24 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5475 [pid 5049] <... mkdir resumed>) = 0 [pid 5047] getdents64(4, [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5475] <... set_robust_list resumed>) = 0 [pid 5047] getdents64(4, [pid 5475] chdir("./67" [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5476 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5475] <... chdir resumed>) = 0 [pid 5047] close(4 [pid 5475] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5474] <... memfd_create resumed>) = 3 [pid 5047] <... close resumed>) = 0 [pid 5475] <... prctl resumed>) = 0 [pid 5475] setpgid(0, 0 [pid 5474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] rmdir("./67/file0" [pid 5475] <... setpgid resumed>) = 0 [pid 5474] <... mmap resumed>) = 0x7f3b887a1000 [pid 5471] <... write resumed>) = 2097152 [pid 5475] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... rmdir resumed>) = 0 [pid 5471] munmap(0x7f3b887a1000, 138412032./strace-static-x86_64: Process 5476 attached [pid 5475] <... openat resumed>) = 3 [pid 5476] set_robust_list(0x555556629660, 24) = 0 [pid 5476] chdir("./69" [pid 5471] <... munmap resumed>) = 0 [pid 5476] <... chdir resumed>) = 0 [pid 5476] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5476] setpgid(0, 0) = 0 [pid 5475] write(3, "1000", 4 [pid 5047] getdents64(3, [pid 5476] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5475] <... write resumed>) = 4 [pid 5473] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5476] write(3, "1000", 4) = 4 [pid 5476] close(3) = 0 [pid 5476] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] close(3 [pid 5475] close(3 [pid 5476] memfd_create("syzkaller", 0 [pid 5475] <... close resumed>) = 0 [pid 5471] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] <... close resumed>) = 0 [pid 5476] <... memfd_create resumed>) = 3 [pid 5047] rmdir("./67" [pid 5471] <... openat resumed>) = 4 [pid 5471] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5475] symlink("/dev/binderfs", "./binderfs" [pid 5476] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5475] <... symlink resumed>) = 0 [pid 5471] <... ioctl resumed>) = 0 [pid 5475] memfd_create("syzkaller", 0 [pid 5047] mkdir("./68", 0777) = 0 [pid 5475] <... memfd_create resumed>) = 3 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5475] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5471] close(3 [pid 5047] close(3) = 0 [pid 5471] <... close resumed>) = 0 [pid 5471] mkdir("./file0", 0777 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5471] <... mkdir resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5477 ./strace-static-x86_64: Process 5477 attached [ 96.015305][ T5471] loop3: detected capacity change from 0 to 4096 [pid 5471] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5477] set_robust_list(0x555556629660, 24) = 0 [pid 5477] chdir("./68") = 0 [pid 5477] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5477] setpgid(0, 0) = 0 [pid 5474] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5476] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5473] <... write resumed>) = 2097152 [pid 5477] write(3, "1000", 4) = 4 [pid 5477] close(3) = 0 [pid 5477] symlink("/dev/binderfs", "./binderfs") = 0 [ 96.070494][ T5471] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5473] munmap(0x7f3b887a1000, 138412032 [pid 5477] memfd_create("syzkaller", 0 [pid 5475] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5477] <... memfd_create resumed>) = 3 [pid 5477] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5473] <... munmap resumed>) = 0 [pid 5471] <... mount resumed>) = 0 [pid 5473] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5473] ioctl(4, LOOP_SET_FD, 3 [pid 5471] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5471] chdir("./file0") = 0 [pid 5471] ioctl(4, LOOP_CLR_FD [pid 5473] <... ioctl resumed>) = 0 [pid 5473] close(3) = 0 [pid 5473] mkdir("./file0", 0777 [pid 5474] <... write resumed>) = 2097152 [pid 5473] <... mkdir resumed>) = 0 [pid 5471] <... ioctl resumed>) = 0 [pid 5471] close(4 [pid 5473] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5471] <... close resumed>) = 0 [pid 5471] exit_group(0) = ? [pid 5471] +++ exited with 0 +++ [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5471, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=5 /* 0.05 s */} --- [pid 5474] munmap(0x7f3b887a1000, 138412032 [pid 5050] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5476] <... write resumed>) = 2097152 [pid 5050] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5476] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5476] <... munmap resumed>) = 0 [pid 5474] <... munmap resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./68/binderfs") = 0 [pid 5050] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5475] <... write resumed>) = 2097152 [pid 5474] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 96.156961][ T5473] loop4: detected capacity change from 0 to 4096 [ 96.177956][ T5473] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5474] ioctl(4, LOOP_SET_FD, 3 [pid 5476] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5476] ioctl(4, LOOP_SET_FD, 3 [pid 5477] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5475] munmap(0x7f3b887a1000, 138412032 [pid 5474] <... ioctl resumed>) = 0 [pid 5474] close(3) = 0 [pid 5474] mkdir("./file0", 0777 [pid 5475] <... munmap resumed>) = 0 [pid 5474] <... mkdir resumed>) = 0 [pid 5475] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5474] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5475] <... openat resumed>) = 4 [ 96.221394][ T5474] loop1: detected capacity change from 0 to 4096 [ 96.222727][ T5476] loop2: detected capacity change from 0 to 4096 [ 96.246380][ T5474] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5476] <... ioctl resumed>) = 0 [pid 5475] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... umount2 resumed>) = 0 [pid 5476] close(3) = 0 [pid 5476] mkdir("./file0", 0777 [pid 5475] <... ioctl resumed>) = 0 [pid 5050] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5475] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5475] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./68/file0", [pid 5476] <... mkdir resumed>) = 0 [pid 5475] mkdir("./file0", 0777 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5476] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5475] <... mkdir resumed>) = 0 [pid 5050] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5475] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5050] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", [pid 5477] <... write resumed>) = 2097152 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5477] munmap(0x7f3b887a1000, 138412032 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./68/file0") = 0 [pid 5050] getdents64(3, [pid 5477] <... munmap resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./68" [pid 5477] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5050] <... rmdir resumed>) = 0 [pid 5050] mkdir("./69", 0777) = 0 [pid 5477] <... openat resumed>) = 4 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5477] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... openat resumed>) = 3 [pid 5473] <... mount resumed>) = 0 [ 96.270938][ T5475] loop5: detected capacity change from 0 to 4096 [ 96.294675][ T5476] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 96.295441][ T5475] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5474] <... mount resumed>) = 0 [pid 5473] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5474] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5473] <... openat resumed>) = 3 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5473] chdir("./file0" [pid 5050] close(3) = 0 [pid 5474] <... openat resumed>) = 3 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5478 attached [pid 5474] chdir("./file0" [pid 5473] <... chdir resumed>) = 0 [pid 5473] ioctl(4, LOOP_CLR_FD [pid 5478] set_robust_list(0x555556629660, 24 [pid 5474] <... chdir resumed>) = 0 [pid 5473] <... ioctl resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5478 [pid 5478] <... set_robust_list resumed>) = 0 [pid 5474] ioctl(4, LOOP_CLR_FD [pid 5473] close(4 [pid 5478] chdir("./69" [pid 5474] <... ioctl resumed>) = 0 [pid 5473] <... close resumed>) = 0 [pid 5478] <... chdir resumed>) = 0 [pid 5474] close(4 [pid 5473] exit_group(0 [pid 5478] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5474] <... close resumed>) = 0 [pid 5473] <... exit_group resumed>) = ? [pid 5478] <... prctl resumed>) = 0 [pid 5474] exit_group(0 [pid 5473] +++ exited with 0 +++ [pid 5478] setpgid(0, 0 [pid 5474] <... exit_group resumed>) = ? [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5473, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5051] umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", [pid 5478] <... setpgid resumed>) = 0 [pid 5474] +++ exited with 0 +++ [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5474, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5478] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5477] <... ioctl resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5478] <... openat resumed>) = 3 [pid 5477] close(3 [pid 5051] umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5478] write(3, "1000", 4 [pid 5477] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5478] <... write resumed>) = 4 [pid 5051] newfstatat(AT_FDCWD, "./66/binderfs", [pid 5478] close(3 [pid 5477] mkdir("./file0", 0777 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5478] <... close resumed>) = 0 [pid 5477] <... mkdir resumed>) = 0 [pid 5475] <... mount resumed>) = 0 [pid 5051] unlink("./66/binderfs" [pid 5048] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5478] symlink("/dev/binderfs", "./binderfs" [pid 5475] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... unlink resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5478] <... symlink resumed>) = 0 [pid 5477] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5051] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5478] memfd_create("syzkaller", 0 [pid 5475] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5475] chdir("./file0" [pid 5048] getdents64(3, [pid 5475] <... chdir resumed>) = 0 [pid 5475] ioctl(4, LOOP_CLR_FD [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5475] <... ioctl resumed>) = 0 [pid 5048] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5475] close(4 [pid 5478] <... memfd_create resumed>) = 3 [pid 5475] <... close resumed>) = 0 [ 96.330220][ T5477] loop0: detected capacity change from 0 to 4096 [pid 5475] exit_group(0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5478] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5475] <... exit_group resumed>) = ? [pid 5478] <... mmap resumed>) = 0x7f3b887a1000 [pid 5475] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5475, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5052] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./68/binderfs", [pid 5476] <... mount resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5476] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] newfstatat(3, "", [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5476] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5476] chdir("./file0" [pid 5052] getdents64(3, [pid 5476] <... chdir resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5476] ioctl(4, LOOP_CLR_FD [pid 5052] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] unlink("./68/binderfs" [pid 5476] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5476] close(4 [pid 5052] newfstatat(AT_FDCWD, "./67/binderfs", [pid 5051] <... umount2 resumed>) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5476] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] unlink("./67/binderfs" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... unlink resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./66/file0", [pid 5052] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5478] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5476] exit_group(0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5476] <... exit_group resumed>) = ? [pid 5051] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [ 96.388076][ T5477] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5048] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5476] +++ exited with 0 +++ [pid 5052] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(4, "", [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5476, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5049] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./69/binderfs") = 0 [pid 5049] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] newfstatat(AT_FDCWD, "./67/file0", [pid 5051] getdents64(4, [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] getdents64(4, [pid 5052] <... openat resumed>) = 4 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./66/file0") = 0 [pid 5052] newfstatat(4, "", [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./66") = 0 [pid 5051] mkdir("./67", 0777 [pid 5052] getdents64(4, [pid 5051] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5049] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] getdents64(4, [pid 5051] close(3) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./69/file0", [pid 5052] close(4 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5479 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... close resumed>) = 0 ./strace-static-x86_64: Process 5479 attached [pid 5052] rmdir("./67/file0" [pid 5049] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5478] <... write resumed>) = 2097152 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5479] set_robust_list(0x555556629660, 24 [pid 5052] <... rmdir resumed>) = 0 [pid 5479] <... set_robust_list resumed>) = 0 [pid 5052] getdents64(3, [pid 5049] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5479] chdir("./67" [pid 5048] newfstatat(AT_FDCWD, "./68/file0", [pid 5479] <... chdir resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5479] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5478] munmap(0x7f3b887a1000, 138412032 [pid 5049] newfstatat(4, "", [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5479] <... prctl resumed>) = 0 [pid 5478] <... munmap resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5479] setpgid(0, 0) = 0 [pid 5052] close(3 [pid 5048] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5479] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] getdents64(4, [pid 5048] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] rmdir("./67" [pid 5479] <... openat resumed>) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... openat resumed>) = 4 [pid 5049] getdents64(4, [pid 5052] mkdir("./68", 0777 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] newfstatat(4, "", [pid 5479] write(3, "1000", 4 [pid 5049] close(4 [pid 5479] <... write resumed>) = 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5479] close(3 [pid 5049] <... close resumed>) = 0 [pid 5048] getdents64(4, [pid 5479] <... close resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5049] rmdir("./69/file0" [pid 5479] symlink("/dev/binderfs", "./binderfs" [pid 5478] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5479] <... symlink resumed>) = 0 [pid 5478] <... openat resumed>) = 4 [pid 5048] getdents64(4, [pid 5049] getdents64(3, [pid 5478] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5479] memfd_create("syzkaller", 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5479] <... memfd_create resumed>) = 3 [pid 5052] <... openat resumed>) = 3 [pid 5048] close(4 [pid 5479] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] close(3 [pid 5048] <... close resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] rmdir("./68/file0" [pid 5052] close(3 [pid 5479] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... close resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./69") = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] mkdir("./70", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... rmdir resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5481 ./strace-static-x86_64: Process 5480 attached [pid 5478] <... ioctl resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5480 [pid 5478] close(3 [pid 5048] getdents64(3, [pid 5478] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5480] set_robust_list(0x555556629660, 24 [pid 5478] mkdir("./file0", 0777 [pid 5048] close(3 [pid 5480] <... set_robust_list resumed>) = 0 [pid 5478] <... mkdir resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5480] chdir("./70") = 0 ./strace-static-x86_64: Process 5481 attached [pid 5480] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] rmdir("./68" [pid 5480] <... prctl resumed>) = 0 [pid 5478] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5481] set_robust_list(0x555556629660, 24 [pid 5480] setpgid(0, 0 [pid 5477] <... mount resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5480] <... setpgid resumed>) = 0 [pid 5480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5480] write(3, "1000", 4) = 4 [pid 5480] close(3) = 0 [pid 5481] <... set_robust_list resumed>) = 0 [pid 5477] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] mkdir("./69", 0777 [pid 5480] symlink("/dev/binderfs", "./binderfs" [pid 5477] <... openat resumed>) = 3 [pid 5481] chdir("./68" [pid 5480] <... symlink resumed>) = 0 [pid 5477] chdir("./file0" [pid 5048] <... mkdir resumed>) = 0 [pid 5481] <... chdir resumed>) = 0 [pid 5477] <... chdir resumed>) = 0 [pid 5481] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5480] memfd_create("syzkaller", 0 [pid 5477] ioctl(4, LOOP_CLR_FD [pid 5481] <... prctl resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5481] setpgid(0, 0 [pid 5477] <... ioctl resumed>) = 0 [pid 5481] <... setpgid resumed>) = 0 [pid 5477] close(4 [pid 5048] <... openat resumed>) = 3 [pid 5477] <... close resumed>) = 0 [pid 5481] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5477] exit_group(0) = ? [pid 5480] <... memfd_create resumed>) = 3 [pid 5480] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [ 96.531767][ T5478] loop3: detected capacity change from 0 to 4096 [ 96.567351][ T5478] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5481] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5481] write(3, "1000", 4 [pid 5477] +++ exited with 0 +++ [pid 5048] <... close resumed>) = 0 [pid 5481] <... write resumed>) = 4 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5477, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] restart_syscall(<... resuming interrupted clone ...>) = 0 ./strace-static-x86_64: Process 5482 attached [pid 5481] close(3 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5482 [pid 5047] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5482] set_robust_list(0x555556629660, 24 [pid 5481] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5481] symlink("/dev/binderfs", "./binderfs" [pid 5482] <... set_robust_list resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5481] <... symlink resumed>) = 0 [pid 5047] newfstatat(3, "", [pid 5482] chdir("./69") = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5482] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5047] getdents64(3, [pid 5482] setpgid(0, 0 [pid 5481] memfd_create("syzkaller", 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5482] <... setpgid resumed>) = 0 [pid 5481] <... memfd_create resumed>) = 3 [pid 5478] <... mount resumed>) = 0 [pid 5047] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5481] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] newfstatat(AT_FDCWD, "./68/binderfs", [pid 5481] <... mmap resumed>) = 0x7f3b887a1000 [pid 5478] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5482] <... openat resumed>) = 3 [pid 5479] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5478] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./68/binderfs" [pid 5482] write(3, "1000", 4 [pid 5478] chdir("./file0") = 0 [pid 5478] ioctl(4, LOOP_CLR_FD) = 0 [pid 5478] close(4) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5482] <... write resumed>) = 4 [pid 5478] exit_group(0 [pid 5482] close(3 [pid 5047] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5482] <... close resumed>) = 0 [pid 5482] symlink("/dev/binderfs", "./binderfs" [pid 5478] <... exit_group resumed>) = ? [pid 5482] <... symlink resumed>) = 0 [pid 5478] +++ exited with 0 +++ [pid 5482] memfd_create("syzkaller", 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5478, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5050] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./69/binderfs") = 0 [pid 5050] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5482] <... memfd_create resumed>) = 3 [pid 5482] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5480] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5479] <... write resumed>) = 2097152 [pid 5479] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5481] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... umount2 resumed>) = 0 [pid 5479] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5047] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5479] <... openat resumed>) = 4 [pid 5479] ioctl(4, LOOP_SET_FD, 3 [pid 5050] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./68/file0", [pid 5050] newfstatat(AT_FDCWD, "./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 4 [pid 5047] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5050] getdents64(4, [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./69/file0") = 0 [pid 5047] getdents64(4, [pid 5050] getdents64(3, [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(4 [pid 5050] close(3) = 0 [pid 5047] <... close resumed>) = 0 [pid 5479] <... ioctl resumed>) = 0 [pid 5050] rmdir("./69" [pid 5479] close(3 [pid 5050] <... rmdir resumed>) = 0 [pid 5480] <... write resumed>) = 2097152 [pid 5479] <... close resumed>) = 0 [pid 5050] mkdir("./70", 0777 [pid 5480] munmap(0x7f3b887a1000, 138412032 [pid 5479] mkdir("./file0", 0777 [pid 5050] <... mkdir resumed>) = 0 [pid 5047] rmdir("./68/file0" [pid 5479] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5479] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5047] <... rmdir resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5047] getdents64(3, [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5480] <... munmap resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] close(3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... close resumed>) = 0 [pid 5482] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5480] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] close(3 [pid 5480] <... openat resumed>) = 4 [ 96.754290][ T5479] loop4: detected capacity change from 0 to 4096 [ 96.792811][ T5479] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5047] <... close resumed>) = 0 [pid 5480] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5483 [pid 5481] <... write resumed>) = 2097152 [pid 5047] rmdir("./68"./strace-static-x86_64: Process 5483 attached [pid 5483] set_robust_list(0x555556629660, 24 [pid 5047] <... rmdir resumed>) = 0 [pid 5483] <... set_robust_list resumed>) = 0 [pid 5483] chdir("./70") = 0 [pid 5483] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5481] munmap(0x7f3b887a1000, 138412032 [pid 5047] mkdir("./69", 0777 [pid 5483] setpgid(0, 0) = 0 [pid 5483] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... mkdir resumed>) = 0 [pid 5483] <... openat resumed>) = 3 [pid 5483] write(3, "1000", 4 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5483] <... write resumed>) = 4 [pid 5483] close(3 [pid 5047] <... openat resumed>) = 3 [pid 5483] <... close resumed>) = 0 [pid 5483] symlink("/dev/binderfs", "./binderfs" [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5483] <... symlink resumed>) = 0 [pid 5483] memfd_create("syzkaller", 0 [pid 5481] <... munmap resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5480] <... ioctl resumed>) = 0 [pid 5479] <... mount resumed>) = 0 [pid 5479] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] close(3 [pid 5480] close(3 [pid 5479] <... openat resumed>) = 3 [pid 5480] <... close resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5483] <... memfd_create resumed>) = 3 [pid 5480] mkdir("./file0", 0777 [pid 5479] chdir("./file0" [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5483] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5481] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5480] <... mkdir resumed>) = 0 [pid 5483] <... mmap resumed>) = 0x7f3b887a1000 [pid 5482] <... write resumed>) = 2097152 [pid 5481] <... openat resumed>) = 4 [pid 5479] <... chdir resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5484 ./strace-static-x86_64: Process 5484 attached [pid 5480] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5484] set_robust_list(0x555556629660, 24 [pid 5481] ioctl(4, LOOP_SET_FD, 3 [pid 5479] ioctl(4, LOOP_CLR_FD [pid 5484] <... set_robust_list resumed>) = 0 [pid 5479] <... ioctl resumed>) = 0 [ 96.811225][ T5480] loop2: detected capacity change from 0 to 4096 [pid 5484] chdir("./69") = 0 [pid 5484] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5484] setpgid(0, 0) = 0 [pid 5484] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5482] munmap(0x7f3b887a1000, 138412032 [pid 5481] <... ioctl resumed>) = 0 [pid 5479] close(4) = 0 [pid 5484] <... openat resumed>) = 3 [pid 5484] write(3, "1000", 4 [pid 5481] close(3 [pid 5479] exit_group(0 [pid 5484] <... write resumed>) = 4 [pid 5481] <... close resumed>) = 0 [pid 5484] close(3 [pid 5481] mkdir("./file0", 0777 [pid 5484] <... close resumed>) = 0 [pid 5484] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5481] <... mkdir resumed>) = 0 [pid 5484] memfd_create("syzkaller", 0 [pid 5482] <... munmap resumed>) = 0 [pid 5481] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5479] <... exit_group resumed>) = ? [pid 5484] <... memfd_create resumed>) = 3 [pid 5484] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5479] +++ exited with 0 +++ [ 96.862838][ T5481] loop5: detected capacity change from 0 to 4096 [ 96.869716][ T5480] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5482] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5481] <... mount resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5479, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5482] <... openat resumed>) = 4 [pid 5481] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5482] ioctl(4, LOOP_SET_FD, 3 [pid 5481] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5481] chdir("./file0" [pid 5051] newfstatat(3, "", [pid 5481] <... chdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5480] <... mount resumed>) = 0 [pid 5051] getdents64(3, [pid 5483] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5482] <... ioctl resumed>) = 0 [pid 5481] ioctl(4, LOOP_CLR_FD [pid 5480] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5482] close(3 [pid 5481] <... ioctl resumed>) = 0 [pid 5480] <... openat resumed>) = 3 [pid 5051] umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5482] <... close resumed>) = 0 [pid 5481] close(4 [pid 5480] chdir("./file0" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5482] mkdir("./file0", 0777 [pid 5481] <... close resumed>) = 0 [ 96.903300][ T5481] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 96.931790][ T5482] loop1: detected capacity change from 0 to 4096 [pid 5051] newfstatat(AT_FDCWD, "./67/binderfs", [pid 5481] exit_group(0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5480] <... chdir resumed>) = 0 [pid 5481] <... exit_group resumed>) = ? [pid 5051] unlink("./67/binderfs" [pid 5481] +++ exited with 0 +++ [pid 5051] <... unlink resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5481, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5052] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5482] <... mkdir resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./68/binderfs") = 0 [pid 5482] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5480] ioctl(4, LOOP_CLR_FD) = 0 [pid 5480] close(4) = 0 [pid 5484] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5480] exit_group(0) = ? [pid 5480] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5480, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5049] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5483] <... write resumed>) = 2097152 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5484] <... write resumed>) = 2097152 [pid 5483] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... openat resumed>) = 3 [pid 5484] munmap(0x7f3b887a1000, 138412032 [pid 5483] <... munmap resumed>) = 0 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5484] <... munmap resumed>) = 0 [pid 5049] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./70/binderfs" [ 96.974682][ T5482] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5483] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5483] <... openat resumed>) = 4 [pid 5483] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5484] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5483] <... ioctl resumed>) = 0 [pid 5482] <... mount resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = 0 [pid 5484] <... openat resumed>) = 4 [pid 5483] close(3 [pid 5482] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5484] ioctl(4, LOOP_SET_FD, 3 [pid 5482] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5482] chdir("./file0" [pid 5051] newfstatat(AT_FDCWD, "./67/file0", [pid 5482] <... chdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5482] ioctl(4, LOOP_CLR_FD [pid 5051] umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5482] <... ioctl resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5482] close(4 [pid 5051] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5482] <... close resumed>) = 0 [pid 5482] exit_group(0 [pid 5051] <... openat resumed>) = 4 [pid 5482] <... exit_group resumed>) = ? [pid 5052] newfstatat(AT_FDCWD, "./68/file0", [pid 5051] newfstatat(4, "", [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5484] <... ioctl resumed>) = 0 [pid 5483] <... close resumed>) = 0 [pid 5482] +++ exited with 0 +++ [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] newfstatat(AT_FDCWD, "./70/file0", [pid 5484] close(3 [pid 5483] mkdir("./file0", 0777 [pid 5052] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(4, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5484] <... close resumed>) = 0 [pid 5483] <... mkdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5482, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5484] mkdir("./file0", 0777 [pid 5483] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 4 [pid 5049] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5484] <... mkdir resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5049] <... openat resumed>) = 4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 97.038594][ T5483] loop3: detected capacity change from 0 to 4096 [ 97.058399][ T5484] loop0: detected capacity change from 0 to 4096 [pid 5049] newfstatat(4, "", [pid 5484] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5052] getdents64(4, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5048] <... restart_syscall resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5048] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(4, [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] getdents64(4, [pid 5051] rmdir("./67/file0" [pid 5048] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] close(4 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... close resumed>) = 0 [pid 5049] getdents64(4, [pid 5048] <... openat resumed>) = 3 [pid 5052] rmdir("./68/file0" [pid 5051] <... rmdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] close(4 [pid 5048] newfstatat(3, "", [pid 5051] getdents64(3, [pid 5052] getdents64(3, [pid 5049] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] rmdir("./70/file0" [pid 5052] close(3 [pid 5051] close(3 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5052] <... close resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5049] getdents64(3, [pid 5052] rmdir("./68" [pid 5051] rmdir("./67" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] close(3 [pid 5052] mkdir("./69", 0777 [pid 5051] <... rmdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5048] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... mkdir resumed>) = 0 [pid 5049] rmdir("./70" [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 3 [pid 5049] mkdir("./71", 0777 [pid 5048] newfstatat(AT_FDCWD, "./69/binderfs", [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] <... mkdir resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] mkdir("./68", 0777 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] close(3 [pid 5048] unlink("./69/binderfs" [pid 5052] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... unlink resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5485 attached [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5048] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5485] set_robust_list(0x555556629660, 24 [pid 5051] <... mkdir resumed>) = 0 [pid 5485] <... set_robust_list resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5485 [pid 5485] chdir("./69"./strace-static-x86_64: Process 5486 attached [ 97.080413][ T5483] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 97.085047][ T5484] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5486] set_robust_list(0x555556629660, 24 [pid 5485] <... chdir resumed>) = 0 [pid 5483] <... mount resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5486 [pid 5048] <... umount2 resumed>) = 0 [pid 5048] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5486] <... set_robust_list resumed>) = 0 [pid 5485] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5484] <... mount resumed>) = 0 [pid 5483] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5486] chdir("./71" [pid 5483] <... openat resumed>) = 3 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] newfstatat(AT_FDCWD, "./69/file0", [pid 5484] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5484] <... openat resumed>) = 3 [pid 5048] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5484] chdir("./file0") = 0 [pid 5485] <... prctl resumed>) = 0 [pid 5486] <... chdir resumed>) = 0 [pid 5483] chdir("./file0" [pid 5051] close(3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5485] setpgid(0, 0 [pid 5484] ioctl(4, LOOP_CLR_FD [pid 5485] <... setpgid resumed>) = 0 [pid 5484] <... ioctl resumed>) = 0 [pid 5485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5484] close(4) = 0 [pid 5484] exit_group(0 [pid 5485] <... openat resumed>) = 3 [pid 5485] write(3, "1000", 4 [pid 5484] <... exit_group resumed>) = ? [pid 5485] <... write resumed>) = 4 [pid 5484] +++ exited with 0 +++ [pid 5485] close(3 [pid 5486] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5485] <... close resumed>) = 0 [pid 5483] <... chdir resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... openat resumed>) = 4 [pid 5486] <... prctl resumed>) = 0 [pid 5485] symlink("/dev/binderfs", "./binderfs" [pid 5483] ioctl(4, LOOP_CLR_FD [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5484, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5485] <... symlink resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5047] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5483] <... ioctl resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5483] close(4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5487 attached [pid 5486] setpgid(0, 0 [pid 5485] memfd_create("syzkaller", 0 [pid 5483] <... close resumed>) = 0 [pid 5048] getdents64(4, [pid 5047] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5487] set_robust_list(0x555556629660, 24 [pid 5486] <... setpgid resumed>) = 0 [pid 5483] exit_group(0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5487 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5487] <... set_robust_list resumed>) = 0 [pid 5486] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5483] <... exit_group resumed>) = ? [pid 5048] getdents64(4, [pid 5047] <... openat resumed>) = 3 [pid 5485] <... memfd_create resumed>) = 3 [pid 5485] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5483] +++ exited with 0 +++ [pid 5486] <... openat resumed>) = 3 [pid 5485] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] newfstatat(3, "", [pid 5487] chdir("./68" [pid 5486] write(3, "1000", 4 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5483, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5048] close(4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5487] <... chdir resumed>) = 0 [pid 5486] <... write resumed>) = 4 [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5048] <... close resumed>) = 0 [pid 5487] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5486] close(3 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5048] rmdir("./69/file0" [pid 5047] getdents64(3, [pid 5487] <... prctl resumed>) = 0 [pid 5486] <... close resumed>) = 0 [pid 5486] symlink("/dev/binderfs", "./binderfs" [pid 5487] setpgid(0, 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... rmdir resumed>) = 0 [pid 5487] <... setpgid resumed>) = 0 [pid 5486] <... symlink resumed>) = 0 [pid 5050] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(3, [pid 5047] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5487] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5487] <... openat resumed>) = 3 [pid 5050] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] close(3 [pid 5047] newfstatat(AT_FDCWD, "./69/binderfs", [pid 5487] write(3, "1000", 4 [pid 5050] <... openat resumed>) = 3 [pid 5487] <... write resumed>) = 4 [pid 5050] newfstatat(3, "", [pid 5048] <... close resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5487] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] unlink("./69/binderfs" [pid 5487] <... close resumed>) = 0 [pid 5050] getdents64(3, [pid 5048] rmdir("./69" [pid 5047] <... unlink resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5487] symlink("/dev/binderfs", "./binderfs" [pid 5486] memfd_create("syzkaller", 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] mkdir("./70", 0777) = 0 [pid 5487] <... symlink resumed>) = 0 [pid 5050] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./70/binderfs", [pid 5487] memfd_create("syzkaller", 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5486] <... memfd_create resumed>) = 3 [pid 5050] unlink("./70/binderfs" [pid 5048] <... openat resumed>) = 3 [pid 5487] <... memfd_create resumed>) = 3 [pid 5486] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5485] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... unlink resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5487] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5486] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5487] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5488 ./strace-static-x86_64: Process 5488 attached [pid 5047] <... umount2 resumed>) = 0 [pid 5488] set_robust_list(0x555556629660, 24 [pid 5047] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5488] <... set_robust_list resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5488] chdir("./70" [pid 5047] getdents64(4, [pid 5488] <... chdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5488] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5488] setpgid(0, 0) = 0 [pid 5488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5488] write(3, "1000", 4 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5488] <... write resumed>) = 4 [pid 5047] rmdir("./69/file0" [pid 5488] close(3 [pid 5047] <... rmdir resumed>) = 0 [pid 5488] <... close resumed>) = 0 [pid 5047] getdents64(3, [pid 5488] symlink("/dev/binderfs", "./binderfs" [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5488] <... symlink resumed>) = 0 [pid 5047] close(3) = 0 [pid 5488] memfd_create("syzkaller", 0 [pid 5047] rmdir("./69") = 0 [pid 5047] mkdir("./70", 0777) = 0 [pid 5488] <... memfd_create resumed>) = 3 [pid 5488] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5485] <... write resumed>) = 2097152 [pid 5050] <... umount2 resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3 [pid 5487] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] newfstatat(AT_FDCWD, "./70/file0", [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5489 ./strace-static-x86_64: Process 5489 attached [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5489] set_robust_list(0x555556629660, 24) = 0 [pid 5489] chdir("./70") = 0 [pid 5489] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5489] setpgid(0, 0) = 0 [pid 5050] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5489] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5489] <... openat resumed>) = 3 [pid 5486] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5489] write(3, "1000", 4) = 4 [pid 5489] close(3) = 0 [pid 5489] symlink("/dev/binderfs", "./binderfs" [pid 5485] munmap(0x7f3b887a1000, 138412032 [pid 5489] <... symlink resumed>) = 0 [pid 5485] <... munmap resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5489] memfd_create("syzkaller", 0 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, [pid 5489] <... memfd_create resumed>) = 3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5489] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] close(4) = 0 [pid 5485] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5050] rmdir("./70/file0" [pid 5485] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... rmdir resumed>) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./70") = 0 [pid 5050] mkdir("./71", 0777 [pid 5485] <... ioctl resumed>) = 0 [pid 5485] close(3) = 0 [pid 5485] mkdir("./file0", 0777) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5485] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5486] <... write resumed>) = 2097152 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5488] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3 [pid 5487] <... write resumed>) = 2097152 [pid 5486] munmap(0x7f3b887a1000, 138412032 [pid 5487] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... close resumed>) = 0 [ 97.384794][ T5485] loop5: detected capacity change from 0 to 4096 [ 97.422502][ T5485] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5489] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5487] <... munmap resumed>) = 0 [pid 5486] <... munmap resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5490 attached [pid 5490] set_robust_list(0x555556629660, 24 [pid 5487] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5486] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5490 [pid 5490] <... set_robust_list resumed>) = 0 [pid 5487] <... openat resumed>) = 4 [pid 5490] chdir("./71" [pid 5487] ioctl(4, LOOP_SET_FD, 3 [pid 5486] <... openat resumed>) = 4 [pid 5485] <... mount resumed>) = 0 [pid 5485] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5485] chdir("./file0") = 0 [pid 5485] ioctl(4, LOOP_CLR_FD) = 0 [pid 5485] close(4) = 0 [pid 5486] ioctl(4, LOOP_SET_FD, 3 [pid 5490] <... chdir resumed>) = 0 [pid 5487] <... ioctl resumed>) = 0 [pid 5485] exit_group(0) = ? [pid 5485] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5485, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5052] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5490] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5487] close(3 [pid 5486] <... ioctl resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5490] <... prctl resumed>) = 0 [pid 5486] close(3 [pid 5052] newfstatat(3, "", [pid 5487] <... close resumed>) = 0 [pid 5490] setpgid(0, 0 [pid 5488] <... write resumed>) = 2097152 [pid 5487] mkdir("./file0", 0777 [pid 5486] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5490] <... setpgid resumed>) = 0 [pid 5486] mkdir("./file0", 0777 [pid 5052] getdents64(3, [pid 5486] <... mkdir resumed>) = 0 [pid 5490] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5488] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5490] <... openat resumed>) = 3 [pid 5488] <... munmap resumed>) = 0 [pid 5487] <... mkdir resumed>) = 0 [pid 5486] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5490] write(3, "1000", 4 [pid 5487] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5490] <... write resumed>) = 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5490] close(3 [pid 5052] newfstatat(AT_FDCWD, "./69/binderfs", [pid 5490] <... close resumed>) = 0 [pid 5490] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./69/binderfs") = 0 [pid 5052] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5488] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 97.487716][ T5487] loop4: detected capacity change from 0 to 4096 [ 97.494989][ T5486] loop2: detected capacity change from 0 to 4096 [ 97.522003][ T5486] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 97.526673][ T5488] loop1: detected capacity change from 0 to 4096 [pid 5488] ioctl(4, LOOP_SET_FD, 3 [pid 5490] memfd_create("syzkaller", 0) = 3 [pid 5490] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5489] <... write resumed>) = 2097152 [pid 5489] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5489] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5489] ioctl(4, LOOP_SET_FD, 3 [pid 5488] <... ioctl resumed>) = 0 [pid 5488] close(3) = 0 [pid 5488] mkdir("./file0", 0777) = 0 [ 97.537440][ T5487] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 97.561671][ T5489] loop0: detected capacity change from 0 to 4096 [pid 5488] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5489] <... ioctl resumed>) = 0 [pid 5489] close(3 [pid 5490] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5489] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5489] mkdir("./file0", 0777) = 0 [pid 5052] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5489] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5486] <... mount resumed>) = 0 [pid 5052] getdents64(4, [pid 5486] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5486] <... openat resumed>) = 3 [pid 5052] close(4) = 0 [pid 5486] chdir("./file0") = 0 [pid 5052] rmdir("./69/file0" [pid 5486] ioctl(4, LOOP_CLR_FD [pid 5052] <... rmdir resumed>) = 0 [pid 5488] <... mount resumed>) = 0 [pid 5486] <... ioctl resumed>) = 0 [pid 5486] close(4 [pid 5488] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5486] <... close resumed>) = 0 [pid 5052] getdents64(3, [pid 5488] <... openat resumed>) = 3 [pid 5486] exit_group(0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5488] chdir("./file0" [pid 5486] <... exit_group resumed>) = ? [pid 5052] close(3) = 0 [pid 5488] <... chdir resumed>) = 0 [pid 5052] rmdir("./69" [pid 5488] ioctl(4, LOOP_CLR_FD [pid 5052] <... rmdir resumed>) = 0 [pid 5488] <... ioctl resumed>) = 0 [pid 5486] +++ exited with 0 +++ [pid 5488] close(4) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5486, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5489] <... mount resumed>) = 0 [pid 5488] exit_group(0 [pid 5052] mkdir("./70", 0777 [pid 5049] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5489] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5488] <... exit_group resumed>) = ? [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5489] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5489] chdir("./file0" [pid 5049] <... openat resumed>) = 3 [pid 5489] <... chdir resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5489] ioctl(4, LOOP_CLR_FD [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 97.595664][ T5488] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 97.618707][ T5489] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5049] getdents64(3, [pid 5489] <... ioctl resumed>) = 0 [pid 5487] <... mount resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5489] close(4 [pid 5488] +++ exited with 0 +++ [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5489] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] newfstatat(AT_FDCWD, "./71/binderfs", [pid 5489] exit_group(0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5488, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=9 /* 0.09 s */} --- [pid 5490] <... write resumed>) = 2097152 [pid 5489] <... exit_group resumed>) = ? [pid 5487] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] close(3 [pid 5049] unlink("./71/binderfs" [pid 5048] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5487] <... openat resumed>) = 3 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5490] munmap(0x7f3b887a1000, 138412032 [pid 5489] +++ exited with 0 +++ [pid 5487] chdir("./file0" [pid 5048] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5491 attached [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5489, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5048] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", [pid 5491] set_robust_list(0x555556629660, 24 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, [pid 5491] <... set_robust_list resumed>) = 0 [pid 5490] <... munmap resumed>) = 0 [pid 5487] <... chdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5490] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5487] ioctl(4, LOOP_CLR_FD [pid 5048] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./70/binderfs", [pid 5047] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5491 [pid 5048] unlink("./70/binderfs" [pid 5047] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5490] <... openat resumed>) = 4 [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5491] chdir("./70" [pid 5490] ioctl(4, LOOP_SET_FD, 3 [pid 5487] <... ioctl resumed>) = 0 [pid 5048] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(3, "", [pid 5487] close(4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./70/binderfs") = 0 [pid 5047] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5487] <... close resumed>) = 0 [pid 5491] <... chdir resumed>) = 0 [pid 5491] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5487] exit_group(0 [pid 5049] <... umount2 resumed>) = 0 [pid 5491] <... prctl resumed>) = 0 [pid 5487] <... exit_group resumed>) = ? [pid 5049] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", [pid 5487] +++ exited with 0 +++ [pid 5491] setpgid(0, 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5491] <... setpgid resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5487, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5491] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] getdents64(4, [pid 5491] <... openat resumed>) = 3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5491] write(3, "1000", 4 [pid 5049] close(4 [pid 5491] <... write resumed>) = 4 [pid 5490] <... ioctl resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5491] close(3 [pid 5049] rmdir("./71/file0" [pid 5491] <... close resumed>) = 0 [pid 5490] close(3 [pid 5051] umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5491] symlink("/dev/binderfs", "./binderfs" [pid 5490] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3 [pid 5491] <... symlink resumed>) = 0 [pid 5490] mkdir("./file0", 0777 [pid 5051] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./71" [pid 5051] <... openat resumed>) = 3 [pid 5049] <... rmdir resumed>) = 0 [pid 5490] <... mkdir resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5049] mkdir("./72", 0777 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5491] memfd_create("syzkaller", 0 [pid 5490] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] getdents64(3, [pid 5049] <... openat resumed>) = 3 [pid 5491] <... memfd_create resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5491] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5492 attached [pid 5492] set_robust_list(0x555556629660, 24 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5492 [pid 5492] <... set_robust_list resumed>) = 0 [pid 5492] chdir("./72" [pid 5051] umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5492] <... chdir resumed>) = 0 [pid 5491] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5492] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5492] setpgid(0, 0 [pid 5051] newfstatat(AT_FDCWD, "./68/binderfs", [pid 5492] <... setpgid resumed>) = 0 [pid 5047] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5492] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5492] <... openat resumed>) = 3 [pid 5051] unlink("./68/binderfs" [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5492] write(3, "1000", 4 [pid 5051] <... unlink resumed>) = 0 [pid 5048] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(AT_FDCWD, "./70/file0", [pid 5492] <... write resumed>) = 4 [pid 5051] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5492] close(3 [pid 5048] newfstatat(AT_FDCWD, "./70/file0", [pid 5047] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5492] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5492] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5492] <... symlink resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", [pid 5048] newfstatat(4, "", [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5492] memfd_create("syzkaller", 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(4, [pid 5047] close(4 [pid 5492] <... memfd_create resumed>) = 3 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... close resumed>) = 0 [pid 5492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] close(4 [pid 5047] rmdir("./70/file0" [pid 5492] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... close resumed>) = 0 [ 97.714624][ T5490] loop3: detected capacity change from 0 to 4096 [ 97.750584][ T5490] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5048] rmdir("./70/file0") = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./70") = 0 [pid 5047] mkdir("./71", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5493 ./strace-static-x86_64: Process 5493 attached [pid 5493] set_robust_list(0x555556629660, 24) = 0 [pid 5493] chdir("./71") = 0 [pid 5493] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] getdents64(3, [pid 5493] <... prctl resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5493] setpgid(0, 0) = 0 [pid 5493] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5493] write(3, "1000", 4) = 4 [pid 5493] close(3) = 0 [pid 5493] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5493] memfd_create("syzkaller", 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5048] close(3) = 0 [pid 5493] <... memfd_create resumed>) = 3 [pid 5048] rmdir("./70" [pid 5493] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] mkdir("./71", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5490] <... mount resumed>) = 0 [pid 5490] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5490] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5490] chdir("./file0") = 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5490] ioctl(4, LOOP_CLR_FD [pid 5048] close(3 [pid 5490] <... ioctl resumed>) = 0 [pid 5490] close(4 [pid 5048] <... close resumed>) = 0 [pid 5490] <... close resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5490] exit_group(0 [pid 5051] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5494 attached [pid 5492] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5491] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5490] <... exit_group resumed>) = ? [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5494] set_robust_list(0x555556629660, 24 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5494 [pid 5494] <... set_robust_list resumed>) = 0 [pid 5494] chdir("./71") = 0 [pid 5051] newfstatat(AT_FDCWD, "./68/file0", [pid 5494] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5490] +++ exited with 0 +++ [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5490, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5494] <... prctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5494] setpgid(0, 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./68/file0" [pid 5050] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5494] <... setpgid resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] getdents64(3, [pid 5050] newfstatat(3, "", [pid 5494] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5494] write(3, "1000", 4 [pid 5051] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5494] <... write resumed>) = 4 [pid 5051] <... close resumed>) = 0 [pid 5050] getdents64(3, [pid 5494] close(3 [pid 5051] rmdir("./68" [pid 5494] <... close resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5494] symlink("/dev/binderfs", "./binderfs" [pid 5051] mkdir("./69", 0777 [pid 5050] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5494] <... symlink resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5494] memfd_create("syzkaller", 0 [pid 5050] newfstatat(AT_FDCWD, "./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5494] <... memfd_create resumed>) = 3 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5050] unlink("./71/binderfs" [pid 5494] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] <... unlink resumed>) = 0 [pid 5494] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5493] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5495 ./strace-static-x86_64: Process 5495 attached [pid 5495] set_robust_list(0x555556629660, 24) = 0 [pid 5495] chdir("./69") = 0 [pid 5495] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5492] <... write resumed>) = 2097152 [pid 5491] <... write resumed>) = 2097152 [pid 5495] <... prctl resumed>) = 0 [pid 5495] setpgid(0, 0) = 0 [pid 5495] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5495] write(3, "1000", 4) = 4 [pid 5495] close(3) = 0 [pid 5495] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5495] memfd_create("syzkaller", 0) = 3 [pid 5495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5491] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5492] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5492] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5492] ioctl(4, LOOP_SET_FD, 3 [pid 5491] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] <... umount2 resumed>) = 0 [pid 5491] <... openat resumed>) = 4 [pid 5050] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5491] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./71/file0", [pid 5492] <... ioctl resumed>) = 0 [pid 5492] close(3) = 0 [pid 5492] mkdir("./file0", 0777 [pid 5493] <... write resumed>) = 2097152 [pid 5492] <... mkdir resumed>) = 0 [pid 5492] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5491] <... ioctl resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5494] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5493] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5493] <... munmap resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5495] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... openat resumed>) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5493] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 97.968851][ T5492] loop2: detected capacity change from 0 to 4096 [ 97.983403][ T5491] loop5: detected capacity change from 0 to 4096 [ 97.990803][ T5492] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5493] ioctl(4, LOOP_SET_FD, 3 [pid 5491] close(3 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5491] <... close resumed>) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5491] mkdir("./file0", 0777 [pid 5050] close(4) = 0 [pid 5491] <... mkdir resumed>) = 0 [pid 5050] rmdir("./71/file0" [pid 5491] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5050] <... rmdir resumed>) = 0 [pid 5493] <... ioctl resumed>) = 0 [pid 5050] getdents64(3, [pid 5493] close(3) = 0 [pid 5493] mkdir("./file0", 0777) = 0 [pid 5493] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [ 98.014607][ T5493] loop0: detected capacity change from 0 to 4096 [ 98.036685][ T5491] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5050] rmdir("./71") = 0 [pid 5050] mkdir("./72", 0777) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5494] <... write resumed>) = 2097152 [pid 5492] <... mount resumed>) = 0 [ 98.062830][ T5493] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5492] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] close(3 [pid 5492] <... openat resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5492] chdir("./file0" [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5495] <... write resumed>) = 2097152 [pid 5494] munmap(0x7f3b887a1000, 138412032 [pid 5492] <... chdir resumed>) = 0 [pid 5493] <... mount resumed>) = 0 [pid 5492] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 5496 attached ) = 0 [pid 5496] set_robust_list(0x555556629660, 24 [pid 5492] close(4) = 0 [pid 5492] exit_group(0) = ? [pid 5496] <... set_robust_list resumed>) = 0 [pid 5495] munmap(0x7f3b887a1000, 138412032 [pid 5494] <... munmap resumed>) = 0 [pid 5492] +++ exited with 0 +++ [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5496 [pid 5496] chdir("./72" [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5492, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5493] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5493] <... openat resumed>) = 3 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5493] chdir("./file0") = 0 [pid 5493] ioctl(4, LOOP_CLR_FD [pid 5049] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5493] <... ioctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5493] close(4 [pid 5049] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5496] <... chdir resumed>) = 0 [pid 5495] <... munmap resumed>) = 0 [pid 5494] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5493] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5493] exit_group(0 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5494] <... openat resumed>) = 4 [pid 5496] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5496] <... prctl resumed>) = 0 [pid 5495] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5494] ioctl(4, LOOP_SET_FD, 3 [pid 5049] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5496] setpgid(0, 0 [pid 5495] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5493] <... exit_group resumed>) = ? [pid 5049] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5493] +++ exited with 0 +++ [pid 5496] <... setpgid resumed>) = 0 [pid 5495] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./72/binderfs" [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5493, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5496] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5495] <... ioctl resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5496] <... openat resumed>) = 3 [pid 5495] close(3 [pid 5494] <... ioctl resumed>) = 0 [pid 5047] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5496] write(3, "1000", 4 [pid 5495] <... close resumed>) = 0 [pid 5494] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5496] <... write resumed>) = 4 [pid 5495] mkdir("./file0", 0777 [pid 5494] <... close resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./71/binderfs", [pid 5496] close(3 [pid 5495] <... mkdir resumed>) = 0 [pid 5494] mkdir("./file0", 0777 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5496] <... close resumed>) = 0 [pid 5496] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5495] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5494] <... mkdir resumed>) = 0 [pid 5047] unlink("./71/binderfs" [pid 5494] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5047] <... unlink resumed>) = 0 [pid 5047] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 98.147074][ T5494] loop1: detected capacity change from 0 to 4096 [ 98.154927][ T5495] loop4: detected capacity change from 0 to 4096 [ 98.185203][ T5495] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5496] memfd_create("syzkaller", 0) = 3 [pid 5496] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5491] <... mount resumed>) = 0 [pid 5491] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5491] chdir("./file0") = 0 [pid 5491] ioctl(4, LOOP_CLR_FD [pid 5047] <... umount2 resumed>) = 0 [pid 5491] <... ioctl resumed>) = 0 [pid 5491] close(4 [pid 5047] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5491] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5491] exit_group(0 [pid 5047] newfstatat(AT_FDCWD, "./71/file0", [pid 5491] <... exit_group resumed>) = ? [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./72/file0", [pid 5047] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5049] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(4, "", [pid 5491] +++ exited with 0 +++ [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5491, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5049] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] getdents64(4, [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5049] <... openat resumed>) = 4 [ 98.202126][ T5494] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... restart_syscall resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5047] getdents64(4, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] getdents64(4, [pid 5047] close(4 [pid 5052] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] rmdir("./71/file0" [pid 5052] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] getdents64(4, [pid 5047] <... rmdir resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] close(4 [pid 5047] getdents64(3, [pid 5052] getdents64(3, [pid 5049] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] rmdir("./72/file0" [pid 5047] close(3 [pid 5052] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5047] <... close resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./70/binderfs", [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] rmdir("./71" [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] close(3 [pid 5047] <... rmdir resumed>) = 0 [pid 5052] unlink("./70/binderfs" [pid 5049] <... close resumed>) = 0 [pid 5047] mkdir("./72", 0777 [pid 5052] <... unlink resumed>) = 0 [pid 5049] rmdir("./72" [pid 5047] <... mkdir resumed>) = 0 [pid 5496] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5049] mkdir("./73", 0777 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] <... mkdir resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5052] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5495] <... mount resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] newfstatat(AT_FDCWD, "./70/file0", [pid 5049] <... openat resumed>) = 3 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5047] close(3 [pid 5052] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] close(3 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5495] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5497 [pid 5495] <... openat resumed>) = 3 [pid 5052] newfstatat(4, "", [pid 5495] chdir("./file0"./strace-static-x86_64: Process 5497 attached [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5498 [pid 5497] set_robust_list(0x555556629660, 24 [pid 5052] getdents64(4, [pid 5497] <... set_robust_list resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5498 attached [pid 5497] chdir("./72" [pid 5495] <... chdir resumed>) = 0 [pid 5052] getdents64(4, [pid 5498] set_robust_list(0x555556629660, 24 [pid 5497] <... chdir resumed>) = 0 [pid 5495] ioctl(4, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5497] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] close(4 [pid 5498] <... set_robust_list resumed>) = 0 [pid 5497] <... prctl resumed>) = 0 [pid 5495] <... ioctl resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5498] chdir("./73" [pid 5497] setpgid(0, 0 [pid 5495] close(4 [pid 5052] rmdir("./70/file0" [pid 5498] <... chdir resumed>) = 0 [pid 5497] <... setpgid resumed>) = 0 [pid 5495] <... close resumed>) = 0 [pid 5494] <... mount resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5498] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5497] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5495] exit_group(0 [pid 5494] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] getdents64(3, [pid 5498] <... prctl resumed>) = 0 [pid 5497] <... openat resumed>) = 3 [pid 5495] <... exit_group resumed>) = ? [pid 5494] <... openat resumed>) = 3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5498] setpgid(0, 0 [pid 5497] write(3, "1000", 4 [pid 5052] close(3 [pid 5498] <... setpgid resumed>) = 0 [pid 5497] <... write resumed>) = 4 [pid 5495] +++ exited with 0 +++ [pid 5494] chdir("./file0" [pid 5052] <... close resumed>) = 0 [pid 5498] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5497] close(3 [pid 5052] rmdir("./70" [pid 5494] <... chdir resumed>) = 0 [pid 5498] <... openat resumed>) = 3 [pid 5497] <... close resumed>) = 0 [pid 5494] ioctl(4, LOOP_CLR_FD [pid 5052] <... rmdir resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5495, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5497] symlink("/dev/binderfs", "./binderfs" [pid 5052] mkdir("./71", 0777 [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5494] <... ioctl resumed>) = 0 [pid 5498] write(3, "1000", 4 [pid 5497] <... symlink resumed>) = 0 [pid 5498] <... write resumed>) = 4 [pid 5498] close(3 [pid 5051] <... restart_syscall resumed>) = 0 [pid 5498] <... close resumed>) = 0 [pid 5494] close(4 [pid 5498] symlink("/dev/binderfs", "./binderfs" [pid 5494] <... close resumed>) = 0 [pid 5498] <... symlink resumed>) = 0 [pid 5497] memfd_create("syzkaller", 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5497] <... memfd_create resumed>) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5051] <... openat resumed>) = 3 [pid 5052] <... ioctl resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5494] exit_group(0 [pid 5052] close(3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... close resumed>) = 0 [pid 5051] getdents64(3, [pid 5494] <... exit_group resumed>) = ? [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5497] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5499 attached [pid 5498] memfd_create("syzkaller", 0 [pid 5497] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5499] set_robust_list(0x555556629660, 24 [pid 5496] <... write resumed>) = 2097152 [pid 5499] <... set_robust_list resumed>) = 0 [pid 5499] chdir("./71" [pid 5051] newfstatat(AT_FDCWD, "./69/binderfs", [pid 5499] <... chdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5499] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5498] <... memfd_create resumed>) = 3 [pid 5494] +++ exited with 0 +++ [pid 5051] unlink("./69/binderfs" [pid 5498] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5494, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5498] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5499 [pid 5051] <... unlink resumed>) = 0 [pid 5499] <... prctl resumed>) = 0 [pid 5051] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5499] setpgid(0, 0) = 0 [pid 5499] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5499] write(3, "1000", 4) = 4 [pid 5499] close(3) = 0 [pid 5499] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5499] memfd_create("syzkaller", 0 [pid 5496] munmap(0x7f3b887a1000, 138412032 [pid 5048] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5499] <... memfd_create resumed>) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, [pid 5499] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5496] <... munmap resumed>) = 0 [pid 5048] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./71/binderfs") = 0 [pid 5048] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5496] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5496] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5497] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5051] rmdir("./69/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./69") = 0 [pid 5051] mkdir("./70", 0777) = 0 [pid 5048] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./71/file0", [pid 5496] close(3) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5496] mkdir("./file0", 0777 [pid 5048] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5496] <... mkdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 98.452925][ T5496] loop3: detected capacity change from 0 to 4096 [pid 5048] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5498] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... openat resumed>) = 4 [pid 5496] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5048] newfstatat(4, "", [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] close(3 [pid 5048] getdents64(4, [pid 5051] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5499] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./71/file0" [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5500 [pid 5048] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5500 attached [pid 5500] set_robust_list(0x555556629660, 24) = 0 [pid 5500] chdir("./70") = 0 [pid 5500] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5500] setpgid(0, 0) = 0 [pid 5500] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] getdents64(3, [pid 5500] <... openat resumed>) = 3 [pid 5500] write(3, "1000", 4) = 4 [pid 5500] close(3) = 0 [pid 5500] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5500] memfd_create("syzkaller", 0 [pid 5048] close(3) = 0 [pid 5500] <... memfd_create resumed>) = 3 [pid 5497] <... write resumed>) = 2097152 [pid 5048] rmdir("./71" [pid 5500] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5497] munmap(0x7f3b887a1000, 138412032 [pid 5500] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... rmdir resumed>) = 0 [ 98.523926][ T5496] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5497] <... munmap resumed>) = 0 [pid 5048] mkdir("./72", 0777 [pid 5498] <... write resumed>) = 2097152 [pid 5498] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... mkdir resumed>) = 0 [pid 5497] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5497] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5501 attached [pid 5499] <... write resumed>) = 2097152 [pid 5498] <... munmap resumed>) = 0 [pid 5497] <... ioctl resumed>) = 0 [pid 5501] set_robust_list(0x555556629660, 24 [pid 5498] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5497] close(3 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5501 [pid 5501] <... set_robust_list resumed>) = 0 [pid 5498] <... openat resumed>) = 4 [pid 5501] chdir("./72" [pid 5498] ioctl(4, LOOP_SET_FD, 3 [pid 5497] <... close resumed>) = 0 [pid 5501] <... chdir resumed>) = 0 [pid 5501] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5497] mkdir("./file0", 0777 [pid 5501] <... prctl resumed>) = 0 [pid 5497] <... mkdir resumed>) = 0 [pid 5501] setpgid(0, 0 [pid 5497] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5499] munmap(0x7f3b887a1000, 138412032 [pid 5501] <... setpgid resumed>) = 0 [pid 5501] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5496] <... mount resumed>) = 0 [ 98.596810][ T5497] loop0: detected capacity change from 0 to 4096 [ 98.627376][ T5498] loop2: detected capacity change from 0 to 4096 [pid 5496] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5496] chdir("./file0" [pid 5499] <... munmap resumed>) = 0 [pid 5496] <... chdir resumed>) = 0 [pid 5501] <... openat resumed>) = 3 [pid 5500] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5498] <... ioctl resumed>) = 0 [pid 5501] write(3, "1000", 4 [pid 5498] close(3 [pid 5501] <... write resumed>) = 4 [pid 5498] <... close resumed>) = 0 [pid 5501] close(3 [pid 5498] mkdir("./file0", 0777 [pid 5501] <... close resumed>) = 0 [pid 5501] symlink("/dev/binderfs", "./binderfs" [pid 5499] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5501] <... symlink resumed>) = 0 [pid 5496] ioctl(4, LOOP_CLR_FD [pid 5499] <... openat resumed>) = 4 [pid 5496] <... ioctl resumed>) = 0 [pid 5499] ioctl(4, LOOP_SET_FD, 3 [pid 5496] close(4) = 0 [pid 5496] exit_group(0) = ? [pid 5496] +++ exited with 0 +++ [pid 5501] memfd_create("syzkaller", 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5496, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5498] <... mkdir resumed>) = 0 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5050] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5501] <... memfd_create resumed>) = 3 [pid 5498] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5501] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5050] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", [pid 5497] <... mount resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5497] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5497] <... openat resumed>) = 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5497] chdir("./file0" [pid 5050] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5497] <... chdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5497] ioctl(4, LOOP_CLR_FD [pid 5050] unlink("./72/binderfs" [pid 5497] <... ioctl resumed>) = 0 [pid 5499] <... ioctl resumed>) = 0 [pid 5497] close(4 [pid 5050] <... unlink resumed>) = 0 [pid 5499] close(3 [pid 5497] <... close resumed>) = 0 [pid 5499] <... close resumed>) = 0 [pid 5497] exit_group(0 [pid 5050] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5499] mkdir("./file0", 0777) = 0 [pid 5497] <... exit_group resumed>) = ? [ 98.662521][ T5497] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 98.681566][ T5499] loop5: detected capacity change from 0 to 4096 [ 98.700012][ T5498] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5499] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5497] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5497, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5047] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./72/binderfs") = 0 [pid 5047] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5500] <... write resumed>) = 2097152 [pid 5498] <... mount resumed>) = 0 [pid 5498] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5498] chdir("./file0") = 0 [pid 5498] ioctl(4, LOOP_CLR_FD [pid 5500] munmap(0x7f3b887a1000, 138412032 [pid 5498] <... ioctl resumed>) = 0 [pid 5500] <... munmap resumed>) = 0 [pid 5498] close(4 [pid 5050] <... umount2 resumed>) = 0 [pid 5498] <... close resumed>) = 0 [ 98.741004][ T5499] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5498] exit_group(0 [pid 5501] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5500] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5498] <... exit_group resumed>) = ? [pid 5047] <... umount2 resumed>) = 0 [pid 5047] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4 [pid 5498] +++ exited with 0 +++ [pid 5500] <... openat resumed>) = 4 [pid 5047] <... close resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5498, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5047] rmdir("./72/file0" [pid 5500] ioctl(4, LOOP_SET_FD, 3 [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5047] <... rmdir resumed>) = 0 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5049] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(3, [pid 5049] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] close(3 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... close resumed>) = 0 [pid 5049] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./73/binderfs", [pid 5047] rmdir("./72" [pid 5050] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5049] unlink("./73/binderfs" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(AT_FDCWD, "./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] mkdir("./73", 0777 [pid 5050] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... mkdir resumed>) = 0 [pid 5500] <... ioctl resumed>) = 0 [pid 5500] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5500] <... close resumed>) = 0 [pid 5500] mkdir("./file0", 0777 [pid 5050] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 4 [pid 5500] <... mkdir resumed>) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5050] newfstatat(4, "", [pid 5500] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] close(3 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5047] <... close resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] rmdir("./72/file0") = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5502 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5502 attached [pid 5050] close(3 [pid 5502] set_robust_list(0x555556629660, 24 [pid 5050] <... close resumed>) = 0 [pid 5502] <... set_robust_list resumed>) = 0 [pid 5050] rmdir("./72" [pid 5502] chdir("./73" [pid 5050] <... rmdir resumed>) = 0 [pid 5502] <... chdir resumed>) = 0 [pid 5502] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] mkdir("./73", 0777 [pid 5502] <... prctl resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5502] setpgid(0, 0 [pid 5499] <... mount resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5502] <... setpgid resumed>) = 0 [pid 5499] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... openat resumed>) = 3 [pid 5502] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5499] <... openat resumed>) = 3 [pid 5502] <... openat resumed>) = 3 [pid 5499] chdir("./file0" [pid 5049] <... umount2 resumed>) = 0 [pid 5499] <... chdir resumed>) = 0 [pid 5049] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5499] ioctl(4, LOOP_CLR_FD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5499] <... ioctl resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./73/file0", [pid 5499] close(4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5502] write(3, "1000", 4 [pid 5499] <... close resumed>) = 0 [ 98.817000][ T5500] loop4: detected capacity change from 0 to 4096 [ 98.852451][ T5500] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5049] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5502] <... write resumed>) = 4 [pid 5499] exit_group(0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5502] close(3 [pid 5499] <... exit_group resumed>) = ? [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5502] <... close resumed>) = 0 [pid 5501] <... write resumed>) = 2097152 [pid 5050] close(3 [pid 5049] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5502] symlink("/dev/binderfs", "./binderfs" [pid 5501] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5502] <... symlink resumed>) = 0 [pid 5499] +++ exited with 0 +++ [pid 5049] newfstatat(4, "", [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5499, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, ./strace-static-x86_64: Process 5503 attached [pid 5052] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5502] memfd_create("syzkaller", 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(4, [pid 5503] set_robust_list(0x555556629660, 24 [pid 5052] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] newfstatat(3, "", [pid 5049] close(4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... close resumed>) = 0 [pid 5503] <... set_robust_list resumed>) = 0 [pid 5502] <... memfd_create resumed>) = 3 [pid 5501] <... munmap resumed>) = 0 [pid 5052] getdents64(3, [pid 5049] rmdir("./73/file0" [pid 5503] chdir("./73" [pid 5502] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5501] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... rmdir resumed>) = 0 [pid 5503] <... chdir resumed>) = 0 [pid 5502] <... mmap resumed>) = 0x7f3b887a1000 [pid 5501] <... openat resumed>) = 4 [pid 5500] <... mount resumed>) = 0 [pid 5052] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5503] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5501] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5503] <... prctl resumed>) = 0 [pid 5501] <... ioctl resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./71/binderfs", [pid 5049] getdents64(3, [pid 5503] setpgid(0, 0 [pid 5500] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5503] <... setpgid resumed>) = 0 [pid 5052] unlink("./71/binderfs" [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5503 [pid 5052] <... unlink resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5503] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5500] <... openat resumed>) = 3 [pid 5049] close(3) = 0 [pid 5049] rmdir("./73") = 0 [pid 5049] mkdir("./74", 0777 [pid 5503] <... openat resumed>) = 3 [pid 5500] chdir("./file0" [pid 5049] <... mkdir resumed>) = 0 [pid 5503] write(3, "1000", 4 [pid 5500] <... chdir resumed>) = 0 [pid 5503] <... write resumed>) = 4 [pid 5503] close(3) = 0 [pid 5501] close(3 [pid 5500] ioctl(4, LOOP_CLR_FD [pid 5052] <... umount2 resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5500] <... ioctl resumed>) = 0 [pid 5501] <... close resumed>) = 0 [pid 5501] mkdir("./file0", 0777 [pid 5052] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5503] symlink("/dev/binderfs", "./binderfs" [pid 5500] close(4 [pid 5052] newfstatat(AT_FDCWD, "./71/file0", [pid 5500] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5500] exit_group(0 [pid 5052] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5500] <... exit_group resumed>) = ? [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5504 attached [pid 5500] +++ exited with 0 +++ [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5504] set_robust_list(0x555556629660, 24 [pid 5052] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5500, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5504 [pid 5504] <... set_robust_list resumed>) = 0 [pid 5501] <... mkdir resumed>) = 0 [pid 5503] <... symlink resumed>) = 0 [pid 5501] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] <... openat resumed>) = 4 [pid 5052] newfstatat(4, "", [pid 5051] umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5504] chdir("./74" [pid 5052] getdents64(4, [pid 5051] <... openat resumed>) = 3 [ 98.923702][ T5501] loop1: detected capacity change from 0 to 4096 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./70/binderfs") = 0 [pid 5051] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5504] <... chdir resumed>) = 0 [pid 5504] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5503] memfd_create("syzkaller", 0 [pid 5504] <... prctl resumed>) = 0 [pid 5052] getdents64(4, [pid 5503] <... memfd_create resumed>) = 3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5504] setpgid(0, 0 [pid 5503] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] close(4 [pid 5504] <... setpgid resumed>) = 0 [pid 5503] <... mmap resumed>) = 0x7f3b887a1000 [pid 5504] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5504] write(3, "1000", 4) = 4 [pid 5504] close(3) = 0 [pid 5504] symlink("/dev/binderfs", "./binderfs" [pid 5502] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5504] <... symlink resumed>) = 0 [pid 5504] memfd_create("syzkaller", 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./71/file0" [pid 5504] <... memfd_create resumed>) = 3 [pid 5052] <... rmdir resumed>) = 0 [ 98.980231][ T5501] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5052] getdents64(3, [pid 5504] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5504] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] close(3) = 0 [pid 5052] rmdir("./71" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5051] umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] mkdir("./72", 0777 [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", [pid 5052] <... mkdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5051] rmdir("./70/file0") = 0 [pid 5051] getdents64(3, [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 5052] close(3) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./70") = 0 [pid 5051] mkdir("./71", 0777 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... mkdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 ./strace-static-x86_64: Process 5505 attached [pid 5501] <... mount resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5501] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 5501] <... openat resumed>) = 3 [pid 5051] <... close resumed>) = 0 [pid 5501] chdir("./file0" [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5505 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5505] set_robust_list(0x555556629660, 24) = 0 [pid 5501] <... chdir resumed>) = 0 [pid 5505] chdir("./72" [pid 5502] <... write resumed>) = 2097152 [pid 5501] ioctl(4, LOOP_CLR_FD [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5506 ./strace-static-x86_64: Process 5506 attached [pid 5506] set_robust_list(0x555556629660, 24) = 0 [pid 5506] chdir("./71") = 0 [pid 5506] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5506] setpgid(0, 0) = 0 [pid 5502] munmap(0x7f3b887a1000, 138412032 [pid 5506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5505] <... chdir resumed>) = 0 [pid 5501] <... ioctl resumed>) = 0 [pid 5506] <... openat resumed>) = 3 [pid 5505] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5503] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5502] <... munmap resumed>) = 0 [pid 5501] close(4 [pid 5505] <... prctl resumed>) = 0 [pid 5501] <... close resumed>) = 0 [pid 5506] write(3, "1000", 4) = 4 [pid 5506] close(3) = 0 [pid 5506] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5506] memfd_create("syzkaller", 0 [pid 5505] setpgid(0, 0 [pid 5501] exit_group(0 [pid 5505] <... setpgid resumed>) = 0 [pid 5501] <... exit_group resumed>) = ? [pid 5505] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5502] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5502] ioctl(4, LOOP_SET_FD, 3 [pid 5505] <... openat resumed>) = 3 [pid 5506] <... memfd_create resumed>) = 3 [pid 5506] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5504] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5505] write(3, "1000", 4 [pid 5501] +++ exited with 0 +++ [pid 5505] <... write resumed>) = 4 [pid 5505] close(3 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5501, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5048] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5505] <... close resumed>) = 0 [pid 5048] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5505] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5505] <... symlink resumed>) = 0 [pid 5048] getdents64(3, [pid 5502] <... ioctl resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5502] close(3 [pid 5048] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5502] <... close resumed>) = 0 [pid 5502] mkdir("./file0", 0777 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5502] <... mkdir resumed>) = 0 [pid 5048] unlink("./72/binderfs" [pid 5502] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5505] memfd_create("syzkaller", 0 [pid 5048] <... unlink resumed>) = 0 [pid 5505] <... memfd_create resumed>) = 3 [pid 5503] <... write resumed>) = 2097152 [pid 5048] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5505] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5504] <... write resumed>) = 2097152 [pid 5504] munmap(0x7f3b887a1000, 138412032) = 0 [ 99.128379][ T5502] loop0: detected capacity change from 0 to 4096 [ 99.161187][ T5502] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5503] munmap(0x7f3b887a1000, 138412032 [pid 5504] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5048] <... umount2 resumed>) = 0 [pid 5504] ioctl(4, LOOP_SET_FD, 3 [pid 5503] <... munmap resumed>) = 0 [pid 5502] <... mount resumed>) = 0 [pid 5048] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5502] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] newfstatat(AT_FDCWD, "./72/file0", [pid 5505] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5503] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5502] <... openat resumed>) = 3 [pid 5503] <... openat resumed>) = 4 [pid 5502] chdir("./file0" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5506] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5502] <... chdir resumed>) = 0 [pid 5503] ioctl(4, LOOP_SET_FD, 3 [pid 5502] ioctl(4, LOOP_CLR_FD [pid 5048] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5502] <... ioctl resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5502] close(4) = 0 [pid 5502] exit_group(0 [pid 5048] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5502] <... exit_group resumed>) = ? [pid 5502] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5502, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5047] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(4, "", [pid 5047] newfstatat(3, "", [pid 5504] <... ioctl resumed>) = 0 [pid 5503] <... ioctl resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5504] close(3 [pid 5503] close(3 [pid 5048] getdents64(4, [pid 5047] getdents64(3, [pid 5504] <... close resumed>) = 0 [pid 5503] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5504] mkdir("./file0", 0777 [pid 5503] mkdir("./file0", 0777 [pid 5048] getdents64(4, [pid 5505] <... write resumed>) = 2097152 [pid 5504] <... mkdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5505] munmap(0x7f3b887a1000, 138412032 [pid 5504] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5503] <... mkdir resumed>) = 0 [pid 5048] close(4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./72/file0" [ 99.236242][ T5504] loop2: detected capacity change from 0 to 4096 [ 99.244545][ T5503] loop3: detected capacity change from 0 to 4096 [pid 5503] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5505] <... munmap resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./73/binderfs") = 0 [pid 5047] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5505] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5048] getdents64(3, [pid 5047] <... umount2 resumed>) = 0 [pid 5505] <... openat resumed>) = 4 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5505] ioctl(4, LOOP_SET_FD, 3 [pid 5048] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5048] rmdir("./72" [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5506] <... write resumed>) = 2097152 [pid 5505] <... ioctl resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5506] munmap(0x7f3b887a1000, 138412032 [pid 5505] close(3 [pid 5048] mkdir("./73", 0777 [pid 5047] getdents64(4, [pid 5505] <... close resumed>) = 0 [pid 5506] <... munmap resumed>) = 0 [pid 5505] mkdir("./file0", 0777 [pid 5504] <... mount resumed>) = 0 [pid 5503] <... mount resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] close(4) = 0 [pid 5047] rmdir("./73/file0" [pid 5048] <... openat resumed>) = 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5505] <... mkdir resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./73") = 0 [pid 5047] mkdir("./74", 0777 [pid 5506] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5505] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5504] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 99.285020][ T5504] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 99.294585][ T5503] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 99.308077][ T5505] loop5: detected capacity change from 0 to 4096 [pid 5503] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5506] <... openat resumed>) = 4 [pid 5504] <... openat resumed>) = 3 [pid 5503] <... openat resumed>) = 3 [pid 5506] ioctl(4, LOOP_SET_FD, 3 [pid 5504] chdir("./file0" [pid 5503] chdir("./file0" [pid 5047] <... mkdir resumed>) = 0 [pid 5503] <... chdir resumed>) = 0 [pid 5048] close(3 [pid 5504] <... chdir resumed>) = 0 [pid 5503] ioctl(4, LOOP_CLR_FD [pid 5048] <... close resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5503] <... ioctl resumed>) = 0 [pid 5503] close(4) = 0 [pid 5503] exit_group(0) = ? ./strace-static-x86_64: Process 5507 attached [pid 5503] +++ exited with 0 +++ [pid 5047] <... openat resumed>) = 3 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5503, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5507 [pid 5507] set_robust_list(0x555556629660, 24 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5507] <... set_robust_list resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5507] chdir("./73" [pid 5504] ioctl(4, LOOP_CLR_FD [pid 5047] close(3 [pid 5507] <... chdir resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5504] <... ioctl resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5508 attached [pid 5507] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5506] <... ioctl resumed>) = 0 [pid 5505] <... mount resumed>) = 0 [pid 5504] close(4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5508] set_robust_list(0x555556629660, 24 [pid 5507] <... prctl resumed>) = 0 [pid 5506] close(3 [pid 5505] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5504] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5508 [pid 5508] <... set_robust_list resumed>) = 0 [pid 5507] setpgid(0, 0 [pid 5506] <... close resumed>) = 0 [pid 5505] <... openat resumed>) = 3 [pid 5504] exit_group(0 [pid 5050] <... openat resumed>) = 3 [pid 5508] chdir("./74" [pid 5507] <... setpgid resumed>) = 0 [pid 5506] mkdir("./file0", 0777 [pid 5505] chdir("./file0" [pid 5504] <... exit_group resumed>) = ? [pid 5508] <... chdir resumed>) = 0 [pid 5507] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5506] <... mkdir resumed>) = 0 [pid 5505] <... chdir resumed>) = 0 [pid 5505] ioctl(4, LOOP_CLR_FD) = 0 [pid 5504] +++ exited with 0 +++ [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5504, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5508] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5506] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5508] <... prctl resumed>) = 0 [pid 5507] <... openat resumed>) = 3 [pid 5505] close(4 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5508] setpgid(0, 0 [pid 5505] <... close resumed>) = 0 [ 99.362451][ T5505] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 99.365238][ T5506] loop4: detected capacity change from 0 to 4096 [pid 5050] getdents64(3, [pid 5508] <... setpgid resumed>) = 0 [pid 5507] write(3, "1000", 4 [pid 5505] exit_group(0 [pid 5508] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5507] <... write resumed>) = 4 [pid 5505] <... exit_group resumed>) = ? [pid 5507] close(3 [pid 5508] <... openat resumed>) = 3 [pid 5507] <... close resumed>) = 0 [pid 5508] write(3, "1000", 4 [pid 5507] symlink("/dev/binderfs", "./binderfs" [pid 5508] <... write resumed>) = 4 [pid 5507] <... symlink resumed>) = 0 [pid 5508] close(3) = 0 [pid 5507] memfd_create("syzkaller", 0 [pid 5505] +++ exited with 0 +++ [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5508] symlink("/dev/binderfs", "./binderfs" [pid 5050] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] newfstatat(AT_FDCWD, "./73/binderfs", [pid 5049] <... openat resumed>) = 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] newfstatat(3, "", [pid 5050] unlink("./73/binderfs" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5508] <... symlink resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5505, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=1 /* 0.01 s */} --- [pid 5050] <... unlink resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5508] memfd_create("syzkaller", 0 [pid 5050] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5508] <... memfd_create resumed>) = 3 [pid 5508] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./74/binderfs" [pid 5507] <... memfd_create resumed>) = 3 [pid 5052] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] <... unlink resumed>) = 0 [pid 5507] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5507] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./72/binderfs") = 0 [ 99.419717][ T5506] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5052] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5506] <... mount resumed>) = 0 [pid 5506] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5049] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5506] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5506] chdir("./file0" [pid 5050] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5506] <... chdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5506] ioctl(4, LOOP_CLR_FD [pid 5050] newfstatat(AT_FDCWD, "./73/file0", [pid 5049] <... openat resumed>) = 4 [pid 5506] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] newfstatat(4, "", [pid 5506] close(4 [pid 5052] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5506] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(4, [pid 5508] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5506] exit_group(0 [pid 5052] newfstatat(AT_FDCWD, "./72/file0", [pid 5050] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5506] <... exit_group resumed>) = ? [pid 5050] <... openat resumed>) = 4 [pid 5049] getdents64(4, [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(4, "", [pid 5049] close(4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... close resumed>) = 0 [pid 5507] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5506] +++ exited with 0 +++ [pid 5052] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] getdents64(4, [pid 5049] rmdir("./74/file0" [pid 5052] <... openat resumed>) = 4 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5506, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=5 /* 0.05 s */} --- [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... rmdir resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5050] getdents64(4, [pid 5049] getdents64(3, [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] getdents64(4, [pid 5050] close(4 [pid 5049] close(3 [pid 5050] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... close resumed>) = 0 [pid 5052] getdents64(4, [pid 5050] rmdir("./73/file0" [pid 5049] rmdir("./74" [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5052] close(4 [pid 5050] getdents64(3, [pid 5049] mkdir("./75", 0777 [pid 5052] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5051] umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] close(3 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... close resumed>) = 0 [pid 5052] rmdir("./72/file0" [pid 5051] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] rmdir("./73" [pid 5049] <... openat resumed>) = 3 [pid 5051] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5051] newfstatat(3, "", [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] close(3 [pid 5052] <... rmdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5050] mkdir("./74", 0777 [pid 5049] <... close resumed>) = 0 [pid 5052] getdents64(3, [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5509 attached [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... mkdir resumed>) = 0 [pid 5509] set_robust_list(0x555556629660, 24 [pid 5052] close(3 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5509] <... set_robust_list resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 3 [pid 5052] rmdir("./72" [pid 5051] newfstatat(AT_FDCWD, "./71/binderfs", [pid 5509] chdir("./75" [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5509] <... chdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5051] unlink("./71/binderfs" [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5052] mkdir("./73", 0777 [pid 5509] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] <... unlink resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5509 [pid 5052] <... mkdir resumed>) = 0 [pid 5050] close(3 [pid 5509] <... prctl resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] <... close resumed>) = 0 [pid 5509] setpgid(0, 0) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5051] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5510 attached ) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5510] set_robust_list(0x555556629660, 24 [pid 5509] write(3, "1000", 4 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5510 [pid 5510] <... set_robust_list resumed>) = 0 [pid 5509] <... write resumed>) = 4 [pid 5052] close(3 [pid 5510] chdir("./74" [pid 5509] close(3 [pid 5508] <... write resumed>) = 2097152 [pid 5052] <... close resumed>) = 0 [pid 5509] <... close resumed>) = 0 [pid 5510] <... chdir resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5510] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5509] symlink("/dev/binderfs", "./binderfs" [pid 5508] munmap(0x7f3b887a1000, 138412032 [pid 5510] setpgid(0, 0 [pid 5509] <... symlink resumed>) = 0 [pid 5510] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5511 attached [pid 5511] set_robust_list(0x555556629660, 24) = 0 [pid 5510] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5509] memfd_create("syzkaller", 0 [pid 5508] <... munmap resumed>) = 0 [pid 5507] <... write resumed>) = 2097152 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5511 [pid 5511] chdir("./73" [pid 5509] <... memfd_create resumed>) = 3 [pid 5510] <... openat resumed>) = 3 [pid 5510] write(3, "1000", 4 [pid 5509] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5508] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5510] <... write resumed>) = 4 [pid 5509] <... mmap resumed>) = 0x7f3b887a1000 [pid 5508] <... openat resumed>) = 4 [pid 5511] <... chdir resumed>) = 0 [pid 5510] close(3 [pid 5508] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5510] <... close resumed>) = 0 [pid 5511] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5510] symlink("/dev/binderfs", "./binderfs" [pid 5511] <... prctl resumed>) = 0 [pid 5511] setpgid(0, 0) = 0 [pid 5511] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5511] write(3, "1000", 4) = 4 [pid 5511] close(3) = 0 [pid 5511] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5507] munmap(0x7f3b887a1000, 138412032 [pid 5510] <... symlink resumed>) = 0 [pid 5511] memfd_create("syzkaller", 0) = 3 [pid 5051] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5511] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5511] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] newfstatat(AT_FDCWD, "./71/file0", [pid 5507] <... munmap resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5507] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5507] ioctl(4, LOOP_SET_FD, 3 [pid 5510] memfd_create("syzkaller", 0 [pid 5508] <... ioctl resumed>) = 0 [pid 5051] umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", [pid 5507] <... ioctl resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5510] <... memfd_create resumed>) = 3 [pid 5508] close(3 [pid 5051] getdents64(4, [pid 5510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5507] close(3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5510] <... mmap resumed>) = 0x7f3b887a1000 [pid 5507] <... close resumed>) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./71/file0") = 0 [pid 5051] getdents64(3, [pid 5508] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5508] mkdir("./file0", 0777 [pid 5507] mkdir("./file0", 0777 [pid 5051] close(3 [pid 5508] <... mkdir resumed>) = 0 [pid 5507] <... mkdir resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5507] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] rmdir("./71") = 0 [ 99.637674][ T5508] loop0: detected capacity change from 0 to 4096 [ 99.663860][ T5507] loop1: detected capacity change from 0 to 4096 [pid 5508] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5051] mkdir("./72", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5512 ./strace-static-x86_64: Process 5512 attached [pid 5512] set_robust_list(0x555556629660, 24) = 0 [pid 5512] chdir("./72") = 0 [pid 5512] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5512] setpgid(0, 0) = 0 [pid 5512] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5512] write(3, "1000", 4 [pid 5507] <... mount resumed>) = 0 [pid 5512] <... write resumed>) = 4 [ 99.687976][ T5507] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 99.701635][ T5508] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5512] close(3 [pid 5511] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5507] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5512] <... close resumed>) = 0 [pid 5507] <... openat resumed>) = 3 [pid 5512] symlink("/dev/binderfs", "./binderfs" [pid 5507] chdir("./file0" [pid 5512] <... symlink resumed>) = 0 [pid 5507] <... chdir resumed>) = 0 [pid 5512] memfd_create("syzkaller", 0 [pid 5509] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5507] ioctl(4, LOOP_CLR_FD) = 0 [pid 5507] close(4 [pid 5512] <... memfd_create resumed>) = 3 [pid 5507] <... close resumed>) = 0 [pid 5507] exit_group(0) = ? [pid 5512] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5507] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5507, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=2 /* 0.02 s */} --- [pid 5512] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5510] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./73/binderfs") = 0 [pid 5048] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5509] <... write resumed>) = 2097152 [pid 5510] <... write resumed>) = 2097152 [pid 5509] munmap(0x7f3b887a1000, 138412032 [pid 5508] <... mount resumed>) = 0 [pid 5508] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5508] chdir("./file0" [pid 5511] <... write resumed>) = 2097152 [pid 5510] munmap(0x7f3b887a1000, 138412032 [pid 5509] <... munmap resumed>) = 0 [pid 5508] <... chdir resumed>) = 0 [pid 5508] ioctl(4, LOOP_CLR_FD [pid 5512] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5511] munmap(0x7f3b887a1000, 138412032 [pid 5510] <... munmap resumed>) = 0 [pid 5509] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5508] <... ioctl resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5509] <... openat resumed>) = 4 [pid 5508] close(4 [pid 5509] ioctl(4, LOOP_SET_FD, 3 [pid 5508] <... close resumed>) = 0 [pid 5048] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5511] <... munmap resumed>) = 0 [pid 5508] exit_group(0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5512] <... write resumed>) = 2097152 [pid 5511] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5510] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5508] <... exit_group resumed>) = ? [pid 5048] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5511] <... openat resumed>) = 4 [pid 5512] munmap(0x7f3b887a1000, 138412032 [pid 5511] ioctl(4, LOOP_SET_FD, 3 [pid 5510] <... openat resumed>) = 4 [pid 5509] <... ioctl resumed>) = 0 [pid 5508] +++ exited with 0 +++ [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5512] <... munmap resumed>) = 0 [pid 5510] ioctl(4, LOOP_SET_FD, 3 [pid 5509] close(3 [pid 5048] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5508, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 5048] <... openat resumed>) = 4 [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5509] <... close resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5047] <... restart_syscall resumed>) = 0 [pid 5509] mkdir("./file0", 0777 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5509] <... mkdir resumed>) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", [pid 5048] getdents64(4, [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] getdents64(3, [pid 5509] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5048] close(4 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5512] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... close resumed>) = 0 [ 99.858687][ T5509] loop2: detected capacity change from 0 to 4096 [ 99.894765][ T5511] loop5: detected capacity change from 0 to 4096 [ 99.902076][ T5510] loop3: detected capacity change from 0 to 4096 [pid 5047] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5512] <... openat resumed>) = 4 [pid 5048] rmdir("./73/file0" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5512] ioctl(4, LOOP_SET_FD, 3 [pid 5511] <... ioctl resumed>) = 0 [pid 5510] <... ioctl resumed>) = 0 [pid 5511] close(3 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5048] getdents64(3, [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] unlink("./74/binderfs" [pid 5048] close(3 [pid 5047] <... unlink resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5047] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] rmdir("./73") = 0 [pid 5048] mkdir("./74", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5512] <... ioctl resumed>) = 0 [pid 5511] <... close resumed>) = 0 [pid 5510] close(3 [pid 5048] <... openat resumed>) = 3 [pid 5511] mkdir("./file0", 0777 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5513 attached [pid 5511] <... mkdir resumed>) = 0 [pid 5510] <... close resumed>) = 0 [pid 5511] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5510] mkdir("./file0", 0777 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5513 [pid 5513] set_robust_list(0x555556629660, 24 [pid 5510] <... mkdir resumed>) = 0 [pid 5513] <... set_robust_list resumed>) = 0 [pid 5510] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5513] chdir("./74") = 0 [pid 5513] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5512] close(3 [pid 5047] <... umount2 resumed>) = 0 [ 99.913143][ T5509] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 99.918565][ T5512] loop4: detected capacity change from 0 to 4096 [ 99.951308][ T5511] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5513] <... prctl resumed>) = 0 [pid 5512] <... close resumed>) = 0 [pid 5047] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5513] setpgid(0, 0 [pid 5512] mkdir("./file0", 0777 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5513] <... setpgid resumed>) = 0 [pid 5513] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5512] <... mkdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5513] <... openat resumed>) = 3 [pid 5047] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5513] write(3, "1000", 4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5513] <... write resumed>) = 4 [pid 5512] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5047] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5513] close(3 [pid 5047] <... openat resumed>) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, [pid 5513] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5513] symlink("/dev/binderfs", "./binderfs" [pid 5047] close(4 [pid 5513] <... symlink resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./74/file0") = 0 [pid 5513] memfd_create("syzkaller", 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./74") = 0 [pid 5047] mkdir("./75", 0777) = 0 [pid 5513] <... memfd_create resumed>) = 3 [pid 5513] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 99.961548][ T5510] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 99.967276][ T5512] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5514 ./strace-static-x86_64: Process 5514 attached [pid 5514] set_robust_list(0x555556629660, 24) = 0 [pid 5514] chdir("./75") = 0 [pid 5514] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5514] setpgid(0, 0) = 0 [pid 5514] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5511] <... mount resumed>) = 0 [pid 5514] write(3, "1000", 4) = 4 [pid 5514] close(3 [pid 5511] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5514] <... close resumed>) = 0 [pid 5511] <... openat resumed>) = 3 [pid 5514] symlink("/dev/binderfs", "./binderfs" [pid 5511] chdir("./file0" [pid 5509] <... mount resumed>) = 0 [pid 5511] <... chdir resumed>) = 0 [pid 5514] <... symlink resumed>) = 0 [pid 5514] memfd_create("syzkaller", 0) = 3 [pid 5511] ioctl(4, LOOP_CLR_FD [pid 5509] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5514] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5509] <... openat resumed>) = 3 [pid 5509] chdir("./file0" [pid 5511] <... ioctl resumed>) = 0 [pid 5510] <... mount resumed>) = 0 [pid 5509] <... chdir resumed>) = 0 [pid 5511] close(4 [pid 5510] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5509] ioctl(4, LOOP_CLR_FD [pid 5511] <... close resumed>) = 0 [pid 5510] <... openat resumed>) = 3 [pid 5509] <... ioctl resumed>) = 0 [pid 5510] chdir("./file0" [pid 5509] close(4 [pid 5510] <... chdir resumed>) = 0 [pid 5514] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5513] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5511] exit_group(0 [pid 5509] <... close resumed>) = 0 [pid 5510] ioctl(4, LOOP_CLR_FD [pid 5509] exit_group(0 [pid 5511] <... exit_group resumed>) = ? [pid 5510] <... ioctl resumed>) = 0 [pid 5509] <... exit_group resumed>) = ? [pid 5510] close(4) = 0 [pid 5510] exit_group(0) = ? [pid 5511] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5511, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5512] <... mount resumed>) = 0 [pid 5512] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5512] chdir("./file0") = 0 [pid 5512] ioctl(4, LOOP_CLR_FD) = 0 [pid 5512] close(4) = 0 [pid 5512] exit_group(0) = ? [pid 5052] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5512] +++ exited with 0 +++ [pid 5509] +++ exited with 0 +++ [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5512, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5509, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5510] +++ exited with 0 +++ [pid 5052] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5510, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5052] newfstatat(3, "", [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5049] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] getdents64(3, [pid 5051] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] newfstatat(3, "", [pid 5049] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] newfstatat(3, "", [pid 5051] getdents64(3, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, [pid 5051] umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5050] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] newfstatat(3, "", [pid 5049] newfstatat(AT_FDCWD, "./75/binderfs", [pid 5052] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] unlink("./72/binderfs" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] getdents64(3, [pid 5052] newfstatat(AT_FDCWD, "./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./73/binderfs" [pid 5050] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] unlink("./75/binderfs" [pid 5052] <... unlink resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5049] <... umount2 resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] unlink("./74/binderfs" [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./75/file0" [pid 5052] <... umount2 resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5050] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./75") = 0 [pid 5049] mkdir("./76", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = 0 [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5515 attached , child_tidptr=0x555556629650) = 5515 [pid 5050] <... umount2 resumed>) = 0 [pid 5515] set_robust_list(0x555556629660, 24 [pid 5514] <... write resumed>) = 2097152 [pid 5515] <... set_robust_list resumed>) = 0 [pid 5515] chdir("./76" [pid 5514] munmap(0x7f3b887a1000, 138412032 [pid 5513] <... write resumed>) = 2097152 [pid 5052] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = 0 [pid 5050] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5515] <... chdir resumed>) = 0 [pid 5515] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5515] setpgid(0, 0) = 0 [pid 5515] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5515] write(3, "1000", 4) = 4 [pid 5515] close(3) = 0 [pid 5514] <... munmap resumed>) = 0 [pid 5051] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5513] munmap(0x7f3b887a1000, 138412032 [pid 5515] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5515] <... symlink resumed>) = 0 [pid 5515] memfd_create("syzkaller", 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./74/file0", [pid 5513] <... munmap resumed>) = 0 [pid 5515] <... memfd_create resumed>) = 3 [pid 5514] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5513] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] newfstatat(AT_FDCWD, "./73/file0", [pid 5051] newfstatat(AT_FDCWD, "./72/file0", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5515] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5514] <... openat resumed>) = 4 [pid 5513] <... openat resumed>) = 4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5514] ioctl(4, LOOP_SET_FD, 3 [pid 5513] ioctl(4, LOOP_SET_FD, 3 [pid 5052] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 4 [pid 5050] <... openat resumed>) = 4 [pid 5051] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] newfstatat(4, "", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] close(4 [pid 5050] getdents64(4, [pid 5052] <... close resumed>) = 0 [pid 5051] getdents64(4, [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] rmdir("./73/file0" [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5051] close(4 [pid 5052] <... rmdir resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5052] getdents64(3, [pid 5051] rmdir("./72/file0" [pid 5050] rmdir("./74/file0") = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3 [pid 5051] getdents64(3, [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5513] <... ioctl resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5052] rmdir("./73" [pid 5051] close(3 [pid 5050] <... close resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5050] rmdir("./74" [pid 5052] mkdir("./74", 0777 [pid 5051] <... close resumed>) = 0 [pid 5513] close(3 [pid 5052] <... mkdir resumed>) = 0 [pid 5051] rmdir("./72" [pid 5050] <... rmdir resumed>) = 0 [pid 5514] <... ioctl resumed>) = 0 [pid 5513] <... close resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5514] close(3 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] mkdir("./75", 0777 [pid 5514] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5051] mkdir("./73", 0777 [pid 5050] <... mkdir resumed>) = 0 [pid 5514] mkdir("./file0", 0777 [pid 5051] <... mkdir resumed>) = 0 [ 100.241838][ T5513] loop1: detected capacity change from 0 to 4096 [ 100.256565][ T5514] loop0: detected capacity change from 0 to 4096 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... openat resumed>) = 3 [pid 5514] <... mkdir resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] <... openat resumed>) = 3 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] close(3 [pid 5514] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5513] mkdir("./file0", 0777 [pid 5052] <... close resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] <... close resumed>) = 0 [pid 5513] <... mkdir resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] close(3 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5513] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] <... close resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5516 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5517 ./strace-static-x86_64: Process 5518 attached [pid 5518] set_robust_list(0x555556629660, 24 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5518 ./strace-static-x86_64: Process 5517 attached ./strace-static-x86_64: Process 5516 attached [pid 5518] <... set_robust_list resumed>) = 0 [pid 5515] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5517] set_robust_list(0x555556629660, 24 [pid 5516] set_robust_list(0x555556629660, 24 [pid 5518] chdir("./73") = 0 [pid 5517] <... set_robust_list resumed>) = 0 [pid 5516] <... set_robust_list resumed>) = 0 [pid 5518] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5517] chdir("./75" [pid 5518] <... prctl resumed>) = 0 [pid 5516] chdir("./74" [pid 5517] <... chdir resumed>) = 0 [pid 5518] setpgid(0, 0 [pid 5517] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5518] <... setpgid resumed>) = 0 [pid 5518] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5517] <... prctl resumed>) = 0 [pid 5518] <... openat resumed>) = 3 [pid 5517] setpgid(0, 0 [pid 5518] write(3, "1000", 4) = 4 [pid 5517] <... setpgid resumed>) = 0 [pid 5516] <... chdir resumed>) = 0 [pid 5518] close(3 [pid 5517] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5516] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5518] <... close resumed>) = 0 [pid 5518] symlink("/dev/binderfs", "./binderfs" [pid 5516] <... prctl resumed>) = 0 [pid 5518] <... symlink resumed>) = 0 [pid 5517] <... openat resumed>) = 3 [pid 5517] write(3, "1000", 4 [pid 5516] setpgid(0, 0) = 0 [pid 5518] memfd_create("syzkaller", 0 [pid 5517] <... write resumed>) = 4 [pid 5516] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5517] close(3 [pid 5516] <... openat resumed>) = 3 [pid 5517] <... close resumed>) = 0 [pid 5517] symlink("/dev/binderfs", "./binderfs" [pid 5516] write(3, "1000", 4 [pid 5518] <... memfd_create resumed>) = 3 [pid 5517] <... symlink resumed>) = 0 [pid 5516] <... write resumed>) = 4 [pid 5518] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5516] close(3 [pid 5518] <... mmap resumed>) = 0x7f3b887a1000 [pid 5516] <... close resumed>) = 0 [ 100.310614][ T5514] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 100.321771][ T5513] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5516] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5516] memfd_create("syzkaller", 0 [pid 5517] memfd_create("syzkaller", 0) = 3 [pid 5516] <... memfd_create resumed>) = 3 [pid 5515] <... write resumed>) = 2097152 [pid 5517] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5516] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5515] munmap(0x7f3b887a1000, 138412032 [pid 5516] <... mmap resumed>) = 0x7f3b887a1000 [pid 5517] <... mmap resumed>) = 0x7f3b887a1000 [pid 5515] <... munmap resumed>) = 0 [pid 5515] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5513] <... mount resumed>) = 0 [pid 5515] <... openat resumed>) = 4 [pid 5515] ioctl(4, LOOP_SET_FD, 3 [pid 5513] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5513] chdir("./file0") = 0 [pid 5513] ioctl(4, LOOP_CLR_FD) = 0 [pid 5513] close(4) = 0 [pid 5513] exit_group(0) = ? [pid 5513] +++ exited with 0 +++ [pid 5514] <... mount resumed>) = 0 [pid 5514] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5514] chdir("./file0") = 0 [pid 5514] ioctl(4, LOOP_CLR_FD) = 0 [pid 5514] close(4) = 0 [pid 5514] exit_group(0) = ? [pid 5514] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5513, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5514, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5047] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./75/binderfs") = 0 [pid 5047] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5515] <... ioctl resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5515] close(3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, [pid 5515] <... close resumed>) = 0 [pid 5518] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5515] mkdir("./file0", 0777 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5515] <... mkdir resumed>) = 0 [pid 5048] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 100.429940][ T5515] loop2: detected capacity change from 0 to 4096 [pid 5515] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./74/binderfs" [pid 5047] <... umount2 resumed>) = 0 [pid 5516] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... unlink resumed>) = 0 [pid 5517] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5048] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5518] <... write resumed>) = 2097152 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... openat resumed>) = 4 [pid 5047] newfstatat(AT_FDCWD, "./75/file0", [pid 5048] newfstatat(4, "", [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(4, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [ 100.482985][ T5515] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5047] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] getdents64(4, [pid 5047] <... openat resumed>) = 4 [pid 5518] munmap(0x7f3b887a1000, 138412032 [pid 5517] <... write resumed>) = 2097152 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5047] newfstatat(4, "", [pid 5048] rmdir("./74/file0" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] getdents64(4, [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] close(3) = 0 [pid 5047] getdents64(4, [pid 5048] rmdir("./74" [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5517] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... rmdir resumed>) = 0 [pid 5518] <... munmap resumed>) = 0 [pid 5047] close(4 [pid 5518] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] mkdir("./75", 0777 [pid 5518] <... openat resumed>) = 4 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./75/file0" [pid 5518] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5515] <... mount resumed>) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./75" [pid 5515] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... rmdir resumed>) = 0 [pid 5515] <... openat resumed>) = 3 [pid 5515] chdir("./file0") = 0 [pid 5516] <... write resumed>) = 2097152 [pid 5515] ioctl(4, LOOP_CLR_FD [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] mkdir("./76", 0777 [pid 5518] <... ioctl resumed>) = 0 [pid 5517] <... munmap resumed>) = 0 [pid 5516] munmap(0x7f3b887a1000, 138412032 [pid 5518] close(3 [pid 5517] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5515] <... ioctl resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5518] <... close resumed>) = 0 [pid 5515] close(4 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5047] <... mkdir resumed>) = 0 [pid 5518] mkdir("./file0", 0777 [pid 5517] <... openat resumed>) = 4 [pid 5516] <... munmap resumed>) = 0 [pid 5515] <... close resumed>) = 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5515] exit_group(0 [pid 5048] close(3 [pid 5518] <... mkdir resumed>) = 0 [pid 5517] ioctl(4, LOOP_SET_FD, 3 [pid 5518] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5516] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5515] <... exit_group resumed>) = ? [ 100.568714][ T5518] loop4: detected capacity change from 0 to 4096 [pid 5048] <... close resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5516] <... openat resumed>) = 4 [pid 5515] +++ exited with 0 +++ [pid 5047] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5519 ./strace-static-x86_64: Process 5519 attached [pid 5519] set_robust_list(0x555556629660, 24) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5515, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5519] chdir("./76") = 0 [pid 5519] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5519] setpgid(0, 0) = 0 [pid 5519] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5519] write(3, "1000", 4) = 4 [pid 5519] close(3) = 0 [pid 5519] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5519] memfd_create("syzkaller", 0 [pid 5516] ioctl(4, LOOP_SET_FD, 3 [pid 5519] <... memfd_create resumed>) = 3 [pid 5519] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5520 ./strace-static-x86_64: Process 5520 attached [pid 5520] set_robust_list(0x555556629660, 24) = 0 [pid 5516] <... ioctl resumed>) = 0 [pid 5049] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5520] chdir("./75" [pid 5516] close(3 [pid 5049] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5520] <... chdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5516] <... close resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5516] mkdir("./file0", 0777 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5516] <... mkdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./76/binderfs" [ 100.614217][ T5517] loop3: detected capacity change from 0 to 4096 [ 100.620698][ T5518] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 100.634213][ T5516] loop5: detected capacity change from 0 to 4096 [pid 5520] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5517] <... ioctl resumed>) = 0 [pid 5516] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5049] <... unlink resumed>) = 0 [pid 5520] setpgid(0, 0 [pid 5517] close(3 [pid 5049] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5520] <... setpgid resumed>) = 0 [pid 5517] <... close resumed>) = 0 [pid 5517] mkdir("./file0", 0777) = 0 [pid 5517] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5520] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... umount2 resumed>) = 0 [pid 5049] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5520] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5520] write(3, "1000", 4) = 4 [pid 5049] newfstatat(AT_FDCWD, "./76/file0", [pid 5520] close(3 [pid 5518] <... mount resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5520] <... close resumed>) = 0 [pid 5518] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5520] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5518] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5520] memfd_create("syzkaller", 0 [pid 5518] chdir("./file0" [pid 5049] <... openat resumed>) = 4 [pid 5520] <... memfd_create resumed>) = 3 [pid 5518] <... chdir resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5520] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5518] ioctl(4, LOOP_CLR_FD [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 100.664043][ T5516] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 100.677847][ T5517] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5520] <... mmap resumed>) = 0x7f3b887a1000 [pid 5518] <... ioctl resumed>) = 0 [pid 5049] getdents64(4, [pid 5519] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5518] close(4 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5518] <... close resumed>) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./76/file0" [pid 5518] exit_group(0 [pid 5049] <... rmdir resumed>) = 0 [pid 5518] <... exit_group resumed>) = ? [pid 5049] getdents64(3, [pid 5518] +++ exited with 0 +++ [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5518, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5049] close(3 [pid 5051] umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./76" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... rmdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] mkdir("./77", 0777) = 0 [pid 5051] newfstatat(3, "", [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5517] <... mount resumed>) = 0 [pid 5051] getdents64(3, [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] close(3 [pid 5517] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... close resumed>) = 0 [pid 5516] <... mount resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5517] <... openat resumed>) = 3 [pid 5516] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] newfstatat(AT_FDCWD, "./73/binderfs", [pid 5517] chdir("./file0" [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5517] <... chdir resumed>) = 0 [pid 5517] ioctl(4, LOOP_CLR_FD [pid 5051] unlink("./73/binderfs"./strace-static-x86_64: Process 5521 attached [pid 5516] <... openat resumed>) = 3 [pid 5051] <... unlink resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5521 [pid 5521] set_robust_list(0x555556629660, 24 [pid 5517] <... ioctl resumed>) = 0 [pid 5516] chdir("./file0" [pid 5521] <... set_robust_list resumed>) = 0 [pid 5517] close(4 [pid 5516] <... chdir resumed>) = 0 [pid 5051] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5521] chdir("./77" [pid 5517] <... close resumed>) = 0 [pid 5516] ioctl(4, LOOP_CLR_FD) = 0 [pid 5516] close(4) = 0 [pid 5516] exit_group(0 [pid 5521] <... chdir resumed>) = 0 [pid 5521] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5516] <... exit_group resumed>) = ? [pid 5521] <... prctl resumed>) = 0 [pid 5516] +++ exited with 0 +++ [pid 5521] setpgid(0, 0) = 0 [pid 5521] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5521] write(3, "1000", 4) = 4 [pid 5521] close(3) = 0 [pid 5521] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5521] memfd_create("syzkaller", 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5516, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5521] <... memfd_create resumed>) = 3 [pid 5521] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5517] exit_group(0) = ? [pid 5052] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5520] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5519] <... write resumed>) = 2097152 [pid 5052] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5517] +++ exited with 0 +++ [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5051] <... umount2 resumed>) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5517, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5519] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5519] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] unlink("./74/binderfs" [pid 5051] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] <... unlink resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./73/file0", [pid 5519] <... openat resumed>) = 4 [pid 5052] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5519] ioctl(4, LOOP_SET_FD, 3 [pid 5050] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5519] <... ioctl resumed>) = 0 [pid 5051] umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5519] close(3 [pid 5521] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5520] <... write resumed>) = 2097152 [pid 5519] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5520] munmap(0x7f3b887a1000, 138412032 [pid 5519] mkdir("./file0", 0777 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] newfstatat(3, "", [pid 5519] <... mkdir resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] newfstatat(4, "", [pid 5050] getdents64(3, [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5519] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5520] <... munmap resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(4, [pid 5050] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] newfstatat(AT_FDCWD, "./74/file0", [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5520] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5051] close(4 [pid 5050] newfstatat(AT_FDCWD, "./75/binderfs", [pid 5052] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] rmdir("./73/file0" [pid 5052] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 100.853126][ T5519] loop0: detected capacity change from 0 to 4096 [ 100.889845][ T5519] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5050] unlink("./75/binderfs" [pid 5520] <... openat resumed>) = 4 [pid 5519] <... mount resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5520] ioctl(4, LOOP_SET_FD, 3 [pid 5519] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] newfstatat(4, "", [pid 5051] getdents64(3, [pid 5050] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5519] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5519] chdir("./file0" [pid 5052] getdents64(4, [pid 5051] close(3 [pid 5520] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... close resumed>) = 0 [pid 5519] <... chdir resumed>) = 0 [pid 5052] getdents64(4, [pid 5051] rmdir("./73" [pid 5520] close(3) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5520] mkdir("./file0", 0777) = 0 [pid 5519] ioctl(4, LOOP_CLR_FD [pid 5052] close(4 [pid 5051] <... rmdir resumed>) = 0 [pid 5520] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5519] <... ioctl resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5051] mkdir("./74", 0777 [pid 5519] close(4 [pid 5052] rmdir("./74/file0" [pid 5521] <... write resumed>) = 2097152 [pid 5051] <... mkdir resumed>) = 0 [pid 5521] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... rmdir resumed>) = 0 [pid 5519] <... close resumed>) = 0 [ 100.920580][ T5520] loop1: detected capacity change from 0 to 4096 [pid 5052] getdents64(3, [pid 5521] <... munmap resumed>) = 0 [pid 5519] exit_group(0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... umount2 resumed>) = 0 [pid 5519] <... exit_group resumed>) = ? [pid 5052] close(3 [pid 5051] <... openat resumed>) = 3 [pid 5519] +++ exited with 0 +++ [pid 5052] <... close resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5052] rmdir("./74" [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5519, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5052] <... rmdir resumed>) = 0 [pid 5051] close(3 [pid 5052] mkdir("./75", 0777 [pid 5051] <... close resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR./strace-static-x86_64: Process 5522 attached [pid 5521] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] <... openat resumed>) = 3 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5522 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] close(3 [pid 5047] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5522] set_robust_list(0x555556629660, 24 [pid 5521] <... openat resumed>) = 4 [pid 5052] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./75/file0", [pid 5047] <... openat resumed>) = 3 [pid 5521] ioctl(4, LOOP_SET_FD, 3 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] newfstatat(3, "", [pid 5050] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5523 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(3, [pid 5050] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... openat resumed>) = 4 [pid 5047] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(4, "", [pid 5047] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] getdents64(4, [pid 5047] unlink("./76/binderfs" [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... unlink resumed>) = 0 [pid 5047] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(4, ./strace-static-x86_64: Process 5523 attached [pid 5522] <... set_robust_list resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5522] chdir("./74" [pid 5050] <... close resumed>) = 0 [ 100.967490][ T5520] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 100.986295][ T5521] loop2: detected capacity change from 0 to 4096 [pid 5523] set_robust_list(0x555556629660, 24 [pid 5522] <... chdir resumed>) = 0 [pid 5050] rmdir("./75/file0" [pid 5523] <... set_robust_list resumed>) = 0 [pid 5522] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5521] <... ioctl resumed>) = 0 [pid 5522] <... prctl resumed>) = 0 [pid 5521] close(3 [pid 5523] chdir("./75" [pid 5521] <... close resumed>) = 0 [pid 5522] setpgid(0, 0) = 0 [pid 5521] mkdir("./file0", 0777 [pid 5522] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5521] <... mkdir resumed>) = 0 [pid 5523] <... chdir resumed>) = 0 [pid 5522] <... openat resumed>) = 3 [pid 5521] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5523] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5522] write(3, "1000", 4 [pid 5050] <... rmdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5523] <... prctl resumed>) = 0 [pid 5522] <... write resumed>) = 4 [pid 5523] setpgid(0, 0 [pid 5522] close(3 [pid 5523] <... setpgid resumed>) = 0 [pid 5522] <... close resumed>) = 0 [pid 5050] getdents64(3, [pid 5523] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5522] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5522] <... symlink resumed>) = 0 [pid 5523] <... openat resumed>) = 3 [pid 5522] memfd_create("syzkaller", 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./75") = 0 [pid 5523] write(3, "1000", 4 [pid 5522] <... memfd_create resumed>) = 3 [pid 5520] <... mount resumed>) = 0 [pid 5050] mkdir("./76", 0777 [pid 5047] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5523] <... write resumed>) = 4 [pid 5522] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5520] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5523] close(3 [pid 5522] <... mmap resumed>) = 0x7f3b887a1000 [pid 5520] <... openat resumed>) = 3 [pid 5050] <... mkdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5523] <... close resumed>) = 0 [pid 5520] chdir("./file0" [pid 5523] symlink("/dev/binderfs", "./binderfs" [pid 5520] <... chdir resumed>) = 0 [pid 5521] <... mount resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] newfstatat(AT_FDCWD, "./76/file0", [pid 5523] <... symlink resumed>) = 0 [pid 5521] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5520] ioctl(4, LOOP_CLR_FD [pid 5050] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5521] <... openat resumed>) = 3 [pid 5520] <... ioctl resumed>) = 0 [pid 5047] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5523] memfd_create("syzkaller", 0 [pid 5521] chdir("./file0" [pid 5520] close(4 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5521] <... chdir resumed>) = 0 [pid 5520] <... close resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5521] ioctl(4, LOOP_CLR_FD [pid 5520] exit_group(0 [pid 5050] close(3 [pid 5047] <... openat resumed>) = 4 [pid 5523] <... memfd_create resumed>) = 3 [pid 5521] <... ioctl resumed>) = 0 [pid 5520] <... exit_group resumed>) = ? [pid 5050] <... close resumed>) = 0 [pid 5047] newfstatat(4, "", [pid 5523] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5521] close(4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5521] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] getdents64(4, [pid 5523] <... mmap resumed>) = 0x7f3b887a1000 [pid 5521] exit_group(0) = ? [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5521] +++ exited with 0 +++ [pid 5520] +++ exited with 0 +++ [pid 5047] getdents64(4, [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5521, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5520, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5047] close(4 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5047] <... close resumed>) = 0 ./strace-static-x86_64: Process 5524 attached [pid 5047] rmdir("./76/file0" [ 101.037602][ T5521] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5524] set_robust_list(0x555556629660, 24 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5524 [pid 5048] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... rmdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5524] <... set_robust_list resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... openat resumed>) = 3 [pid 5047] getdents64(3, [pid 5524] chdir("./76" [pid 5049] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] newfstatat(3, "", [pid 5524] <... chdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5524] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] newfstatat(3, "", [pid 5048] getdents64(3, [pid 5047] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... close resumed>) = 0 [pid 5049] getdents64(3, [pid 5048] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5524] <... prctl resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] rmdir("./76" [pid 5524] setpgid(0, 0 [pid 5049] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(AT_FDCWD, "./75/binderfs", [pid 5524] <... setpgid resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./77/binderfs", [pid 5048] unlink("./75/binderfs" [pid 5524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... unlink resumed>) = 0 [pid 5048] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] mkdir("./77", 0777 [pid 5524] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5522] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5525 attached [pid 5525] set_robust_list(0x555556629660, 24 [pid 5524] write(3, "1000", 4 [pid 5049] unlink("./77/binderfs" [pid 5525] <... set_robust_list resumed>) = 0 [pid 5525] chdir("./77" [pid 5524] <... write resumed>) = 4 [pid 5049] <... unlink resumed>) = 0 [pid 5525] <... chdir resumed>) = 0 [pid 5524] close(3 [pid 5525] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5524] <... close resumed>) = 0 [pid 5049] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5525] setpgid(0, 0 [pid 5524] symlink("/dev/binderfs", "./binderfs" [pid 5525] <... setpgid resumed>) = 0 [pid 5525] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5525 [pid 5525] <... openat resumed>) = 3 [pid 5525] write(3, "1000", 4) = 4 [pid 5525] close(3) = 0 [pid 5524] <... symlink resumed>) = 0 [pid 5525] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5524] memfd_create("syzkaller", 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5524] <... memfd_create resumed>) = 3 [pid 5525] memfd_create("syzkaller", 0 [pid 5048] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5524] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5525] <... memfd_create resumed>) = 3 [pid 5523] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5525] <... mmap resumed>) = 0x7f3b887a1000 [pid 5524] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./75/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./75") = 0 [pid 5048] mkdir("./76", 0777 [pid 5522] <... write resumed>) = 2097152 [pid 5048] <... mkdir resumed>) = 0 [pid 5049] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5526 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, [pid 5522] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5526 attached [pid 5522] <... munmap resumed>) = 0 [pid 5049] close(4) = 0 [pid 5526] set_robust_list(0x555556629660, 24 [pid 5049] rmdir("./77/file0" [pid 5526] <... set_robust_list resumed>) = 0 [pid 5526] chdir("./76") = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5526] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] getdents64(3, [pid 5526] <... prctl resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5526] setpgid(0, 0 [pid 5049] close(3 [pid 5526] <... setpgid resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5526] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] rmdir("./77" [pid 5526] <... openat resumed>) = 3 [pid 5526] write(3, "1000", 4) = 4 [pid 5049] <... rmdir resumed>) = 0 [pid 5526] close(3 [pid 5049] mkdir("./78", 0777 [pid 5526] <... close resumed>) = 0 [pid 5526] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... mkdir resumed>) = 0 [pid 5522] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5526] <... symlink resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5524] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5523] <... write resumed>) = 2097152 [pid 5522] <... openat resumed>) = 4 [pid 5049] <... close resumed>) = 0 [pid 5526] memfd_create("syzkaller", 0 [pid 5522] ioctl(4, LOOP_SET_FD, 3 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5526] <... memfd_create resumed>) = 3 [pid 5523] munmap(0x7f3b887a1000, 138412032 [pid 5526] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5523] <... munmap resumed>) = 0 [pid 5523] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5527 ./strace-static-x86_64: Process 5527 attached [pid 5527] set_robust_list(0x555556629660, 24 [pid 5523] ioctl(4, LOOP_SET_FD, 3 [pid 5527] <... set_robust_list resumed>) = 0 [pid 5525] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5524] <... write resumed>) = 2097152 [pid 5523] <... ioctl resumed>) = 0 [ 101.257189][ T5522] loop4: detected capacity change from 0 to 4096 [ 101.275184][ T5523] loop5: detected capacity change from 0 to 4096 [pid 5522] <... ioctl resumed>) = 0 [pid 5527] chdir("./78" [pid 5524] munmap(0x7f3b887a1000, 138412032 [pid 5523] close(3 [pid 5522] close(3 [pid 5527] <... chdir resumed>) = 0 [pid 5523] <... close resumed>) = 0 [pid 5523] mkdir("./file0", 0777 [pid 5527] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5523] <... mkdir resumed>) = 0 [pid 5522] <... close resumed>) = 0 [pid 5527] <... prctl resumed>) = 0 [pid 5523] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5522] mkdir("./file0", 0777 [pid 5527] setpgid(0, 0 [pid 5522] <... mkdir resumed>) = 0 [pid 5527] <... setpgid resumed>) = 0 [pid 5522] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5527] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5524] <... munmap resumed>) = 0 [pid 5527] <... openat resumed>) = 3 [pid 5527] write(3, "1000", 4 [pid 5524] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5527] <... write resumed>) = 4 [pid 5527] close(3 [pid 5524] <... openat resumed>) = 4 [pid 5527] <... close resumed>) = 0 [pid 5524] ioctl(4, LOOP_SET_FD, 3 [pid 5527] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5526] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5527] memfd_create("syzkaller", 0 [pid 5525] <... write resumed>) = 2097152 [pid 5524] <... ioctl resumed>) = 0 [pid 5527] <... memfd_create resumed>) = 3 [pid 5527] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5524] close(3 [pid 5527] <... mmap resumed>) = 0x7f3b887a1000 [pid 5524] <... close resumed>) = 0 [ 101.317209][ T5523] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 101.322633][ T5522] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 101.345912][ T5524] loop3: detected capacity change from 0 to 4096 [pid 5524] mkdir("./file0", 0777) = 0 [pid 5524] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5525] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5525] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5525] ioctl(4, LOOP_SET_FD, 3 [pid 5522] <... mount resumed>) = 0 [pid 5522] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5522] chdir("./file0") = 0 [pid 5522] ioctl(4, LOOP_CLR_FD) = 0 [pid 5522] close(4 [pid 5525] <... ioctl resumed>) = 0 [pid 5522] <... close resumed>) = 0 [pid 5525] close(3 [pid 5522] exit_group(0 [pid 5525] <... close resumed>) = 0 [pid 5526] <... write resumed>) = 2097152 [pid 5525] mkdir("./file0", 0777 [pid 5522] <... exit_group resumed>) = ? [pid 5525] <... mkdir resumed>) = 0 [ 101.383852][ T5524] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 101.399481][ T5525] loop0: detected capacity change from 0 to 4096 [pid 5525] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5524] <... mount resumed>) = 0 [pid 5522] +++ exited with 0 +++ [pid 5523] <... mount resumed>) = 0 [pid 5526] munmap(0x7f3b887a1000, 138412032 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5522, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5526] <... munmap resumed>) = 0 [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5524] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5523] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... restart_syscall resumed>) = 0 [pid 5523] <... openat resumed>) = 3 [pid 5524] chdir("./file0") = 0 [pid 5523] chdir("./file0" [pid 5524] ioctl(4, LOOP_CLR_FD) = 0 [pid 5523] <... chdir resumed>) = 0 [pid 5051] umount2("./74", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5524] close(4 [pid 5523] ioctl(4, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5524] <... close resumed>) = 0 [pid 5523] <... ioctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5523] close(4 [pid 5051] <... openat resumed>) = 3 [pid 5524] exit_group(0 [pid 5523] <... close resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5524] <... exit_group resumed>) = ? [pid 5523] exit_group(0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5526] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5523] <... exit_group resumed>) = ? [pid 5051] getdents64(3, [pid 5526] <... openat resumed>) = 4 [pid 5524] +++ exited with 0 +++ [pid 5526] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5524, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] umount2("./74/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5523] +++ exited with 0 +++ [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5050] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5523, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5052] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5526] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] unlink("./74/binderfs" [pid 5050] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] <... unlink resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", [pid 5051] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(3, "", [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5527] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] getdents64(3, [pid 5050] getdents64(3, [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] newfstatat(AT_FDCWD, "./75/binderfs", [pid 5050] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] newfstatat(AT_FDCWD, "./76/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./76/binderfs") = 0 [pid 5050] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5526] close(3 [pid 5052] unlink("./75/binderfs") = 0 [pid 5052] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 101.435919][ T5525] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 101.474277][ T5526] loop1: detected capacity change from 0 to 4096 [pid 5050] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5526] <... close resumed>) = 0 [pid 5526] mkdir("./file0", 0777 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5526] <... mkdir resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5526] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./76/file0") = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./76") = 0 [pid 5050] mkdir("./77", 0777) = 0 [pid 5525] <... mount resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5525] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... openat resumed>) = 3 [pid 5525] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5525] chdir("./file0" [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... ioctl resumed>) = 0 [pid 5525] <... chdir resumed>) = 0 [pid 5051] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] close(3 [pid 5525] ioctl(4, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... close resumed>) = 0 [pid 5525] <... ioctl resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./74/file0", [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5525] close(4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5525] <... close resumed>) = 0 [pid 5051] umount2("./74/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5528 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", [pid 5525] exit_group(0 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5525] <... exit_group resumed>) = ? [pid 5051] getdents64(4, [pid 5525] +++ exited with 0 +++ [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5525, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5051] <... close resumed>) = 0 [pid 5047] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] rmdir("./74/file0" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... rmdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] getdents64(3, [pid 5047] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] close(3) = 0 [pid 5047] newfstatat(AT_FDCWD, "./77/binderfs", [pid 5051] rmdir("./74" [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5528 attached [pid 5051] <... rmdir resumed>) = 0 [pid 5047] unlink("./77/binderfs" [pid 5051] mkdir("./75", 0777 [pid 5047] <... unlink resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5047] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5528] set_robust_list(0x555556629660, 24 [pid 5527] <... write resumed>) = 2097152 [pid 5052] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5528] <... set_robust_list resumed>) = 0 [pid 5527] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5528] chdir("./77" [pid 5527] <... munmap resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5052] newfstatat(AT_FDCWD, "./75/file0", [pid 5528] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5528] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5052] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5528] <... prctl resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 101.539777][ T5526] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5528] setpgid(0, 0 [pid 5527] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] newfstatat(4, "", [pid 5051] close(3 [pid 5527] <... openat resumed>) = 4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... close resumed>) = 0 [pid 5052] getdents64(4, [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5528] <... setpgid resumed>) = 0 [pid 5527] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, [pid 5528] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5527] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5528] <... openat resumed>) = 3 [pid 5527] close(3 [pid 5052] close(4 [pid 5528] write(3, "1000", 4 [pid 5527] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 ./strace-static-x86_64: Process 5529 attached [pid 5528] <... write resumed>) = 4 [pid 5527] mkdir("./file0", 0777 [pid 5052] rmdir("./75/file0" [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5529 [pid 5528] close(3) = 0 [pid 5527] <... mkdir resumed>) = 0 [pid 5529] set_robust_list(0x555556629660, 24 [pid 5528] symlink("/dev/binderfs", "./binderfs" [pid 5527] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] <... rmdir resumed>) = 0 [pid 5529] <... set_robust_list resumed>) = 0 [pid 5528] <... symlink resumed>) = 0 [pid 5052] getdents64(3, [pid 5529] chdir("./75") = 0 [pid 5529] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5526] <... mount resumed>) = 0 [pid 5529] <... prctl resumed>) = 0 [pid 5529] setpgid(0, 0) = 0 [pid 5529] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5529] write(3, "1000", 4 [pid 5526] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... umount2 resumed>) = 0 [pid 5529] <... write resumed>) = 4 [pid 5526] <... openat resumed>) = 3 [pid 5529] close(3 [pid 5526] chdir("./file0" [pid 5529] <... close resumed>) = 0 [pid 5526] <... chdir resumed>) = 0 [pid 5529] symlink("/dev/binderfs", "./binderfs" [pid 5526] ioctl(4, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5529] <... symlink resumed>) = 0 [pid 5526] <... ioctl resumed>) = 0 [pid 5047] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5529] memfd_create("syzkaller", 0 [pid 5528] memfd_create("syzkaller", 0 [pid 5526] close(4 [pid 5052] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5526] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./77/file0", [pid 5526] exit_group(0 [pid 5052] rmdir("./75" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5529] <... memfd_create resumed>) = 3 [pid 5528] <... memfd_create resumed>) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5047] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5529] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5526] <... exit_group resumed>) = ? [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 101.602875][ T5527] loop2: detected capacity change from 0 to 4096 [ 101.634098][ T5527] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5529] <... mmap resumed>) = 0x7f3b887a1000 [pid 5528] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] mkdir("./76", 0777 [pid 5047] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5526] +++ exited with 0 +++ [pid 5052] <... mkdir resumed>) = 0 [pid 5047] getdents64(4, [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5526, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4 [pid 5052] close(3 [pid 5047] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] rmdir("./77/file0" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... rmdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] getdents64(3, [pid 5048] <... openat resumed>) = 3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5530 attached [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5530 [pid 5048] newfstatat(3, "", [pid 5047] close(3 [pid 5530] set_robust_list(0x555556629660, 24 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... close resumed>) = 0 [pid 5048] getdents64(3, [pid 5047] rmdir("./77" [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... rmdir resumed>) = 0 [pid 5048] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] mkdir("./78", 0777 [pid 5530] <... set_robust_list resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... mkdir resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5530] chdir("./76") = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5048] unlink("./76/binderfs" [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5530] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5530] <... prctl resumed>) = 0 [pid 5048] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3 [pid 5530] setpgid(0, 0 [pid 5047] <... close resumed>) = 0 [pid 5530] <... setpgid resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5531 ./strace-static-x86_64: Process 5531 attached [pid 5531] set_robust_list(0x555556629660, 24 [pid 5530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5531] <... set_robust_list resumed>) = 0 [pid 5531] chdir("./78" [pid 5530] <... openat resumed>) = 3 [pid 5531] <... chdir resumed>) = 0 [pid 5530] write(3, "1000", 4 [pid 5531] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5530] <... write resumed>) = 4 [pid 5531] <... prctl resumed>) = 0 [pid 5530] close(3 [pid 5531] setpgid(0, 0) = 0 [pid 5531] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5530] <... close resumed>) = 0 [pid 5530] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5531] write(3, "1000", 4) = 4 [pid 5531] close(3) = 0 [pid 5531] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5531] memfd_create("syzkaller", 0) = 3 [pid 5531] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5530] memfd_create("syzkaller", 0) = 3 [pid 5530] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5529] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5527] <... mount resumed>) = 0 [pid 5527] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5527] chdir("./file0") = 0 [pid 5527] ioctl(4, LOOP_CLR_FD [pid 5048] <... umount2 resumed>) = 0 [pid 5527] <... ioctl resumed>) = 0 [pid 5527] close(4) = 0 [pid 5527] exit_group(0) = ? [pid 5527] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5527, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5528] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5531] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(AT_FDCWD, "./76/file0", [pid 5049] unlink("./78/binderfs" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... unlink resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./76/file0") = 0 [pid 5048] getdents64(3, [pid 5529] <... write resumed>) = 2097152 [pid 5530] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5528] <... write resumed>) = 2097152 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./76" [pid 5529] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] mkdir("./77", 0777 [pid 5528] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5529] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5529] <... openat resumed>) = 4 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5529] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5532 attached [pid 5528] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5528] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5049] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./78/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5532 [pid 5532] set_robust_list(0x555556629660, 24 [pid 5049] getdents64(4, [pid 5532] <... set_robust_list resumed>) = 0 [pid 5531] <... write resumed>) = 2097152 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, [pid 5532] chdir("./77" [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5532] <... chdir resumed>) = 0 [pid 5049] close(4 [pid 5532] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... close resumed>) = 0 [pid 5532] <... prctl resumed>) = 0 [pid 5049] rmdir("./78/file0" [pid 5532] setpgid(0, 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5532] <... setpgid resumed>) = 0 [pid 5529] <... ioctl resumed>) = 0 [pid 5528] close(3 [pid 5049] getdents64(3, [pid 5532] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5529] close(3 [pid 5528] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5531] munmap(0x7f3b887a1000, 138412032 [pid 5529] <... close resumed>) = 0 [pid 5528] mkdir("./file0", 0777 [pid 5049] close(3 [pid 5532] <... openat resumed>) = 3 [pid 5529] mkdir("./file0", 0777 [pid 5528] <... mkdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5532] write(3, "1000", 4 [pid 5529] <... mkdir resumed>) = 0 [pid 5532] <... write resumed>) = 4 [pid 5531] <... munmap resumed>) = 0 [pid 5530] <... write resumed>) = 2097152 [pid 5528] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] rmdir("./78" [pid 5532] close(3 [pid 5530] munmap(0x7f3b887a1000, 138412032 [pid 5529] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] <... rmdir resumed>) = 0 [pid 5532] <... close resumed>) = 0 [ 101.882068][ T5529] loop4: detected capacity change from 0 to 4096 [ 101.893914][ T5528] loop3: detected capacity change from 0 to 4096 [pid 5532] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5531] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5530] <... munmap resumed>) = 0 [pid 5049] mkdir("./79", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5533 attached , child_tidptr=0x555556629650) = 5533 [pid 5533] set_robust_list(0x555556629660, 24) = 0 [pid 5533] chdir("./79") = 0 [pid 5533] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5533] setpgid(0, 0 [pid 5531] <... openat resumed>) = 4 [pid 5531] ioctl(4, LOOP_SET_FD, 3 [pid 5532] memfd_create("syzkaller", 0 [pid 5530] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5532] <... memfd_create resumed>) = 3 [pid 5532] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5530] <... openat resumed>) = 4 [pid 5533] <... setpgid resumed>) = 0 [pid 5532] <... mmap resumed>) = 0x7f3b887a1000 [pid 5533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5533] write(3, "1000", 4) = 4 [pid 5533] close(3) = 0 [pid 5533] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5533] memfd_create("syzkaller", 0 [pid 5531] <... ioctl resumed>) = 0 [pid 5533] <... memfd_create resumed>) = 3 [ 101.925075][ T5528] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 101.930655][ T5529] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 101.954321][ T5531] loop0: detected capacity change from 0 to 4096 [pid 5530] ioctl(4, LOOP_SET_FD, 3 [pid 5531] close(3 [pid 5533] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5531] <... close resumed>) = 0 [pid 5530] <... ioctl resumed>) = 0 [pid 5528] <... mount resumed>) = 0 [pid 5533] <... mmap resumed>) = 0x7f3b887a1000 [pid 5531] mkdir("./file0", 0777 [pid 5530] close(3 [pid 5529] <... mount resumed>) = 0 [pid 5528] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5532] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5531] <... mkdir resumed>) = 0 [pid 5530] <... close resumed>) = 0 [pid 5529] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5528] <... openat resumed>) = 3 [pid 5530] mkdir("./file0", 0777 [pid 5529] <... openat resumed>) = 3 [pid 5530] <... mkdir resumed>) = 0 [pid 5530] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5529] chdir("./file0" [pid 5528] chdir("./file0" [pid 5529] <... chdir resumed>) = 0 [pid 5528] <... chdir resumed>) = 0 [pid 5529] ioctl(4, LOOP_CLR_FD [pid 5528] ioctl(4, LOOP_CLR_FD [pid 5529] <... ioctl resumed>) = 0 [pid 5528] <... ioctl resumed>) = 0 [pid 5529] close(4 [pid 5528] close(4 [pid 5529] <... close resumed>) = 0 [pid 5528] <... close resumed>) = 0 [pid 5529] exit_group(0 [pid 5528] exit_group(0 [pid 5529] <... exit_group resumed>) = ? [pid 5528] <... exit_group resumed>) = ? [pid 5529] +++ exited with 0 +++ [pid 5528] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5529, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5528, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 5050] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5531] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [ 101.981389][ T5530] loop5: detected capacity change from 0 to 4096 [ 102.004859][ T5530] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5050] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] umount2("./75", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... openat resumed>) = 3 [pid 5051] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5050] getdents64(3, [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./77/binderfs") = 0 [pid 5051] umount2("./75/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5532] <... write resumed>) = 2097152 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] unlink("./75/binderfs") = 0 [pid 5532] munmap(0x7f3b887a1000, 138412032 [pid 5533] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5530] <... mount resumed>) = 0 [pid 5530] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5530] chdir("./file0") = 0 [pid 5050] <... umount2 resumed>) = 0 [ 102.032455][ T5531] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5530] ioctl(4, LOOP_CLR_FD [pid 5532] <... munmap resumed>) = 0 [pid 5531] <... mount resumed>) = 0 [pid 5530] <... ioctl resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5532] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5531] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5530] close(4 [pid 5051] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5532] <... openat resumed>) = 4 [pid 5531] <... openat resumed>) = 3 [pid 5530] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./77/file0", [pid 5532] ioctl(4, LOOP_SET_FD, 3 [pid 5531] chdir("./file0" [pid 5530] exit_group(0 [pid 5051] newfstatat(AT_FDCWD, "./75/file0", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5532] <... ioctl resumed>) = 0 [pid 5531] <... chdir resumed>) = 0 [pid 5530] <... exit_group resumed>) = ? [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5530] +++ exited with 0 +++ [pid 5531] ioctl(4, LOOP_CLR_FD [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5530, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5531] <... ioctl resumed>) = 0 [pid 5531] close(4) = 0 [pid 5531] exit_group(0 [pid 5532] close(3 [pid 5051] umount2("./75/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5531] <... exit_group resumed>) = ? [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] newfstatat(4, "", [pid 5531] +++ exited with 0 +++ [pid 5052] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... openat resumed>) = 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] newfstatat(4, "", [pid 5050] getdents64(4, [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5531, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- [pid 5052] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5050] getdents64(4, [pid 5532] <... close resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5532] mkdir("./file0", 0777 [pid 5051] getdents64(4, [pid 5050] close(4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5532] <... mkdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... close resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] close(4 [pid 5050] rmdir("./77/file0" [pid 5047] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... close resumed>) = 0 [pid 5532] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] getdents64(3, [pid 5051] rmdir("./75/file0" [pid 5047] newfstatat(3, "", [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... rmdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [ 102.103707][ T5532] loop1: detected capacity change from 0 to 4096 [pid 5047] getdents64(3, [pid 5533] <... write resumed>) = 2097152 [pid 5052] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... rmdir resumed>) = 0 [pid 5047] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(3, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] newfstatat(AT_FDCWD, "./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./78/binderfs" [pid 5050] close(3 [pid 5047] <... unlink resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] close(3 [pid 5047] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./77" [pid 5051] <... close resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5052] unlink("./76/binderfs" [pid 5050] mkdir("./78", 0777 [pid 5533] munmap(0x7f3b887a1000, 138412032 [pid 5051] rmdir("./75" [pid 5050] <... mkdir resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] mkdir("./76", 0777 [pid 5052] <... unlink resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5534 attached [pid 5534] set_robust_list(0x555556629660, 24) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5534 [ 102.143946][ T5532] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5534] chdir("./76" [pid 5533] <... munmap resumed>) = 0 [pid 5052] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] <... umount2 resumed>) = 0 [pid 5534] <... chdir resumed>) = 0 [pid 5534] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5534] <... prctl resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5534] setpgid(0, 0 [pid 5047] newfstatat(AT_FDCWD, "./78/file0", [pid 5534] <... setpgid resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5534] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5534] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5047] <... openat resumed>) = 4 [pid 5047] newfstatat(4, "", [pid 5534] write(3, "1000", 4 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5534] <... write resumed>) = 4 [pid 5050] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5534] close(3 [pid 5050] <... close resumed>) = 0 [pid 5534] <... close resumed>) = 0 [pid 5047] getdents64(4, [pid 5534] symlink("/dev/binderfs", "./binderfs" [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5534] <... symlink resumed>) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./78/file0") = 0 [pid 5534] memfd_create("syzkaller", 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3 [pid 5534] <... memfd_create resumed>) = 3 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./78") = 0 ./strace-static-x86_64: Process 5535 attached [pid 5534] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5052] <... umount2 resumed>) = 0 [pid 5535] set_robust_list(0x555556629660, 24 [pid 5047] mkdir("./79", 0777 [pid 5535] <... set_robust_list resumed>) = 0 [pid 5533] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5535 [pid 5047] <... mkdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5533] <... openat resumed>) = 4 [pid 5533] ioctl(4, LOOP_SET_FD, 3 [pid 5052] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5535] chdir("./78" [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5535] <... chdir resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5535] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] close(3 [pid 5535] <... prctl resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5535] setpgid(0, 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5535] <... setpgid resumed>) = 0 [pid 5535] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5535] write(3, "1000", 4) = 4 [pid 5535] close(3) = 0 [pid 5535] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5536 attached [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5536 [pid 5536] set_robust_list(0x555556629660, 24 [pid 5052] newfstatat(AT_FDCWD, "./76/file0", [pid 5536] <... set_robust_list resumed>) = 0 [pid 5536] chdir("./79") = 0 [pid 5536] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5536] setpgid(0, 0 [pid 5052] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5536] <... setpgid resumed>) = 0 [pid 5535] <... symlink resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5536] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5535] memfd_create("syzkaller", 0 [pid 5052] newfstatat(4, "", [pid 5533] <... ioctl resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5533] close(3 [pid 5052] getdents64(4, [pid 5533] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5536] <... openat resumed>) = 3 [pid 5533] mkdir("./file0", 0777 [pid 5536] write(3, "1000", 4) = 4 [pid 5533] <... mkdir resumed>) = 0 [pid 5536] close(3 [pid 5535] <... memfd_create resumed>) = 3 [pid 5536] <... close resumed>) = 0 [pid 5535] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5533] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5536] symlink("/dev/binderfs", "./binderfs" [pid 5535] <... mmap resumed>) = 0x7f3b887a1000 [pid 5536] <... symlink resumed>) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5536] memfd_create("syzkaller", 0 [pid 5052] rmdir("./76/file0" [pid 5534] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./76" [pid 5536] <... memfd_create resumed>) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5536] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] mkdir("./77", 0777 [pid 5536] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... mkdir resumed>) = 0 [ 102.224058][ T5533] loop2: detected capacity change from 0 to 4096 [ 102.263008][ T5533] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5532] <... mount resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5532] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] close(3 [pid 5532] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5535] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5534] <... write resumed>) = 2097152 [pid 5532] chdir("./file0" [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5532] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5537 attached [pid 5533] <... mount resumed>) = 0 [pid 5532] ioctl(4, LOOP_CLR_FD) = 0 [pid 5532] close(4 [pid 5537] set_robust_list(0x555556629660, 24 [pid 5533] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5532] <... close resumed>) = 0 [pid 5537] <... set_robust_list resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5537 [pid 5532] exit_group(0 [pid 5537] chdir("./77" [pid 5532] <... exit_group resumed>) = ? [pid 5533] <... openat resumed>) = 3 [pid 5533] chdir("./file0") = 0 [pid 5537] <... chdir resumed>) = 0 [pid 5536] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5534] munmap(0x7f3b887a1000, 138412032 [pid 5533] ioctl(4, LOOP_CLR_FD [pid 5532] +++ exited with 0 +++ [pid 5537] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5533] <... ioctl resumed>) = 0 [pid 5537] <... prctl resumed>) = 0 [pid 5537] setpgid(0, 0 [pid 5534] <... munmap resumed>) = 0 [pid 5533] close(4 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5532, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5537] <... setpgid resumed>) = 0 [pid 5535] <... write resumed>) = 2097152 [pid 5534] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5533] <... close resumed>) = 0 [pid 5537] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5534] <... openat resumed>) = 4 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5534] ioctl(4, LOOP_SET_FD, 3 [pid 5533] exit_group(0 [pid 5537] <... openat resumed>) = 3 [pid 5533] <... exit_group resumed>) = ? [pid 5048] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5535] munmap(0x7f3b887a1000, 138412032 [pid 5048] getdents64(3, [pid 5537] write(3, "1000", 4 [pid 5535] <... munmap resumed>) = 0 [pid 5534] <... ioctl resumed>) = 0 [pid 5533] +++ exited with 0 +++ [pid 5537] <... write resumed>) = 4 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5533, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=1 /* 0.01 s */} --- [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5537] close(3) = 0 [pid 5048] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5537] symlink("/dev/binderfs", "./binderfs" [pid 5049] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5537] <... symlink resumed>) = 0 [pid 5534] close(3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5534] <... close resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] newfstatat(AT_FDCWD, "./77/binderfs", [pid 5534] mkdir("./file0", 0777 [pid 5049] <... openat resumed>) = 3 [pid 5537] memfd_create("syzkaller", 0 [pid 5534] <... mkdir resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5535] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] unlink("./77/binderfs" [pid 5535] <... openat resumed>) = 4 [pid 5049] getdents64(3, [pid 5048] <... unlink resumed>) = 0 [pid 5535] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5537] <... memfd_create resumed>) = 3 [pid 5535] <... ioctl resumed>) = 0 [pid 5049] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5534] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5537] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./79/binderfs") = 0 [ 102.395086][ T5534] loop4: detected capacity change from 0 to 4096 [ 102.425319][ T5535] loop3: detected capacity change from 0 to 4096 [pid 5049] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5535] close(3) = 0 [pid 5535] mkdir("./file0", 0777) = 0 [pid 5535] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] <... umount2 resumed>) = 0 [pid 5536] <... write resumed>) = 2097152 [pid 5049] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5536] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... umount2 resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5536] <... munmap resumed>) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5048] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./79/file0" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5048] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 102.438421][ T5534] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 102.452860][ T5535] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5048] newfstatat(4, "", [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] close(3 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... close resumed>) = 0 [pid 5048] getdents64(4, [pid 5049] rmdir("./79" [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./77/file0" [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5536] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] mkdir("./80", 0777 [pid 5536] <... openat resumed>) = 4 [pid 5536] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./77" [pid 5534] <... mount resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5535] <... mount resumed>) = 0 [pid 5048] mkdir("./78", 0777 [pid 5534] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5535] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5534] <... openat resumed>) = 3 [pid 5537] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5535] chdir("./file0" [pid 5534] chdir("./file0" [pid 5049] <... openat resumed>) = 3 [pid 5048] <... mkdir resumed>) = 0 [pid 5535] <... chdir resumed>) = 0 [pid 5534] <... chdir resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5536] <... ioctl resumed>) = 0 [pid 5536] close(3 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5536] <... close resumed>) = 0 [pid 5049] close(3 [pid 5535] ioctl(4, LOOP_CLR_FD [pid 5534] ioctl(4, LOOP_CLR_FD [pid 5536] mkdir("./file0", 0777 [pid 5049] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5536] <... mkdir resumed>) = 0 [pid 5535] <... ioctl resumed>) = 0 [pid 5534] <... ioctl resumed>) = 0 [ 102.514404][ T5536] loop0: detected capacity change from 0 to 4096 [pid 5535] close(4 [pid 5534] close(4 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5535] <... close resumed>) = 0 [pid 5534] <... close resumed>) = 0 [pid 5536] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5048] <... openat resumed>) = 3 [pid 5535] exit_group(0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5534] exit_group(0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5535] <... exit_group resumed>) = ? [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5538 [pid 5534] <... exit_group resumed>) = ? [pid 5535] +++ exited with 0 +++ [pid 5534] +++ exited with 0 +++ [pid 5048] close(3./strace-static-x86_64: Process 5538 attached [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5534, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5048] <... close resumed>) = 0 [pid 5538] set_robust_list(0x555556629660, 24 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5535, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] umount2("./76", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 3 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5539 [pid 5538] <... set_robust_list resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5539 attached [pid 5538] chdir("./80" [pid 5051] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] newfstatat(3, "", [pid 5539] set_robust_list(0x555556629660, 24 [pid 5051] <... openat resumed>) = 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] newfstatat(3, "", [pid 5050] getdents64(3, [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5538] <... chdir resumed>) = 0 [pid 5537] <... write resumed>) = 2097152 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5538] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5537] munmap(0x7f3b887a1000, 138412032 [pid 5050] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5538] <... prctl resumed>) = 0 [pid 5537] <... munmap resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5538] setpgid(0, 0 [pid 5050] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5538] <... setpgid resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5538] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] getdents64(3, [pid 5050] unlink("./78/binderfs" [pid 5539] <... set_robust_list resumed>) = 0 [pid 5538] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./76/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5539] chdir("./78" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... unlink resumed>) = 0 [pid 5539] <... chdir resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5050] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5539] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5538] write(3, "1000", 4 [pid 5537] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5539] <... prctl resumed>) = 0 [pid 5538] <... write resumed>) = 4 [pid 5051] unlink("./76/binderfs" [pid 5539] setpgid(0, 0 [pid 5538] close(3 [pid 5537] <... openat resumed>) = 4 [pid 5051] <... unlink resumed>) = 0 [pid 5538] <... close resumed>) = 0 [pid 5537] ioctl(4, LOOP_SET_FD, 3 [pid 5051] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5538] symlink("/dev/binderfs", "./binderfs" [pid 5539] <... setpgid resumed>) = 0 [pid 5539] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5537] <... ioctl resumed>) = 0 [pid 5539] write(3, "1000", 4 [pid 5538] <... symlink resumed>) = 0 [pid 5539] <... write resumed>) = 4 [pid 5539] close(3 [pid 5538] memfd_create("syzkaller", 0 [pid 5539] <... close resumed>) = 0 [pid 5539] symlink("/dev/binderfs", "./binderfs" [pid 5538] <... memfd_create resumed>) = 3 [pid 5538] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5539] <... symlink resumed>) = 0 [pid 5538] <... mmap resumed>) = 0x7f3b887a1000 [pid 5539] memfd_create("syzkaller", 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5539] <... memfd_create resumed>) = 3 [pid 5539] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5537] close(3) = 0 [pid 5537] mkdir("./file0", 0777 [ 102.556194][ T5536] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 102.594768][ T5537] loop5: detected capacity change from 0 to 4096 [pid 5050] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5537] <... mkdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5537] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5051] <... umount2 resumed>) = 0 [pid 5051] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./76/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./78/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", [pid 5051] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, [pid 5051] <... openat resumed>) = 4 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] newfstatat(4, "", [pid 5050] getdents64(4, [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] getdents64(4, [pid 5050] close(4 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... close resumed>) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./76/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] rmdir("./78/file0" [pid 5051] close(3 [pid 5050] <... rmdir resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./76") = 0 [pid 5050] getdents64(3, [pid 5051] mkdir("./77", 0777 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./78" [pid 5051] <... mkdir resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5050] mkdir("./79", 0777 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5536] <... mount resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [ 102.639154][ T5537] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5540 attached [pid 5536] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... openat resumed>) = 3 [pid 5540] set_robust_list(0x555556629660, 24 [pid 5538] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5536] <... openat resumed>) = 3 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5540 [pid 5540] <... set_robust_list resumed>) = 0 [pid 5540] chdir("./77" [pid 5536] chdir("./file0") = 0 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5540] <... chdir resumed>) = 0 [pid 5050] close(3 [pid 5540] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5536] ioctl(4, LOOP_CLR_FD [pid 5050] <... close resumed>) = 0 [pid 5540] <... prctl resumed>) = 0 [pid 5536] <... ioctl resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5540] setpgid(0, 0 [pid 5536] close(4 [pid 5540] <... setpgid resumed>) = 0 [pid 5536] <... close resumed>) = 0 [pid 5540] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5539] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5536] exit_group(0./strace-static-x86_64: Process 5541 attached [pid 5540] <... openat resumed>) = 3 [pid 5536] <... exit_group resumed>) = ? [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5541 [pid 5541] set_robust_list(0x555556629660, 24) = 0 [pid 5540] write(3, "1000", 4 [pid 5536] +++ exited with 0 +++ [pid 5540] <... write resumed>) = 4 [pid 5540] close(3 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5536, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5540] <... close resumed>) = 0 [pid 5540] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5541] chdir("./79" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5541] <... chdir resumed>) = 0 [pid 5540] memfd_create("syzkaller", 0 [pid 5047] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5541] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5540] <... memfd_create resumed>) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5540] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] newfstatat(3, "", [pid 5540] <... mmap resumed>) = 0x7f3b887a1000 [pid 5541] <... prctl resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5541] setpgid(0, 0) = 0 [pid 5541] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5541] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5541] write(3, "1000", 4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5541] <... write resumed>) = 4 [pid 5541] close(3 [pid 5047] unlink("./79/binderfs" [pid 5541] <... close resumed>) = 0 [pid 5541] symlink("/dev/binderfs", "./binderfs" [pid 5047] <... unlink resumed>) = 0 [pid 5541] <... symlink resumed>) = 0 [pid 5537] <... mount resumed>) = 0 [pid 5047] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5541] memfd_create("syzkaller", 0 [pid 5539] <... write resumed>) = 2097152 [pid 5537] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... umount2 resumed>) = 0 [pid 5541] <... memfd_create resumed>) = 3 [pid 5541] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5539] munmap(0x7f3b887a1000, 138412032 [pid 5538] <... write resumed>) = 2097152 [pid 5537] <... openat resumed>) = 3 [pid 5047] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5537] chdir("./file0") = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5541] <... mmap resumed>) = 0x7f3b887a1000 [pid 5538] munmap(0x7f3b887a1000, 138412032 [pid 5537] ioctl(4, LOOP_CLR_FD [pid 5047] newfstatat(AT_FDCWD, "./79/file0", [pid 5537] <... ioctl resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5537] close(4) = 0 [pid 5047] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5537] exit_group(0) = ? [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5537] +++ exited with 0 +++ [pid 5047] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5537, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, [pid 5052] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5539] <... munmap resumed>) = 0 [pid 5538] <... munmap resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(4) = 0 [pid 5047] rmdir("./79/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./79") = 0 [pid 5047] mkdir("./80", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5052] getdents64(3, [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3 [pid 5540] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5539] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5538] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... close resumed>) = 0 [pid 5539] <... openat resumed>) = 4 [pid 5538] <... openat resumed>) = 4 [pid 5052] newfstatat(AT_FDCWD, "./77/binderfs", [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5539] ioctl(4, LOOP_SET_FD, 3 [pid 5538] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./77/binderfs" [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5542 [pid 5052] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5542 attached [ 102.830789][ T5539] loop1: detected capacity change from 0 to 4096 [ 102.837627][ T5538] loop2: detected capacity change from 0 to 4096 [pid 5052] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5542] set_robust_list(0x555556629660, 24 [pid 5541] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5542] <... set_robust_list resumed>) = 0 [pid 5542] chdir("./80") = 0 [pid 5542] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5538] <... ioctl resumed>) = 0 [pid 5542] setpgid(0, 0 [pid 5538] close(3 [pid 5542] <... setpgid resumed>) = 0 [pid 5538] <... close resumed>) = 0 [pid 5542] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5538] mkdir("./file0", 0777 [pid 5542] <... openat resumed>) = 3 [pid 5542] write(3, "1000", 4 [pid 5538] <... mkdir resumed>) = 0 [pid 5542] <... write resumed>) = 4 [pid 5538] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5542] close(3 [pid 5541] <... write resumed>) = 2097152 [pid 5539] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5542] <... close resumed>) = 0 [pid 5542] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5542] memfd_create("syzkaller", 0) = 3 [pid 5542] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5541] munmap(0x7f3b887a1000, 138412032 [pid 5052] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5540] <... write resumed>) = 2097152 [pid 5539] close(3) = 0 [pid 5539] mkdir("./file0", 0777 [pid 5541] <... munmap resumed>) = 0 [pid 5540] munmap(0x7f3b887a1000, 138412032 [pid 5539] <... mkdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5539] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] newfstatat(AT_FDCWD, "./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5540] <... munmap resumed>) = 0 [pid 5052] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5540] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5541] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5540] <... openat resumed>) = 4 [pid 5541] <... openat resumed>) = 4 [pid 5052] <... openat resumed>) = 4 [pid 5541] ioctl(4, LOOP_SET_FD, 3 [pid 5540] ioctl(4, LOOP_SET_FD, 3 [ 102.874619][ T5538] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 102.902910][ T5539] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./77/file0") = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./77") = 0 [pid 5052] mkdir("./78", 0777) = 0 [pid 5541] <... ioctl resumed>) = 0 [pid 5540] <... ioctl resumed>) = 0 [pid 5541] close(3 [pid 5540] close(3 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5540] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5543 attached [pid 5543] set_robust_list(0x555556629660, 24) = 0 [pid 5543] chdir("./78") = 0 [pid 5543] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5542] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5541] <... close resumed>) = 0 [pid 5540] mkdir("./file0", 0777 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5543 [pid 5543] <... prctl resumed>) = 0 [pid 5541] mkdir("./file0", 0777 [pid 5540] <... mkdir resumed>) = 0 [pid 5543] setpgid(0, 0 [pid 5541] <... mkdir resumed>) = 0 [pid 5540] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 102.931429][ T5541] loop3: detected capacity change from 0 to 4096 [ 102.938244][ T5540] loop4: detected capacity change from 0 to 4096 [pid 5543] <... setpgid resumed>) = 0 [pid 5541] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5539] <... mount resumed>) = 0 [pid 5538] <... mount resumed>) = 0 [pid 5538] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5543] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5539] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5539] chdir("./file0") = 0 [pid 5538] chdir("./file0" [pid 5543] <... openat resumed>) = 3 [pid 5538] <... chdir resumed>) = 0 [pid 5543] write(3, "1000", 4 [pid 5539] ioctl(4, LOOP_CLR_FD [pid 5538] ioctl(4, LOOP_CLR_FD [pid 5543] <... write resumed>) = 4 [pid 5539] <... ioctl resumed>) = 0 [pid 5538] <... ioctl resumed>) = 0 [pid 5543] close(3 [pid 5539] close(4 [pid 5538] close(4 [pid 5543] <... close resumed>) = 0 [pid 5539] <... close resumed>) = 0 [pid 5538] <... close resumed>) = 0 [pid 5543] symlink("/dev/binderfs", "./binderfs" [pid 5539] exit_group(0 [pid 5538] exit_group(0 [pid 5543] <... symlink resumed>) = 0 [pid 5539] <... exit_group resumed>) = ? [pid 5538] <... exit_group resumed>) = ? [pid 5543] memfd_create("syzkaller", 0 [pid 5539] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5539, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=3 /* 0.03 s */} --- [pid 5538] +++ exited with 0 +++ [pid 5048] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5538, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=9 /* 0.09 s */} --- [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5543] <... memfd_create resumed>) = 3 [pid 5048] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5543] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... openat resumed>) = 3 [pid 5543] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(3, "", [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] getdents64(3, [pid 5542] <... write resumed>) = 2097152 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] newfstatat(3, "", [pid 5048] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./80/binderfs") = 0 [pid 5048] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5049] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5542] munmap(0x7f3b887a1000, 138412032 [pid 5048] unlink("./78/binderfs") = 0 [pid 5048] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5542] <... munmap resumed>) = 0 [pid 5542] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 103.003958][ T5540] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 103.014813][ T5541] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5542] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5542] close(3 [pid 5048] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5542] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5542] mkdir("./file0", 0777 [pid 5048] newfstatat(AT_FDCWD, "./78/file0", [pid 5542] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5542] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5048] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./78/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./78") = 0 [pid 5048] mkdir("./79", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = 0 [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5540] <... mount resumed>) = 0 [pid 5540] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = 0 [pid 5540] <... openat resumed>) = 3 [pid 5540] chdir("./file0"./strace-static-x86_64: Process 5544 attached ) = 0 [pid 5544] set_robust_list(0x555556629660, 24) = 0 [pid 5544] chdir("./79" [pid 5540] ioctl(4, LOOP_CLR_FD [pid 5544] <... chdir resumed>) = 0 [pid 5544] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5540] <... ioctl resumed>) = 0 [pid 5544] <... prctl resumed>) = 0 [pid 5540] close(4 [pid 5544] setpgid(0, 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5544 [pid 5544] <... setpgid resumed>) = 0 [pid 5544] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5543] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5541] <... mount resumed>) = 0 [pid 5540] <... close resumed>) = 0 [pid 5544] write(3, "1000", 4 [pid 5049] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5544] <... write resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./80/file0", [pid 5544] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5544] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5544] symlink("/dev/binderfs", "./binderfs" [pid 5049] newfstatat(4, "", [pid 5544] <... symlink resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [ 103.060989][ T5542] loop0: detected capacity change from 0 to 4096 [ 103.080917][ T5542] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5049] close(4) = 0 [pid 5049] rmdir("./80/file0" [pid 5540] exit_group(0) = ? [pid 5541] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5049] <... rmdir resumed>) = 0 [pid 5540] +++ exited with 0 +++ [pid 5049] getdents64(3, [pid 5541] chdir("./file0" [pid 5544] memfd_create("syzkaller", 0 [pid 5541] <... chdir resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5540, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5541] ioctl(4, LOOP_CLR_FD [pid 5051] <... restart_syscall resumed>) = 0 [pid 5049] close(3 [pid 5541] <... ioctl resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./80" [pid 5051] umount2("./77", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5541] close(4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5541] <... close resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5541] exit_group(0 [pid 5051] <... openat resumed>) = 3 [pid 5541] <... exit_group resumed>) = ? [pid 5051] newfstatat(3, "", [pid 5544] <... memfd_create resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5544] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] getdents64(3, [pid 5544] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5541] +++ exited with 0 +++ [pid 5051] umount2("./77/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./77/binderfs", [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5541, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./77/binderfs") = 0 [pid 5542] <... mount resumed>) = 0 [pid 5051] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] mkdir("./81", 0777 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5542] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] newfstatat(AT_FDCWD, "./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./79/binderfs") = 0 [pid 5049] close(3) = 0 [pid 5050] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5545 attached [pid 5545] set_robust_list(0x555556629660, 24 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5545 [pid 5542] <... openat resumed>) = 3 [pid 5545] <... set_robust_list resumed>) = 0 [pid 5542] chdir("./file0" [pid 5545] chdir("./81") = 0 [pid 5545] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5545] setpgid(0, 0) = 0 [pid 5545] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5542] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5545] write(3, "1000", 4 [pid 5542] ioctl(4, LOOP_CLR_FD [pid 5051] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5542] <... ioctl resumed>) = 0 [pid 5542] close(4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5542] <... close resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./77/file0", [pid 5542] exit_group(0 [pid 5545] <... write resumed>) = 4 [pid 5543] <... write resumed>) = 2097152 [pid 5542] <... exit_group resumed>) = ? [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5545] close(3 [pid 5051] umount2("./77/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5545] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5545] symlink("/dev/binderfs", "./binderfs" [pid 5051] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5545] <... symlink resumed>) = 0 [pid 5542] +++ exited with 0 +++ [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5542, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5543] munmap(0x7f3b887a1000, 138412032 [pid 5545] memfd_create("syzkaller", 0 [pid 5051] getdents64(4, [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... restart_syscall resumed>) = 0 [pid 5051] getdents64(4, [pid 5545] <... memfd_create resumed>) = 3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5545] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] close(4 [pid 5047] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5545] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... close resumed>) = 0 [pid 5543] <... munmap resumed>) = 0 [pid 5051] rmdir("./77/file0" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... rmdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5051] close(3) = 0 [pid 5047] newfstatat(3, "", [pid 5543] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] rmdir("./77" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5543] <... openat resumed>) = 4 [pid 5051] <... rmdir resumed>) = 0 [pid 5543] ioctl(4, LOOP_SET_FD, 3 [pid 5051] mkdir("./78", 0777 [pid 5047] getdents64(3, [pid 5051] <... mkdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... openat resumed>) = 3 [pid 5047] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5543] <... ioctl resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] close(3 [pid 5047] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5051] <... close resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] unlink("./80/binderfs") = 0 [pid 5047] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5546 ./strace-static-x86_64: Process 5546 attached [pid 5546] set_robust_list(0x555556629660, 24) = 0 [pid 5546] chdir("./78") = 0 [pid 5546] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5544] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5543] close(3 [pid 5546] <... prctl resumed>) = 0 [pid 5543] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5546] setpgid(0, 0 [pid 5050] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5546] <... setpgid resumed>) = 0 [ 103.265721][ T5543] loop5: detected capacity change from 0 to 4096 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5546] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5543] mkdir("./file0", 0777 [pid 5546] <... openat resumed>) = 3 [pid 5050] newfstatat(AT_FDCWD, "./79/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5543] <... mkdir resumed>) = 0 [pid 5546] write(3, "1000", 4 [pid 5050] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5546] <... write resumed>) = 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5546] close(3 [pid 5050] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5546] <... close resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5546] symlink("/dev/binderfs", "./binderfs" [pid 5050] newfstatat(4, "", [pid 5546] <... symlink resumed>) = 0 [pid 5543] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5546] memfd_create("syzkaller", 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5546] <... memfd_create resumed>) = 3 [pid 5050] rmdir("./79/file0" [pid 5546] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5546] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./79") = 0 [pid 5050] mkdir("./80", 0777) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5047] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] close(3) = 0 [pid 5047] newfstatat(AT_FDCWD, "./80/file0", [pid 5545] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5544] <... write resumed>) = 2097152 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5544] munmap(0x7f3b887a1000, 138412032 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./80/file0") = 0 ./strace-static-x86_64: Process 5547 attached [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5547 [pid 5047] getdents64(3, [pid 5547] set_robust_list(0x555556629660, 24) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5547] chdir("./80" [pid 5047] close(3 [pid 5547] <... chdir resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5547] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] rmdir("./80" [pid 5544] <... munmap resumed>) = 0 [pid 5544] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5547] <... prctl resumed>) = 0 [ 103.328618][ T5543] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5047] <... rmdir resumed>) = 0 [pid 5047] mkdir("./81", 0777 [pid 5547] setpgid(0, 0 [pid 5544] <... openat resumed>) = 4 [pid 5047] <... mkdir resumed>) = 0 [pid 5547] <... setpgid resumed>) = 0 [pid 5544] ioctl(4, LOOP_SET_FD, 3 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5544] <... ioctl resumed>) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5547] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5547] <... openat resumed>) = 3 [pid 5047] close(3 [pid 5547] write(3, "1000", 4) = 4 [pid 5047] <... close resumed>) = 0 [pid 5547] close(3 [pid 5546] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5543] <... mount resumed>) = 0 [pid 5547] <... close resumed>) = 0 [pid 5543] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5548 [pid 5547] symlink("/dev/binderfs", "./binderfs" [pid 5543] <... openat resumed>) = 3 [pid 5543] chdir("./file0" [pid 5547] <... symlink resumed>) = 0 [pid 5543] <... chdir resumed>) = 0 [pid 5544] close(3 [pid 5543] ioctl(4, LOOP_CLR_FD) = 0 [pid 5543] close(4 [pid 5547] memfd_create("syzkaller", 0 [pid 5544] <... close resumed>) = 0 [pid 5543] <... close resumed>) = 0 [pid 5544] mkdir("./file0", 0777 [pid 5543] exit_group(0./strace-static-x86_64: Process 5548 attached [pid 5548] set_robust_list(0x555556629660, 24) = 0 [pid 5544] <... mkdir resumed>) = 0 [pid 5548] chdir("./81") = 0 [pid 5547] <... memfd_create resumed>) = 3 [pid 5543] <... exit_group resumed>) = ? [pid 5548] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5548] setpgid(0, 0) = 0 [pid 5548] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5548] write(3, "1000", 4 [pid 5547] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5545] <... write resumed>) = 2097152 [pid 5543] +++ exited with 0 +++ [pid 5548] <... write resumed>) = 4 [pid 5547] <... mmap resumed>) = 0x7f3b887a1000 [pid 5545] munmap(0x7f3b887a1000, 138412032 [pid 5548] close(3 [pid 5545] <... munmap resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5543, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5548] <... close resumed>) = 0 [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5544] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5548] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... restart_syscall resumed>) = 0 [ 103.403524][ T5544] loop1: detected capacity change from 0 to 4096 [pid 5548] <... symlink resumed>) = 0 [pid 5548] memfd_create("syzkaller", 0) = 3 [pid 5548] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5052] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5545] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5545] <... openat resumed>) = 4 [pid 5545] ioctl(4, LOOP_SET_FD, 3 [pid 5546] <... write resumed>) = 2097152 [pid 5052] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./78/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./78/binderfs") = 0 [pid 5052] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5545] <... ioctl resumed>) = 0 [pid 5545] close(3) = 0 [pid 5545] mkdir("./file0", 0777) = 0 [ 103.455092][ T5544] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 103.484349][ T5545] loop2: detected capacity change from 0 to 4096 [pid 5545] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5547] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5546] munmap(0x7f3b887a1000, 138412032 [pid 5544] <... mount resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5546] <... munmap resumed>) = 0 [pid 5052] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5544] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5544] <... openat resumed>) = 3 [pid 5052] newfstatat(AT_FDCWD, "./78/file0", [pid 5544] chdir("./file0" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5546] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5544] <... chdir resumed>) = 0 [pid 5052] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5546] <... openat resumed>) = 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5546] ioctl(4, LOOP_SET_FD, 3 [pid 5052] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5544] ioctl(4, LOOP_CLR_FD [pid 5052] <... openat resumed>) = 4 [pid 5544] <... ioctl resumed>) = 0 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5544] close(4 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5544] <... close resumed>) = 0 [pid 5052] close(4 [pid 5544] exit_group(0 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./78/file0" [pid 5544] <... exit_group resumed>) = ? [pid 5052] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5544] +++ exited with 0 +++ [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5544, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5052] close(3) = 0 [pid 5052] rmdir("./78") = 0 [pid 5048] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] mkdir("./79", 0777 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, [pid 5052] <... mkdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5546] <... ioctl resumed>) = 0 [pid 5048] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5546] close(3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5548] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5546] <... close resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5048] newfstatat(AT_FDCWD, "./79/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5546] mkdir("./file0", 0777 [pid 5048] unlink("./79/binderfs" [pid 5546] <... mkdir resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5048] <... unlink resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5546] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5052] close(3 [ 103.522417][ T5545] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 103.541140][ T5546] loop4: detected capacity change from 0 to 4096 [pid 5048] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5547] <... write resumed>) = 2097152 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5549 attached , child_tidptr=0x555556629650) = 5549 [pid 5549] set_robust_list(0x555556629660, 24) = 0 [pid 5549] chdir("./79") = 0 [pid 5547] munmap(0x7f3b887a1000, 138412032 [pid 5549] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5547] <... munmap resumed>) = 0 [pid 5549] <... prctl resumed>) = 0 [pid 5549] setpgid(0, 0) = 0 [pid 5549] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... umount2 resumed>) = 0 [pid 5549] <... openat resumed>) = 3 [pid 5548] <... write resumed>) = 2097152 [pid 5547] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5545] <... mount resumed>) = 0 [pid 5048] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5549] write(3, "1000", 4 [pid 5547] <... openat resumed>) = 4 [pid 5545] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5549] <... write resumed>) = 4 [pid 5547] ioctl(4, LOOP_SET_FD, 3 [pid 5545] <... openat resumed>) = 3 [ 103.593336][ T5546] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5048] newfstatat(AT_FDCWD, "./79/file0", [pid 5549] close(3 [pid 5545] chdir("./file0" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5545] <... chdir resumed>) = 0 [pid 5048] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5548] munmap(0x7f3b887a1000, 138412032 [pid 5545] ioctl(4, LOOP_CLR_FD [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5545] <... ioctl resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5549] <... close resumed>) = 0 [pid 5548] <... munmap resumed>) = 0 [pid 5547] <... ioctl resumed>) = 0 [pid 5545] close(4 [pid 5048] <... openat resumed>) = 4 [pid 5549] symlink("/dev/binderfs", "./binderfs" [pid 5547] close(3 [pid 5545] <... close resumed>) = 0 [pid 5549] <... symlink resumed>) = 0 [pid 5548] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5547] <... close resumed>) = 0 [pid 5545] exit_group(0 [pid 5048] newfstatat(4, "", [pid 5549] memfd_create("syzkaller", 0 [pid 5548] <... openat resumed>) = 4 [pid 5547] mkdir("./file0", 0777) = 0 [pid 5545] <... exit_group resumed>) = ? [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5547] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5549] <... memfd_create resumed>) = 3 [pid 5548] ioctl(4, LOOP_SET_FD, 3 [pid 5545] +++ exited with 0 +++ [pid 5048] getdents64(4, [pid 5549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5545, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=2 /* 0.02 s */} --- [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, [pid 5049] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] close(4) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5049] newfstatat(3, "", [pid 5048] rmdir("./79/file0" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... rmdir resumed>) = 0 [pid 5049] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5049] newfstatat(AT_FDCWD, "./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... close resumed>) = 0 [pid 5049] unlink("./81/binderfs" [pid 5048] rmdir("./79" [pid 5049] <... unlink resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] mkdir("./80", 0777 [pid 5049] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... mkdir resumed>) = 0 [pid 5549] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5548] <... ioctl resumed>) = 0 [pid 5546] <... mount resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5547] <... mount resumed>) = 0 [pid 5547] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5547] <... openat resumed>) = 3 [pid 5049] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] close(3 [pid 5547] chdir("./file0" [pid 5546] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... close resumed>) = 0 [pid 5548] close(3 [pid 5049] newfstatat(AT_FDCWD, "./81/file0", [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5547] <... chdir resumed>) = 0 [pid 5547] ioctl(4, LOOP_CLR_FD [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5547] <... ioctl resumed>) = 0 [pid 5049] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 103.644623][ T5547] loop3: detected capacity change from 0 to 4096 [ 103.667161][ T5547] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 103.677554][ T5548] loop0: detected capacity change from 0 to 4096 [pid 5547] close(4 [pid 5548] <... close resumed>) = 0 [pid 5547] <... close resumed>) = 0 [pid 5546] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5550 attached [pid 5548] mkdir("./file0", 0777 [pid 5547] exit_group(0 [pid 5546] chdir("./file0" [pid 5049] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5550] set_robust_list(0x555556629660, 24 [pid 5548] <... mkdir resumed>) = 0 [pid 5547] <... exit_group resumed>) = ? [pid 5546] <... chdir resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5550 [pid 5550] <... set_robust_list resumed>) = 0 [pid 5548] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5546] ioctl(4, LOOP_CLR_FD [pid 5049] <... openat resumed>) = 4 [pid 5550] chdir("./80" [pid 5546] <... ioctl resumed>) = 0 [pid 5550] <... chdir resumed>) = 0 [pid 5549] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5547] +++ exited with 0 +++ [pid 5049] newfstatat(4, "", [pid 5550] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5547, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5050] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5546] close(4) = 0 [pid 5050] getdents64(3, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5546] exit_group(0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5546] <... exit_group resumed>) = ? [pid 5050] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5550] <... prctl resumed>) = 0 [pid 5546] +++ exited with 0 +++ [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(4, [pid 5050] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5546, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5050] unlink("./80/binderfs" [pid 5051] <... restart_syscall resumed>) = 0 [pid 5051] umount2("./78", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5550] setpgid(0, 0 [pid 5051] getdents64(3, [pid 5550] <... setpgid resumed>) = 0 [pid 5550] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5550] write(3, "1000", 4 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... unlink resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5550] <... write resumed>) = 4 [pid 5051] umount2("./78/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(4, [pid 5550] close(3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5550] <... close resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5049] close(4 [pid 5550] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... close resumed>) = 0 [pid 5550] <... symlink resumed>) = 0 [pid 5051] unlink("./78/binderfs" [pid 5049] rmdir("./81/file0" [pid 5051] <... unlink resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5051] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, [pid 5550] memfd_create("syzkaller", 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3 [pid 5550] <... memfd_create resumed>) = 3 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5550] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] rmdir("./81" [pid 5550] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... rmdir resumed>) = 0 [ 103.732062][ T5548] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5050] newfstatat(AT_FDCWD, "./80/file0", [pid 5049] mkdir("./82", 0777 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5050] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5050] getdents64(4, [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5551 attached [pid 5548] <... mount resumed>) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5551] set_robust_list(0x555556629660, 24 [pid 5050] rmdir("./80/file0" [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5551 [pid 5551] <... set_robust_list resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5551] chdir("./82" [pid 5548] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5050] getdents64(3, [pid 5551] <... chdir resumed>) = 0 [pid 5548] chdir("./file0" [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5551] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5548] <... chdir resumed>) = 0 [pid 5551] <... prctl resumed>) = 0 [pid 5548] ioctl(4, LOOP_CLR_FD [pid 5050] close(3 [pid 5551] setpgid(0, 0 [pid 5548] <... ioctl resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5551] <... setpgid resumed>) = 0 [pid 5548] close(4 [pid 5050] rmdir("./80" [pid 5551] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5548] <... close resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5551] <... openat resumed>) = 3 [pid 5548] exit_group(0 [pid 5051] <... umount2 resumed>) = 0 [pid 5551] write(3, "1000", 4 [pid 5548] <... exit_group resumed>) = ? [pid 5050] mkdir("./81", 0777 [pid 5551] <... write resumed>) = 4 [pid 5549] <... write resumed>) = 2097152 [pid 5548] +++ exited with 0 +++ [pid 5050] <... mkdir resumed>) = 0 [pid 5551] close(3 [pid 5549] munmap(0x7f3b887a1000, 138412032 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5548, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5551] <... close resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5551] symlink("/dev/binderfs", "./binderfs" [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5551] <... symlink resumed>) = 0 [pid 5050] <... ioctl resumed>) = 0 [pid 5047] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5549] <... munmap resumed>) = 0 [pid 5050] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5551] memfd_create("syzkaller", 0 [pid 5050] <... close resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... openat resumed>) = 3 [pid 5051] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(3, "", ./strace-static-x86_64: Process 5552 attached [pid 5551] <... memfd_create resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] newfstatat(AT_FDCWD, "./78/file0", [pid 5047] getdents64(3, [pid 5552] set_robust_list(0x555556629660, 24 [pid 5551] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5552] <... set_robust_list resumed>) = 0 [pid 5551] <... mmap resumed>) = 0x7f3b887a1000 [pid 5549] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5552 [pid 5550] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5549] <... openat resumed>) = 4 [pid 5549] ioctl(4, LOOP_SET_FD, 3 [pid 5047] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5552] chdir("./81" [pid 5051] umount2("./78/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(AT_FDCWD, "./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./81/binderfs") = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", [pid 5552] <... chdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5552] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./78/file0" [pid 5552] <... prctl resumed>) = 0 [pid 5552] setpgid(0, 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5552] <... setpgid resumed>) = 0 [pid 5549] <... ioctl resumed>) = 0 [pid 5051] getdents64(3, [pid 5552] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5549] close(3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5552] <... openat resumed>) = 3 [pid 5549] <... close resumed>) = 0 [pid 5051] close(3 [pid 5552] write(3, "1000", 4 [pid 5051] <... close resumed>) = 0 [pid 5549] mkdir("./file0", 0777) = 0 [pid 5552] <... write resumed>) = 4 [pid 5552] close(3) = 0 [pid 5051] rmdir("./78" [pid 5552] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... rmdir resumed>) = 0 [pid 5552] <... symlink resumed>) = 0 [pid 5552] memfd_create("syzkaller", 0 [pid 5051] mkdir("./79", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5552] <... memfd_create resumed>) = 3 [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5553 [pid 5552] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 ./strace-static-x86_64: Process 5553 attached [ 103.862022][ T5549] loop5: detected capacity change from 0 to 4096 [pid 5553] set_robust_list(0x555556629660, 24) = 0 [pid 5553] chdir("./79") = 0 [pid 5553] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5549] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5553] setpgid(0, 0) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5553] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5550] <... write resumed>) = 2097152 [pid 5553] <... openat resumed>) = 3 [pid 5553] write(3, "1000", 4) = 4 [pid 5553] close(3) = 0 [pid 5553] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5553] memfd_create("syzkaller", 0) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5553] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] newfstatat(AT_FDCWD, "./81/file0", [pid 5553] <... mmap resumed>) = 0x7f3b887a1000 [pid 5549] <... mount resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5550] munmap(0x7f3b887a1000, 138412032 [pid 5549] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5549] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5549] chdir("./file0" [pid 5551] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5549] <... chdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5549] ioctl(4, LOOP_CLR_FD [pid 5047] <... openat resumed>) = 4 [pid 5047] newfstatat(4, "", [pid 5549] <... ioctl resumed>) = 0 [ 103.929732][ T5549] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5549] close(4) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5549] exit_group(0 [pid 5047] getdents64(4, [pid 5550] <... munmap resumed>) = 0 [pid 5549] <... exit_group resumed>) = ? [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, [pid 5550] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5550] <... openat resumed>) = 4 [pid 5047] close(4) = 0 [pid 5047] rmdir("./81/file0" [pid 5550] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./81") = 0 [pid 5047] mkdir("./82", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5549] +++ exited with 0 +++ [pid 5047] <... openat resumed>) = 3 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5549, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5554 attached [pid 5550] <... ioctl resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", [pid 5554] set_robust_list(0x555556629660, 24 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5554 [pid 5554] <... set_robust_list resumed>) = 0 [pid 5550] close(3 [pid 5052] getdents64(3, [pid 5550] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5554] chdir("./82" [pid 5550] mkdir("./file0", 0777 [pid 5052] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5554] <... chdir resumed>) = 0 [pid 5550] <... mkdir resumed>) = 0 [ 103.996576][ T5550] loop1: detected capacity change from 0 to 4096 [pid 5052] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5554] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5550] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5554] <... prctl resumed>) = 0 [pid 5552] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] unlink("./79/binderfs" [pid 5551] <... write resumed>) = 2097152 [pid 5554] setpgid(0, 0 [pid 5553] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... unlink resumed>) = 0 [pid 5554] <... setpgid resumed>) = 0 [pid 5052] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5554] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5554] write(3, "1000", 4) = 4 [pid 5551] munmap(0x7f3b887a1000, 138412032 [pid 5554] close(3) = 0 [pid 5554] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5554] memfd_create("syzkaller", 0) = 3 [pid 5554] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5554] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./79/file0", [pid 5551] <... munmap resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 104.047395][ T5550] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5052] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5551] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] <... openat resumed>) = 4 [pid 5551] <... openat resumed>) = 4 [pid 5551] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5552] <... write resumed>) = 2097152 [pid 5052] close(4) = 0 [pid 5052] rmdir("./79/file0") = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5551] close(3 [pid 5052] close(3 [pid 5552] munmap(0x7f3b887a1000, 138412032 [pid 5551] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./79" [pid 5551] mkdir("./file0", 0777 [pid 5052] <... rmdir resumed>) = 0 [pid 5552] <... munmap resumed>) = 0 [pid 5551] <... mkdir resumed>) = 0 [pid 5552] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5551] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5552] <... openat resumed>) = 4 [pid 5052] mkdir("./80", 0777 [pid 5552] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5553] <... write resumed>) = 2097152 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5550] <... mount resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5550] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 104.104704][ T5551] loop2: detected capacity change from 0 to 4096 [ 104.143449][ T5552] loop3: detected capacity change from 0 to 4096 [pid 5052] close(3) = 0 [pid 5554] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5550] <... openat resumed>) = 3 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5550] chdir("./file0") = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5555 ./strace-static-x86_64: Process 5555 attached [pid 5550] ioctl(4, LOOP_CLR_FD [pid 5555] set_robust_list(0x555556629660, 24 [pid 5550] <... ioctl resumed>) = 0 [pid 5555] <... set_robust_list resumed>) = 0 [pid 5555] chdir("./80" [pid 5550] close(4 [pid 5555] <... chdir resumed>) = 0 [pid 5550] <... close resumed>) = 0 [pid 5550] exit_group(0) = ? [pid 5553] munmap(0x7f3b887a1000, 138412032 [pid 5550] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5550, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5555] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5555] <... prctl resumed>) = 0 [pid 5555] setpgid(0, 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5555] <... setpgid resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5555] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5553] <... munmap resumed>) = 0 [pid 5552] close(3) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5552] mkdir("./file0", 0777 [pid 5048] newfstatat(3, "", [pid 5555] <... openat resumed>) = 3 [pid 5552] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5555] write(3, "1000", 4 [pid 5553] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5552] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5048] getdents64(3, [pid 5555] <... write resumed>) = 4 [pid 5553] <... openat resumed>) = 4 [pid 5555] close(3) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5555] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5048] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 104.159812][ T5551] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 104.189071][ T5552] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5048] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5553] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5555] memfd_create("syzkaller", 0 [pid 5553] <... ioctl resumed>) = 0 [pid 5048] unlink("./80/binderfs") = 0 [pid 5048] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5048] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5555] <... memfd_create resumed>) = 3 [pid 5048] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5555] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5555] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./80/file0" [pid 5553] close(3 [pid 5048] <... rmdir resumed>) = 0 [pid 5554] <... write resumed>) = 2097152 [pid 5553] <... close resumed>) = 0 [pid 5551] <... mount resumed>) = 0 [pid 5048] getdents64(3, [pid 5551] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5554] munmap(0x7f3b887a1000, 138412032 [pid 5551] chdir("./file0" [pid 5553] mkdir("./file0", 0777 [pid 5551] <... chdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5553] <... mkdir resumed>) = 0 [pid 5551] ioctl(4, LOOP_CLR_FD [pid 5048] close(3 [pid 5551] <... ioctl resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./80" [ 104.205386][ T5553] loop4: detected capacity change from 0 to 4096 [pid 5551] close(4 [pid 5048] <... rmdir resumed>) = 0 [pid 5553] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5551] <... close resumed>) = 0 [pid 5048] mkdir("./81", 0777 [pid 5554] <... munmap resumed>) = 0 [pid 5551] exit_group(0 [pid 5048] <... mkdir resumed>) = 0 [pid 5554] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5551] <... exit_group resumed>) = ? [pid 5554] <... openat resumed>) = 4 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5554] ioctl(4, LOOP_SET_FD, 3 [pid 5551] +++ exited with 0 +++ [pid 5048] ioctl(3, LOOP_CLR_FD) = 0 [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5551, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- ./strace-static-x86_64: Process 5556 attached [pid 5049] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5556 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5556] set_robust_list(0x555556629660, 24 [pid 5049] unlink("./82/binderfs" [pid 5556] <... set_robust_list resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5552] <... mount resumed>) = 0 [pid 5552] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5556] chdir("./81" [pid 5554] <... ioctl resumed>) = 0 [pid 5552] <... openat resumed>) = 3 [pid 5556] <... chdir resumed>) = 0 [pid 5554] close(3 [pid 5552] chdir("./file0" [pid 5556] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5552] <... chdir resumed>) = 0 [pid 5556] <... prctl resumed>) = 0 [pid 5554] <... close resumed>) = 0 [pid 5552] ioctl(4, LOOP_CLR_FD [pid 5556] setpgid(0, 0 [pid 5554] mkdir("./file0", 0777 [pid 5556] <... setpgid resumed>) = 0 [pid 5554] <... mkdir resumed>) = 0 [pid 5552] <... ioctl resumed>) = 0 [pid 5556] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5554] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5556] <... openat resumed>) = 3 [ 104.256570][ T5553] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 104.272301][ T5554] loop0: detected capacity change from 0 to 4096 [pid 5552] close(4 [pid 5556] write(3, "1000", 4 [pid 5552] <... close resumed>) = 0 [pid 5552] exit_group(0) = ? [pid 5552] +++ exited with 0 +++ [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5552, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5050] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5556] <... write resumed>) = 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5556] close(3 [pid 5050] <... openat resumed>) = 3 [pid 5556] <... close resumed>) = 0 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5556] symlink("/dev/binderfs", "./binderfs" [pid 5555] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] getdents64(3, [pid 5553] <... mount resumed>) = 0 [pid 5556] <... symlink resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./81/binderfs", [pid 5553] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5553] <... openat resumed>) = 3 [pid 5050] unlink("./81/binderfs") = 0 [pid 5556] memfd_create("syzkaller", 0 [pid 5553] chdir("./file0" [pid 5050] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5553] <... chdir resumed>) = 0 [pid 5553] ioctl(4, LOOP_CLR_FD) = 0 [pid 5556] <... memfd_create resumed>) = 3 [pid 5553] close(4) = 0 [pid 5556] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5553] exit_group(0 [pid 5556] <... mmap resumed>) = 0x7f3b887a1000 [pid 5553] <... exit_group resumed>) = ? [pid 5553] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5553, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] <... umount2 resumed>) = 0 [ 104.318318][ T5554] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5051] umount2("./79", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] newfstatat(AT_FDCWD, "./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(3, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] umount2("./79/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(4, "", [pid 5051] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] getdents64(4, [pid 5051] unlink("./79/binderfs" [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... unlink resumed>) = 0 [pid 5049] getdents64(4, [pid 5051] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./82/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./82") = 0 [pid 5049] mkdir("./83", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5557 attached [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5557 [pid 5557] set_robust_list(0x555556629660, 24) = 0 [pid 5557] chdir("./83") = 0 [pid 5050] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5557] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5555] <... write resumed>) = 2097152 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./81/file0", [pid 5557] <... prctl resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5557] setpgid(0, 0 [pid 5050] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5555] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5557] <... setpgid resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] newfstatat(4, "", [pid 5557] <... openat resumed>) = 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5557] write(3, "1000", 4 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5557] <... write resumed>) = 4 [pid 5050] close(4 [pid 5557] close(3 [pid 5050] <... close resumed>) = 0 [pid 5557] <... close resumed>) = 0 [pid 5050] rmdir("./81/file0" [pid 5557] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... rmdir resumed>) = 0 [pid 5557] <... symlink resumed>) = 0 [pid 5050] getdents64(3, [pid 5557] memfd_create("syzkaller", 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./81") = 0 [pid 5050] mkdir("./82", 0777) = 0 [pid 5557] <... memfd_create resumed>) = 3 [pid 5051] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5557] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 3 [pid 5557] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] newfstatat(AT_FDCWD, "./79/file0", [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5554] <... mount resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] close(3 [pid 5051] umount2("./79/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5554] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... close resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5555] <... munmap resumed>) = 0 [pid 5554] <... openat resumed>) = 3 [pid 5051] <... openat resumed>) = 4 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5556] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5555] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5555] ioctl(4, LOOP_SET_FD, 3 [pid 5554] chdir("./file0" [pid 5051] newfstatat(4, "", [pid 5554] <... chdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5558 attached [pid 5554] ioctl(4, LOOP_CLR_FD [pid 5051] getdents64(4, [pid 5558] set_robust_list(0x555556629660, 24 [pid 5554] <... ioctl resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5558] <... set_robust_list resumed>) = 0 [pid 5554] close(4 [pid 5051] getdents64(4, [pid 5558] chdir("./82" [pid 5554] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5558] <... chdir resumed>) = 0 [pid 5554] exit_group(0 [pid 5051] close(4 [pid 5558] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5554] <... exit_group resumed>) = ? [pid 5051] <... close resumed>) = 0 [pid 5558] <... prctl resumed>) = 0 [pid 5554] +++ exited with 0 +++ [pid 5051] rmdir("./79/file0" [pid 5558] setpgid(0, 0 [pid 5555] <... ioctl resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5558 [pid 5558] <... setpgid resumed>) = 0 [pid 5051] getdents64(3, [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5554, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5555] close(3 [pid 5558] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5558] <... openat resumed>) = 3 [pid 5555] <... close resumed>) = 0 [pid 5051] close(3 [pid 5558] write(3, "1000", 4 [pid 5555] mkdir("./file0", 0777 [pid 5051] <... close resumed>) = 0 [pid 5558] <... write resumed>) = 4 [pid 5558] close(3 [pid 5051] rmdir("./79" [pid 5558] <... close resumed>) = 0 [pid 5555] <... mkdir resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5047] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5558] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5555] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5047] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5558] memfd_create("syzkaller", 0 [pid 5051] mkdir("./80", 0777 [pid 5047] <... openat resumed>) = 3 [pid 5051] <... mkdir resumed>) = 0 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5047] getdents64(3, [pid 5051] <... openat resumed>) = 3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5047] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] close(3 [pid 5047] newfstatat(AT_FDCWD, "./82/binderfs", [pid 5051] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./82/binderfs") = 0 [pid 5047] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5559 ./strace-static-x86_64: Process 5559 attached [pid 5559] set_robust_list(0x555556629660, 24) = 0 [pid 5558] <... memfd_create resumed>) = 3 [pid 5559] chdir("./80" [pid 5558] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5556] <... write resumed>) = 2097152 [pid 5559] <... chdir resumed>) = 0 [pid 5559] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5556] munmap(0x7f3b887a1000, 138412032 [pid 5559] <... prctl resumed>) = 0 [pid 5559] setpgid(0, 0 [pid 5557] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5556] <... munmap resumed>) = 0 [pid 5559] <... setpgid resumed>) = 0 [ 104.473275][ T5555] loop5: detected capacity change from 0 to 4096 [ 104.513145][ T5555] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5559] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5556] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5559] <... openat resumed>) = 3 [pid 5559] write(3, "1000", 4) = 4 [pid 5556] <... openat resumed>) = 4 [pid 5559] close(3) = 0 [pid 5559] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5559] memfd_create("syzkaller", 0 [pid 5556] ioctl(4, LOOP_SET_FD, 3 [pid 5559] <... memfd_create resumed>) = 3 [pid 5559] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] <... umount2 resumed>) = 0 [pid 5047] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5556] <... ioctl resumed>) = 0 [pid 5556] close(3 [pid 5047] getdents64(4, [pid 5556] <... close resumed>) = 0 [pid 5556] mkdir("./file0", 0777 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5556] <... mkdir resumed>) = 0 [pid 5047] close(4 [ 104.567476][ T5556] loop1: detected capacity change from 0 to 4096 [pid 5556] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5047] <... close resumed>) = 0 [pid 5558] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5555] <... mount resumed>) = 0 [pid 5555] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5555] chdir("./file0" [pid 5047] rmdir("./82/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5555] <... chdir resumed>) = 0 [pid 5047] close(3 [pid 5555] ioctl(4, LOOP_CLR_FD) = 0 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./82" [pid 5555] close(4) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5555] exit_group(0 [pid 5047] mkdir("./83", 0777 [pid 5555] <... exit_group resumed>) = ? [pid 5047] <... mkdir resumed>) = 0 [pid 5555] +++ exited with 0 +++ [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5555, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5047] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5559] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] close(3 [pid 5052] <... openat resumed>) = 3 [pid 5047] <... close resumed>) = 0 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5560 attached [pid 5557] <... write resumed>) = 2097152 [pid 5052] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5560] set_robust_list(0x555556629660, 24 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5560] <... set_robust_list resumed>) = 0 [pid 5052] unlink("./80/binderfs" [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5560 [pid 5560] chdir("./83" [pid 5557] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... unlink resumed>) = 0 [pid 5560] <... chdir resumed>) = 0 [pid 5052] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5560] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 104.625350][ T5556] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5560] setpgid(0, 0) = 0 [pid 5557] <... munmap resumed>) = 0 [pid 5557] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5557] ioctl(4, LOOP_SET_FD, 3 [pid 5560] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... umount2 resumed>) = 0 [pid 5560] <... openat resumed>) = 3 [pid 5560] write(3, "1000", 4) = 4 [pid 5557] <... ioctl resumed>) = 0 [pid 5557] close(3) = 0 [pid 5557] mkdir("./file0", 0777 [pid 5560] close(3 [pid 5558] <... write resumed>) = 2097152 [pid 5557] <... mkdir resumed>) = 0 [pid 5557] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5560] <... close resumed>) = 0 [pid 5558] munmap(0x7f3b887a1000, 138412032 [pid 5052] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5560] symlink("/dev/binderfs", "./binderfs" [pid 5558] <... munmap resumed>) = 0 [pid 5560] <... symlink resumed>) = 0 [pid 5560] memfd_create("syzkaller", 0 [pid 5559] <... write resumed>) = 2097152 [pid 5558] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5560] <... memfd_create resumed>) = 3 [pid 5558] <... openat resumed>) = 4 [pid 5052] newfstatat(AT_FDCWD, "./80/file0", [pid 5560] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5558] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5560] <... mmap resumed>) = 0x7f3b887a1000 [ 104.697714][ T5557] loop2: detected capacity change from 0 to 4096 [ 104.732842][ T5557] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5559] munmap(0x7f3b887a1000, 138412032 [pid 5052] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5556] <... mount resumed>) = 0 [pid 5559] <... munmap resumed>) = 0 [pid 5558] <... ioctl resumed>) = 0 [pid 5557] <... mount resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5558] close(3 [pid 5557] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... openat resumed>) = 4 [pid 5558] <... close resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5557] <... openat resumed>) = 3 [pid 5558] mkdir("./file0", 0777 [pid 5557] chdir("./file0" [pid 5556] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5557] <... chdir resumed>) = 0 [pid 5556] <... openat resumed>) = 3 [pid 5052] getdents64(4, [pid 5559] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5558] <... mkdir resumed>) = 0 [pid 5557] ioctl(4, LOOP_CLR_FD [pid 5556] chdir("./file0" [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5559] <... openat resumed>) = 4 [pid 5558] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5557] <... ioctl resumed>) = 0 [pid 5556] <... chdir resumed>) = 0 [ 104.745790][ T5558] loop3: detected capacity change from 0 to 4096 [pid 5052] getdents64(4, [pid 5559] ioctl(4, LOOP_SET_FD, 3 [pid 5557] close(4 [pid 5556] ioctl(4, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5557] <... close resumed>) = 0 [pid 5556] <... ioctl resumed>) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./80/file0" [pid 5556] close(4) = 0 [pid 5556] exit_group(0) = ? [pid 5052] <... rmdir resumed>) = 0 [pid 5557] exit_group(0 [pid 5556] +++ exited with 0 +++ [pid 5052] getdents64(3, [pid 5557] <... exit_group resumed>) = ? [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5556, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5557] +++ exited with 0 +++ [pid 5052] close(3 [pid 5048] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5557, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] rmdir("./80" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] newfstatat(3, "", [pid 5049] <... openat resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] newfstatat(3, "", [pid 5048] getdents64(3, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] mkdir("./81", 0777 [pid 5049] getdents64(3, [pid 5048] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(AT_FDCWD, "./81/binderfs", [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] newfstatat(AT_FDCWD, "./83/binderfs", [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./81/binderfs") = 0 [pid 5049] unlink("./83/binderfs" [pid 5048] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... unlink resumed>) = 0 [ 104.779866][ T5558] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 104.780304][ T5559] loop4: detected capacity change from 0 to 4096 [pid 5049] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5559] <... ioctl resumed>) = 0 [pid 5560] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5558] <... mount resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5558] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5559] close(3 [pid 5558] <... openat resumed>) = 3 [pid 5052] close(3 [pid 5049] newfstatat(AT_FDCWD, "./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5559] <... close resumed>) = 0 [pid 5559] mkdir("./file0", 0777./strace-static-x86_64: Process 5561 attached ) = 0 [pid 5558] chdir("./file0" [pid 5049] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5561] set_robust_list(0x555556629660, 24 [pid 5559] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5558] <... chdir resumed>) = 0 [pid 5561] <... set_robust_list resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5561 [pid 5049] <... openat resumed>) = 4 [pid 5561] chdir("./81" [pid 5049] newfstatat(4, "", [pid 5561] <... chdir resumed>) = 0 [pid 5558] ioctl(4, LOOP_CLR_FD [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5561] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5558] <... ioctl resumed>) = 0 [pid 5049] getdents64(4, [pid 5048] <... umount2 resumed>) = 0 [pid 5561] <... prctl resumed>) = 0 [pid 5558] close(4 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5561] setpgid(0, 0 [pid 5049] getdents64(4, [pid 5558] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5561] <... setpgid resumed>) = 0 [pid 5049] close(4 [pid 5048] newfstatat(AT_FDCWD, "./81/file0", [pid 5561] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5560] <... write resumed>) = 2097152 [pid 5558] exit_group(0 [pid 5049] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] rmdir("./83/file0" [pid 5048] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5561] <... openat resumed>) = 3 [pid 5560] munmap(0x7f3b887a1000, 138412032 [pid 5558] <... exit_group resumed>) = ? [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5561] write(3, "1000", 4 [pid 5049] getdents64(3, [pid 5048] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5049] close(3 [pid 5048] newfstatat(4, "", [pid 5561] <... write resumed>) = 4 [pid 5049] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5561] close(3 [pid 5049] rmdir("./83" [pid 5048] getdents64(4, [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] mkdir("./84", 0777 [pid 5048] getdents64(4, [pid 5561] <... close resumed>) = 0 [pid 5561] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5561] <... symlink resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] close(4) = 0 [pid 5561] memfd_create("syzkaller", 0 [pid 5560] <... munmap resumed>) = 0 [pid 5558] +++ exited with 0 +++ [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] rmdir("./81/file0") = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5558, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5561] <... memfd_create resumed>) = 3 [pid 5560] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5050] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 3 [pid 5048] getdents64(3, [pid 5561] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5560] <... openat resumed>) = 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5561] <... mmap resumed>) = 0x7f3b887a1000 [pid 5560] ioctl(4, LOOP_SET_FD, 3 [pid 5049] close(3 [pid 5048] <... close resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [ 104.856964][ T5559] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5048] rmdir("./81" [pid 5050] newfstatat(3, "", [pid 5049] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5562 attached [pid 5560] <... ioctl resumed>) = 0 [pid 5559] <... mount resumed>) = 0 [pid 5050] getdents64(3, [pid 5048] mkdir("./82", 0777 [pid 5562] set_robust_list(0x555556629660, 24 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5562] <... set_robust_list resumed>) = 0 [pid 5560] close(3 [pid 5559] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5562 [pid 5048] <... mkdir resumed>) = 0 [pid 5559] <... openat resumed>) = 3 [pid 5562] chdir("./84" [pid 5560] <... close resumed>) = 0 [pid 5559] chdir("./file0" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5562] <... chdir resumed>) = 0 [pid 5560] mkdir("./file0", 0777 [pid 5559] <... chdir resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./82/binderfs", [pid 5559] ioctl(4, LOOP_CLR_FD [pid 5048] <... openat resumed>) = 3 [pid 5559] <... ioctl resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5559] close(4 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5559] <... close resumed>) = 0 [pid 5048] close(3 [pid 5559] exit_group(0 [pid 5050] unlink("./82/binderfs" [pid 5048] <... close resumed>) = 0 [pid 5562] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5560] <... mkdir resumed>) = 0 [pid 5559] <... exit_group resumed>) = ? [pid 5050] <... unlink resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5562] <... prctl resumed>) = 0 [pid 5560] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5050] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5563 attached [ 104.908037][ T5560] loop0: detected capacity change from 0 to 4096 [pid 5562] setpgid(0, 0 [pid 5559] +++ exited with 0 +++ [pid 5563] set_robust_list(0x555556629660, 24 [pid 5050] <... umount2 resumed>) = 0 [pid 5563] <... set_robust_list resumed>) = 0 [pid 5563] chdir("./82") = 0 [pid 5563] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5563] setpgid(0, 0) = 0 [pid 5562] <... setpgid resumed>) = 0 [pid 5050] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5563 [pid 5563] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5562] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5559, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5563] <... openat resumed>) = 3 [pid 5562] <... openat resumed>) = 3 [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5050] newfstatat(AT_FDCWD, "./82/file0", [pid 5563] write(3, "1000", 4 [pid 5562] write(3, "1000", 4 [pid 5051] <... restart_syscall resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5563] <... write resumed>) = 4 [pid 5050] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5563] close(3 [pid 5562] <... write resumed>) = 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5563] <... close resumed>) = 0 [pid 5562] close(3 [pid 5051] umount2("./80", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5563] symlink("/dev/binderfs", "./binderfs" [pid 5562] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 4 [pid 5563] <... symlink resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] newfstatat(4, "", [pid 5051] <... openat resumed>) = 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5562] symlink("/dev/binderfs", "./binderfs" [pid 5051] newfstatat(3, "", [pid 5050] getdents64(4, [pid 5563] memfd_create("syzkaller", 0 [pid 5562] <... symlink resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] getdents64(3, [pid 5050] close(4 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... close resumed>) = 0 [pid 5051] umount2("./80/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] rmdir("./82/file0" [ 104.954321][ T5560] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5563] <... memfd_create resumed>) = 3 [pid 5051] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5050] <... rmdir resumed>) = 0 [pid 5563] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5562] memfd_create("syzkaller", 0 [pid 5561] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5563] <... mmap resumed>) = 0x7f3b887a1000 [pid 5562] <... memfd_create resumed>) = 3 [pid 5560] <... mount resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] getdents64(3, [pid 5562] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5562] <... mmap resumed>) = 0x7f3b887a1000 [pid 5560] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] unlink("./80/binderfs" [pid 5050] close(3) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5560] <... openat resumed>) = 3 [pid 5050] rmdir("./82" [pid 5560] chdir("./file0" [pid 5050] <... rmdir resumed>) = 0 [pid 5560] <... chdir resumed>) = 0 [pid 5560] ioctl(4, LOOP_CLR_FD) = 0 [pid 5051] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] mkdir("./83", 0777 [pid 5560] close(4 [pid 5050] <... mkdir resumed>) = 0 [pid 5560] <... close resumed>) = 0 [pid 5560] exit_group(0 [pid 5051] <... umount2 resumed>) = 0 [pid 5560] <... exit_group resumed>) = ? [pid 5051] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 3 [pid 5051] newfstatat(AT_FDCWD, "./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5560] +++ exited with 0 +++ [pid 5051] umount2("./80/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5560, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5050] close(3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... close resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] newfstatat(4, "", [pid 5047] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5564 attached [pid 5051] getdents64(4, [pid 5047] newfstatat(3, "", [pid 5564] set_robust_list(0x555556629660, 24 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5564] <... set_robust_list resumed>) = 0 [pid 5051] getdents64(4, [pid 5047] getdents64(3, [pid 5564] chdir("./83" [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5564 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5564] <... chdir resumed>) = 0 [pid 5051] close(4 [pid 5047] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5564] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5562] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5561] <... write resumed>) = 2097152 [pid 5051] rmdir("./80/file0" [pid 5047] newfstatat(AT_FDCWD, "./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./83/binderfs") = 0 [pid 5047] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5564] <... prctl resumed>) = 0 [pid 5563] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... rmdir resumed>) = 0 [pid 5564] setpgid(0, 0 [pid 5051] getdents64(3, [pid 5564] <... setpgid resumed>) = 0 [pid 5561] munmap(0x7f3b887a1000, 138412032 [pid 5564] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3 [pid 5564] <... openat resumed>) = 3 [pid 5564] write(3, "1000", 4 [pid 5051] <... close resumed>) = 0 [pid 5564] <... write resumed>) = 4 [pid 5051] rmdir("./80" [pid 5564] close(3) = 0 [pid 5564] symlink("/dev/binderfs", "./binderfs" [pid 5561] <... munmap resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5564] <... symlink resumed>) = 0 [pid 5561] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] mkdir("./81", 0777 [pid 5561] <... openat resumed>) = 4 [pid 5561] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... mkdir resumed>) = 0 [pid 5564] memfd_create("syzkaller", 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5047] <... umount2 resumed>) = 0 [pid 5047] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./83/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./83") = 0 [pid 5047] mkdir("./84", 0777) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] close(3 [pid 5564] <... memfd_create resumed>) = 3 [pid 5564] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5564] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... ioctl resumed>) = 0 [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5566 attached ./strace-static-x86_64: Process 5565 attached [pid 5561] <... ioctl resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5566 [pid 5566] set_robust_list(0x555556629660, 24 [pid 5565] set_robust_list(0x555556629660, 24 [pid 5561] close(3 [pid 5566] <... set_robust_list resumed>) = 0 [pid 5565] <... set_robust_list resumed>) = 0 [pid 5561] <... close resumed>) = 0 [pid 5566] chdir("./84" [pid 5565] chdir("./81" [pid 5561] mkdir("./file0", 0777 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5565 [pid 5565] <... chdir resumed>) = 0 [pid 5561] <... mkdir resumed>) = 0 [pid 5566] <... chdir resumed>) = 0 [pid 5565] prctl(PR_SET_PDEATHSIG, SIGKILL [ 105.136987][ T5561] loop5: detected capacity change from 0 to 4096 [pid 5561] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5566] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5565] <... prctl resumed>) = 0 [pid 5565] setpgid(0, 0 [pid 5566] <... prctl resumed>) = 0 [pid 5565] <... setpgid resumed>) = 0 [pid 5566] setpgid(0, 0 [pid 5565] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5566] <... setpgid resumed>) = 0 [pid 5566] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5565] write(3, "1000", 4) = 4 [pid 5566] <... openat resumed>) = 3 [pid 5566] write(3, "1000", 4) = 4 [pid 5566] close(3) = 0 [pid 5566] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5565] close(3) = 0 [pid 5565] symlink("/dev/binderfs", "./binderfs" [pid 5566] memfd_create("syzkaller", 0 [pid 5565] <... symlink resumed>) = 0 [pid 5563] <... write resumed>) = 2097152 [pid 5566] <... memfd_create resumed>) = 3 [pid 5565] memfd_create("syzkaller", 0 [pid 5563] munmap(0x7f3b887a1000, 138412032 [pid 5566] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5565] <... memfd_create resumed>) = 3 [pid 5563] <... munmap resumed>) = 0 [pid 5562] <... write resumed>) = 2097152 [pid 5566] <... mmap resumed>) = 0x7f3b887a1000 [ 105.180540][ T5561] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5565] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5562] munmap(0x7f3b887a1000, 138412032 [pid 5561] <... mount resumed>) = 0 [pid 5562] <... munmap resumed>) = 0 [pid 5563] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5561] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5563] <... openat resumed>) = 4 [pid 5561] <... openat resumed>) = 3 [pid 5563] ioctl(4, LOOP_SET_FD, 3 [pid 5561] chdir("./file0" [pid 5564] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5562] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5561] <... chdir resumed>) = 0 [pid 5562] <... openat resumed>) = 4 [pid 5561] ioctl(4, LOOP_CLR_FD) = 0 [pid 5561] close(4) = 0 [pid 5561] exit_group(0) = ? [pid 5561] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5561, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5562] ioctl(4, LOOP_SET_FD, 3 [pid 5563] <... ioctl resumed>) = 0 [pid 5563] close(3 [pid 5052] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5563] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5563] mkdir("./file0", 0777) = 0 [ 105.267856][ T5563] loop1: detected capacity change from 0 to 4096 [ 105.293982][ T5562] loop2: detected capacity change from 0 to 4096 [pid 5563] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5562] <... ioctl resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", [pid 5564] <... write resumed>) = 2097152 [pid 5562] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5564] munmap(0x7f3b887a1000, 138412032 [pid 5562] <... close resumed>) = 0 [pid 5052] getdents64(3, [pid 5562] mkdir("./file0", 0777) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5562] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./81/binderfs", [pid 5565] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5564] <... munmap resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./81/binderfs") = 0 [pid 5566] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5564] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5564] <... openat resumed>) = 4 [pid 5052] <... umount2 resumed>) = 0 [pid 5564] ioctl(4, LOOP_SET_FD, 3 [pid 5563] <... mount resumed>) = 0 [pid 5563] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5563] chdir("./file0") = 0 [pid 5563] ioctl(4, LOOP_CLR_FD) = 0 [pid 5052] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5563] close(4) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5563] exit_group(0 [pid 5052] newfstatat(AT_FDCWD, "./81/file0", [pid 5563] <... exit_group resumed>) = ? [pid 5563] +++ exited with 0 +++ [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5563, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5048] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5048] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5564] <... ioctl resumed>) = 0 [pid 5052] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5564] close(3 [pid 5048] getdents64(3, [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5564] <... close resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5564] mkdir("./file0", 0777 [pid 5052] <... openat resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 105.317231][ T5563] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 105.336874][ T5562] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 105.360585][ T5564] loop3: detected capacity change from 0 to 4096 [pid 5048] newfstatat(AT_FDCWD, "./82/binderfs", [pid 5564] <... mkdir resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] unlink("./82/binderfs" [pid 5564] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5048] <... unlink resumed>) = 0 [pid 5562] <... mount resumed>) = 0 [pid 5565] <... write resumed>) = 2097152 [pid 5052] getdents64(4, [pid 5048] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5562] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5565] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5562] chdir("./file0" [pid 5052] close(4 [pid 5562] <... chdir resumed>) = 0 [pid 5562] ioctl(4, LOOP_CLR_FD) = 0 [pid 5562] close(4 [pid 5052] <... close resumed>) = 0 [pid 5562] <... close resumed>) = 0 [pid 5562] exit_group(0 [pid 5566] <... write resumed>) = 2097152 [pid 5562] <... exit_group resumed>) = ? [pid 5052] rmdir("./81/file0") = 0 [pid 5566] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5565] <... munmap resumed>) = 0 [pid 5052] getdents64(3, [pid 5565] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5562] +++ exited with 0 +++ [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5562, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5052] close(3 [pid 5565] <... openat resumed>) = 4 [pid 5052] <... close resumed>) = 0 [pid 5565] ioctl(4, LOOP_SET_FD, 3 [pid 5052] rmdir("./81" [pid 5049] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5566] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5566] <... openat resumed>) = 4 [ 105.403284][ T5564] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5049] getdents64(3, [pid 5566] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] mkdir("./82", 0777 [pid 5048] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5566] <... ioctl resumed>) = 0 [pid 5565] <... ioctl resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5048] newfstatat(AT_FDCWD, "./82/file0", [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5049] unlink("./84/binderfs" [pid 5048] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5566] close(3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... unlink resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5566] <... close resumed>) = 0 [pid 5565] close(3 [pid 5052] close(3 [pid 5049] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5566] mkdir("./file0", 0777 [pid 5565] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5566] <... mkdir resumed>) = 0 [pid 5565] mkdir("./file0", 0777 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] newfstatat(4, "", [pid 5565] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5566] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5565] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [ 105.458214][ T5565] loop4: detected capacity change from 0 to 4096 [ 105.458606][ T5566] loop0: detected capacity change from 0 to 4096 [pid 5048] close(4 [pid 5564] <... mount resumed>) = 0 [pid 5048] <... close resumed>) = 0 ./strace-static-x86_64: Process 5567 attached [pid 5564] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] rmdir("./82/file0" [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5567 [pid 5048] <... rmdir resumed>) = 0 [pid 5567] set_robust_list(0x555556629660, 24 [pid 5564] <... openat resumed>) = 3 [pid 5048] getdents64(3, [pid 5567] <... set_robust_list resumed>) = 0 [pid 5564] chdir("./file0" [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5567] chdir("./82" [pid 5048] close(3) = 0 [pid 5048] rmdir("./82" [pid 5567] <... chdir resumed>) = 0 [pid 5564] <... chdir resumed>) = 0 [pid 5567] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5564] ioctl(4, LOOP_CLR_FD [pid 5048] <... rmdir resumed>) = 0 [pid 5567] <... prctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5564] <... ioctl resumed>) = 0 [pid 5567] setpgid(0, 0 [pid 5564] close(4 [pid 5049] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] mkdir("./83", 0777 [pid 5567] <... setpgid resumed>) = 0 [pid 5564] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... mkdir resumed>) = 0 [pid 5564] exit_group(0 [pid 5049] newfstatat(AT_FDCWD, "./84/file0", [pid 5567] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5564] <... exit_group resumed>) = ? [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5049] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5564] +++ exited with 0 +++ [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5564, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5049] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5567] <... openat resumed>) = 3 [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5049] <... openat resumed>) = 4 [pid 5048] close(3 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5048] <... close resumed>) = 0 [pid 5567] write(3, "1000", 4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5567] <... write resumed>) = 4 [ 105.500789][ T5565] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 105.510737][ T5566] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 5568 attached [pid 5567] close(3 [pid 5050] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(4, [pid 5568] set_robust_list(0x555556629660, 24 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5568] <... set_robust_list resumed>) = 0 [pid 5567] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5568 [pid 5050] <... openat resumed>) = 3 [pid 5568] chdir("./83" [pid 5049] getdents64(4, [pid 5567] symlink("/dev/binderfs", "./binderfs" [pid 5568] <... chdir resumed>) = 0 [pid 5567] <... symlink resumed>) = 0 [pid 5050] newfstatat(3, "", [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5568] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] close(4 [pid 5568] <... prctl resumed>) = 0 [pid 5567] memfd_create("syzkaller", 0 [pid 5050] getdents64(3, [pid 5049] <... close resumed>) = 0 [pid 5568] setpgid(0, 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] rmdir("./84/file0" [pid 5568] <... setpgid resumed>) = 0 [pid 5050] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5568] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5568] <... openat resumed>) = 3 [pid 5567] <... memfd_create resumed>) = 3 [pid 5565] <... mount resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./83/binderfs", [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5568] write(3, "1000", 4 [pid 5567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5566] <... mount resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] close(3 [pid 5565] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5567] <... mmap resumed>) = 0x7f3b887a1000 [pid 5565] <... openat resumed>) = 3 [pid 5568] <... write resumed>) = 4 [pid 5050] unlink("./83/binderfs" [pid 5049] <... close resumed>) = 0 [pid 5566] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5566] chdir("./file0" [pid 5568] close(3 [pid 5565] chdir("./file0" [pid 5050] <... unlink resumed>) = 0 [pid 5049] rmdir("./84" [pid 5566] <... chdir resumed>) = 0 [pid 5566] ioctl(4, LOOP_CLR_FD) = 0 [pid 5566] close(4 [pid 5568] <... close resumed>) = 0 [pid 5566] <... close resumed>) = 0 [pid 5568] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... rmdir resumed>) = 0 [pid 5050] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5566] exit_group(0 [pid 5565] <... chdir resumed>) = 0 [pid 5566] <... exit_group resumed>) = ? [pid 5566] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5566, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5047] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5047] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5565] ioctl(4, LOOP_CLR_FD [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./84/binderfs" [pid 5568] <... symlink resumed>) = 0 [pid 5565] <... ioctl resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5047] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5565] close(4 [pid 5049] mkdir("./85", 0777 [pid 5565] <... close resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5565] exit_group(0 [pid 5568] memfd_create("syzkaller", 0 [pid 5565] <... exit_group resumed>) = ? [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5568] <... memfd_create resumed>) = 3 [pid 5565] +++ exited with 0 +++ [pid 5049] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5565, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5568] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5568] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... close resumed>) = 0 [pid 5047] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./81", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5569 attached [pid 5051] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5569] set_robust_list(0x555556629660, 24 [pid 5051] <... openat resumed>) = 3 [pid 5050] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5569 [pid 5047] newfstatat(AT_FDCWD, "./84/file0", [pid 5569] <... set_robust_list resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5569] chdir("./85" [pid 5567] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] newfstatat(AT_FDCWD, "./83/file0", [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5569] <... chdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5569] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5050] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5569] setpgid(0, 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] umount2("./81/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5569] <... setpgid resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5569] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... openat resumed>) = 4 [pid 5047] <... openat resumed>) = 4 [pid 5050] newfstatat(4, "", [pid 5047] newfstatat(4, "", [pid 5569] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] getdents64(4, [pid 5051] newfstatat(AT_FDCWD, "./81/binderfs", [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] getdents64(4, [pid 5051] unlink("./81/binderfs" [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... unlink resumed>) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5569] write(3, "1000", 4 [pid 5051] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5569] <... write resumed>) = 4 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5569] close(3 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] close(4 [pid 5047] close(4 [pid 5569] <... close resumed>) = 0 [pid 5051] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5569] symlink("/dev/binderfs", "./binderfs" [pid 5051] newfstatat(AT_FDCWD, "./81/file0", [pid 5050] rmdir("./83/file0" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... close resumed>) = 0 [pid 5569] <... symlink resumed>) = 0 [pid 5051] umount2("./81/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] rmdir("./84/file0" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... rmdir resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5569] memfd_create("syzkaller", 0 [pid 5051] newfstatat(4, "", [pid 5050] getdents64(3, [pid 5047] close(3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] close(3 [pid 5051] getdents64(4, [pid 5569] <... memfd_create resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5050] rmdir("./83" [pid 5047] rmdir("./84" [pid 5569] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... rmdir resumed>) = 0 [pid 5051] getdents64(4, [pid 5569] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5567] <... write resumed>) = 2097152 [pid 5051] close(4 [pid 5050] <... rmdir resumed>) = 0 [pid 5047] mkdir("./85", 0777 [pid 5567] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... close resumed>) = 0 [pid 5050] mkdir("./84", 0777 [pid 5567] <... munmap resumed>) = 0 [pid 5051] rmdir("./81/file0" [pid 5050] <... mkdir resumed>) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] <... rmdir resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5568] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] getdents64(3, [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5570 attached [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5570 [pid 5570] set_robust_list(0x555556629660, 24) = 0 [pid 5570] chdir("./85") = 0 [pid 5570] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5567] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5570] <... prctl resumed>) = 0 [pid 5567] <... openat resumed>) = 4 [pid 5051] close(3 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5570] setpgid(0, 0 [pid 5567] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... close resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5570] <... setpgid resumed>) = 0 [pid 5051] rmdir("./81" [pid 5050] close(3 [pid 5570] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5570] write(3, "1000", 4) = 4 [pid 5570] close(3) = 0 [pid 5570] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5570] memfd_create("syzkaller", 0) = 3 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] mkdir("./82", 0777 [pid 5570] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 5571 attached [pid 5051] <... mkdir resumed>) = 0 [pid 5571] set_robust_list(0x555556629660, 24) = 0 [pid 5570] <... mmap resumed>) = 0x7f3b887a1000 [pid 5567] <... ioctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5571 [pid 5571] chdir("./84" [pid 5569] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5567] close(3 [pid 5571] <... chdir resumed>) = 0 [pid 5567] <... close resumed>) = 0 [pid 5567] mkdir("./file0", 0777 [pid 5571] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5571] setpgid(0, 0 [pid 5567] <... mkdir resumed>) = 0 [pid 5571] <... setpgid resumed>) = 0 [pid 5568] <... write resumed>) = 2097152 [pid 5567] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [ 105.747720][ T5567] loop5: detected capacity change from 0 to 4096 [pid 5571] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5569] <... write resumed>) = 2097152 [pid 5568] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... openat resumed>) = 3 [pid 5571] write(3, "1000", 4 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 5571] <... write resumed>) = 4 [pid 5051] <... close resumed>) = 0 [pid 5571] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5569] munmap(0x7f3b887a1000, 138412032 [pid 5568] <... munmap resumed>) = 0 [pid 5571] symlink("/dev/binderfs", "./binderfs" [pid 5569] <... munmap resumed>) = 0 [pid 5571] <... symlink resumed>) = 0 [pid 5568] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5572 attached [pid 5571] memfd_create("syzkaller", 0 [pid 5568] <... openat resumed>) = 4 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5572 [pid 5569] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5568] ioctl(4, LOOP_SET_FD, 3 [pid 5572] set_robust_list(0x555556629660, 24 [pid 5571] <... memfd_create resumed>) = 3 [pid 5570] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5569] <... openat resumed>) = 4 [ 105.812077][ T5567] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5572] <... set_robust_list resumed>) = 0 [pid 5572] chdir("./82") = 0 [pid 5572] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5572] setpgid(0, 0) = 0 [pid 5572] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5572] write(3, "1000", 4) = 4 [pid 5572] close(3) = 0 [pid 5572] symlink("/dev/binderfs", "./binderfs" [pid 5569] ioctl(4, LOOP_SET_FD, 3 [pid 5572] <... symlink resumed>) = 0 [pid 5571] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5572] memfd_create("syzkaller", 0) = 3 [pid 5572] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5571] <... mmap resumed>) = 0x7f3b887a1000 [pid 5572] <... mmap resumed>) = 0x7f3b887a1000 [pid 5567] <... mount resumed>) = 0 [pid 5567] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5567] chdir("./file0") = 0 [pid 5567] ioctl(4, LOOP_CLR_FD [pid 5569] <... ioctl resumed>) = 0 [pid 5569] close(3) = 0 [pid 5570] <... write resumed>) = 2097152 [pid 5569] mkdir("./file0", 0777 [pid 5567] <... ioctl resumed>) = 0 [pid 5568] <... ioctl resumed>) = 0 [pid 5569] <... mkdir resumed>) = 0 [pid 5567] close(4 [pid 5569] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5567] <... close resumed>) = 0 [pid 5568] close(3 [pid 5567] exit_group(0) = ? [ 105.861134][ T5568] loop1: detected capacity change from 0 to 4096 [ 105.868969][ T5569] loop2: detected capacity change from 0 to 4096 [pid 5568] <... close resumed>) = 0 [pid 5567] +++ exited with 0 +++ [pid 5571] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5568] mkdir("./file0", 0777) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5567, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5570] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... restart_syscall resumed>) = 0 [pid 5568] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5572] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5570] <... munmap resumed>) = 0 [pid 5570] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5570] ioctl(4, LOOP_SET_FD, 3 [pid 5052] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5570] <... ioctl resumed>) = 0 [pid 5570] close(3) = 0 [pid 5570] mkdir("./file0", 0777 [pid 5052] newfstatat(3, "", [pid 5570] <... mkdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 105.932011][ T5569] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 105.946342][ T5568] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 105.957293][ T5570] loop0: detected capacity change from 0 to 4096 [pid 5570] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5568] <... mount resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5568] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5568] chdir("./file0") = 0 [pid 5568] ioctl(4, LOOP_CLR_FD) = 0 [pid 5052] newfstatat(AT_FDCWD, "./82/binderfs", [pid 5568] close(4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5572] <... write resumed>) = 2097152 [pid 5568] <... close resumed>) = 0 [pid 5052] unlink("./82/binderfs" [pid 5568] exit_group(0) = ? [pid 5572] munmap(0x7f3b887a1000, 138412032 [pid 5571] <... write resumed>) = 2097152 [pid 5568] +++ exited with 0 +++ [pid 5052] <... unlink resumed>) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5568, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5571] munmap(0x7f3b887a1000, 138412032 [pid 5052] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5052] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] newfstatat(AT_FDCWD, "./82/file0", [pid 5048] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(3, "", [pid 5052] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... openat resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./83/binderfs", [pid 5052] newfstatat(4, "", [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, [pid 5048] unlink("./83/binderfs" [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... unlink resumed>) = 0 [pid 5052] getdents64(4, [pid 5048] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [ 105.991516][ T5570] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5572] <... munmap resumed>) = 0 [pid 5571] <... munmap resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5052] close(4 [pid 5048] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5572] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5571] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] rmdir("./82/file0" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5572] <... openat resumed>) = 4 [pid 5571] <... openat resumed>) = 4 [pid 5569] <... mount resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./83/file0", [pid 5572] ioctl(4, LOOP_SET_FD, 3 [pid 5571] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5569] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5569] <... openat resumed>) = 3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5569] chdir("./file0") = 0 [pid 5569] ioctl(4, LOOP_CLR_FD) = 0 [pid 5569] close(4) = 0 [pid 5048] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5569] exit_group(0) = ? [pid 5569] +++ exited with 0 +++ [pid 5048] <... openat resumed>) = 4 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5569, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(4, [pid 5052] getdents64(3, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] getdents64(4, [pid 5052] close(3 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... close resumed>) = 0 [pid 5048] close(4 [pid 5049] newfstatat(3, "", [pid 5048] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] rmdir("./83/file0" [pid 5052] rmdir("./82" [pid 5048] <... rmdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5048] getdents64(3, [pid 5052] mkdir("./83", 0777 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5049] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] close(3 [pid 5572] <... ioctl resumed>) = 0 [pid 5571] <... ioctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5572] close(3 [pid 5571] close(3 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] newfstatat(AT_FDCWD, "./85/binderfs", [pid 5048] <... close resumed>) = 0 [pid 5572] <... close resumed>) = 0 [pid 5571] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] rmdir("./83" [pid 5572] mkdir("./file0", 0777 [pid 5571] mkdir("./file0", 0777 [pid 5052] <... openat resumed>) = 3 [pid 5049] unlink("./85/binderfs" [pid 5048] <... rmdir resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5048] mkdir("./84", 0777 [pid 5572] <... mkdir resumed>) = 0 [pid 5571] <... mkdir resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... mkdir resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] close(3 [pid 5048] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5573 attached [pid 5572] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5571] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5048] close(3) = 0 [ 106.068437][ T5572] loop4: detected capacity change from 0 to 4096 [ 106.086351][ T5571] loop3: detected capacity change from 0 to 4096 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5574 [pid 5573] set_robust_list(0x555556629660, 24) = 0 [pid 5570] <... mount resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5573 ./strace-static-x86_64: Process 5574 attached [pid 5574] set_robust_list(0x555556629660, 24) = 0 [pid 5574] chdir("./84") = 0 [pid 5574] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5574] setpgid(0, 0) = 0 [pid 5574] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5574] write(3, "1000", 4) = 4 [pid 5574] close(3) = 0 [pid 5574] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5574] memfd_create("syzkaller", 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5574] <... memfd_create resumed>) = 3 [pid 5574] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5573] chdir("./83" [pid 5049] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5573] <... chdir resumed>) = 0 [pid 5570] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5573] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5049] newfstatat(AT_FDCWD, "./85/file0", [pid 5573] setpgid(0, 0 [pid 5570] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5573] <... setpgid resumed>) = 0 [pid 5049] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5573] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5570] chdir("./file0" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5570] <... chdir resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5573] <... openat resumed>) = 3 [pid 5573] write(3, "1000", 4 [pid 5570] ioctl(4, LOOP_CLR_FD [pid 5049] newfstatat(4, "", [pid 5573] <... write resumed>) = 4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5573] close(3 [pid 5570] <... ioctl resumed>) = 0 [pid 5573] <... close resumed>) = 0 [pid 5049] getdents64(4, [pid 5573] symlink("/dev/binderfs", "./binderfs" [pid 5570] close(4 [pid 5574] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5570] <... close resumed>) = 0 [ 106.140775][ T5571] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 106.152637][ T5572] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5573] <... symlink resumed>) = 0 [pid 5570] exit_group(0 [pid 5049] getdents64(4, [pid 5570] <... exit_group resumed>) = ? [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./85/file0") = 0 [pid 5570] +++ exited with 0 +++ [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5570, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5049] close(3 [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5049] <... close resumed>) = 0 [pid 5047] <... restart_syscall resumed>) = 0 [pid 5049] rmdir("./85") = 0 [pid 5047] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] mkdir("./86", 0777 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] <... mkdir resumed>) = 0 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5047] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./85/binderfs" [pid 5573] memfd_create("syzkaller", 0 [pid 5047] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5575 attached [pid 5574] <... write resumed>) = 2097152 [pid 5573] <... memfd_create resumed>) = 3 [pid 5047] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5575] set_robust_list(0x555556629660, 24 [pid 5574] munmap(0x7f3b887a1000, 138412032 [pid 5573] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5575 [pid 5047] <... umount2 resumed>) = 0 [pid 5575] <... set_robust_list resumed>) = 0 [pid 5575] chdir("./86" [pid 5574] <... munmap resumed>) = 0 [pid 5573] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5575] <... chdir resumed>) = 0 [pid 5575] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5575] <... prctl resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./85/file0", [pid 5575] setpgid(0, 0) = 0 [pid 5575] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, [pid 5574] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5574] <... openat resumed>) = 4 [pid 5572] <... mount resumed>) = 0 [pid 5047] rmdir("./85/file0" [pid 5575] <... openat resumed>) = 3 [pid 5574] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5575] write(3, "1000", 4 [pid 5572] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./85") = 0 [pid 5047] mkdir("./86", 0777) = 0 [pid 5572] chdir("./file0" [pid 5575] <... write resumed>) = 4 [pid 5572] <... chdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5575] close(3) = 0 [pid 5572] ioctl(4, LOOP_CLR_FD) = 0 [pid 5575] symlink("/dev/binderfs", "./binderfs" [pid 5572] close(4 [pid 5575] <... symlink resumed>) = 0 [pid 5572] <... close resumed>) = 0 [pid 5572] exit_group(0 [pid 5571] <... mount resumed>) = 0 [pid 5572] <... exit_group resumed>) = ? [pid 5572] +++ exited with 0 +++ [pid 5575] memfd_create("syzkaller", 0 [pid 5574] <... ioctl resumed>) = 0 [pid 5573] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5571] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5572, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5047] <... openat resumed>) = 3 [pid 5574] close(3) = 0 [pid 5574] mkdir("./file0", 0777 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5574] <... mkdir resumed>) = 0 [pid 5574] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5576 ./strace-static-x86_64: Process 5576 attached [pid 5576] set_robust_list(0x555556629660, 24) = 0 [pid 5576] chdir("./86") = 0 [pid 5576] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 106.281748][ T5574] loop1: detected capacity change from 0 to 4096 [pid 5576] setpgid(0, 0) = 0 [pid 5576] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5576] write(3, "1000", 4) = 4 [pid 5576] close(3) = 0 [pid 5576] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5576] memfd_create("syzkaller", 0) = 3 [pid 5576] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5571] <... openat resumed>) = 3 [pid 5051] umount2("./82", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5571] chdir("./file0" [pid 5575] <... memfd_create resumed>) = 3 [pid 5575] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5571] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5571] ioctl(4, LOOP_CLR_FD [pid 5051] newfstatat(3, "", [pid 5571] <... ioctl resumed>) = 0 [pid 5571] close(4) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5571] exit_group(0) = ? [pid 5571] +++ exited with 0 +++ [pid 5051] getdents64(3, [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5571, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [ 106.332694][ T5574] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5050] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./82/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./82/binderfs", [pid 5050] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, [pid 5573] <... write resumed>) = 2097152 [pid 5051] unlink("./82/binderfs" [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5575] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5573] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... unlink resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5051] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./84/binderfs") = 0 [pid 5050] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5576] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... umount2 resumed>) = 0 [pid 5573] <... munmap resumed>) = 0 [pid 5050] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5573] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5573] ioctl(4, LOOP_SET_FD, 3 [pid 5050] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./84/file0" [pid 5574] <... mount resumed>) = 0 [pid 5574] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5574] chdir("./file0") = 0 [pid 5574] ioctl(4, LOOP_CLR_FD [pid 5573] <... ioctl resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5574] <... ioctl resumed>) = 0 [pid 5574] close(4 [pid 5050] getdents64(3, [pid 5574] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5051] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./84" [pid 5574] exit_group(0 [pid 5573] close(3 [pid 5574] <... exit_group resumed>) = ? [pid 5573] <... close resumed>) = 0 [pid 5576] <... write resumed>) = 2097152 [pid 5574] +++ exited with 0 +++ [pid 5573] mkdir("./file0", 0777 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... rmdir resumed>) = 0 [pid 5576] munmap(0x7f3b887a1000, 138412032 [pid 5573] <... mkdir resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./82/file0", [pid 5050] mkdir("./85", 0777 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5574, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5573] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5048] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5575] <... write resumed>) = 2097152 [pid 5051] umount2("./82/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] <... openat resumed>) = 3 [ 106.474167][ T5573] loop5: detected capacity change from 0 to 4096 [pid 5048] newfstatat(3, "", [pid 5576] <... munmap resumed>) = 0 [pid 5575] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5576] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5048] getdents64(3, [pid 5051] <... openat resumed>) = 4 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5576] <... openat resumed>) = 4 [pid 5575] <... munmap resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5050] close(3 [pid 5048] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5576] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(4, [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./84/binderfs") = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5577 [pid 5048] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5577 attached ) = 0 [pid 5048] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5575] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] getdents64(4, [pid 5577] set_robust_list(0x555556629660, 24 [pid 5575] <... openat resumed>) = 4 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5577] <... set_robust_list resumed>) = 0 [pid 5575] ioctl(4, LOOP_SET_FD, 3 [pid 5577] chdir("./85" [pid 5048] newfstatat(4, "", [pid 5051] close(4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./82/file0" [pid 5048] getdents64(4, [pid 5051] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(4, [pid 5051] close(3) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] rmdir("./82") = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./84/file0" [pid 5051] mkdir("./83", 0777 [pid 5577] <... chdir resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5577] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... mkdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5577] <... prctl resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5577] setpgid(0, 0 [pid 5048] close(3 [pid 5577] <... setpgid resumed>) = 0 [pid 5576] <... ioctl resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5577] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5576] close(3 [pid 5048] rmdir("./84" [pid 5577] <... openat resumed>) = 3 [pid 5576] <... close resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... rmdir resumed>) = 0 [pid 5577] write(3, "1000", 4 [pid 5576] mkdir("./file0", 0777 [pid 5051] <... openat resumed>) = 3 [pid 5048] mkdir("./85", 0777 [pid 5577] <... write resumed>) = 4 [pid 5576] <... mkdir resumed>) = 0 [pid 5575] <... ioctl resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5048] <... mkdir resumed>) = 0 [pid 5577] close(3 [pid 5576] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5575] close(3 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5577] <... close resumed>) = 0 [pid 5575] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5577] symlink("/dev/binderfs", "./binderfs" [pid 5051] close(3 [ 106.526803][ T5573] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 106.543195][ T5576] loop0: detected capacity change from 0 to 4096 [ 106.558439][ T5575] loop2: detected capacity change from 0 to 4096 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5577] <... symlink resumed>) = 0 [pid 5575] mkdir("./file0", 0777 [pid 5051] <... close resumed>) = 0 [pid 5048] <... ioctl resumed>) = 0 [pid 5577] memfd_create("syzkaller", 0 [pid 5575] <... mkdir resumed>) = 0 [pid 5577] <... memfd_create resumed>) = 3 [pid 5048] close(3 [pid 5577] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... close resumed>) = 0 [pid 5577] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5575] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5578 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5578 attached , child_tidptr=0x555556629650) = 5579 [pid 5578] set_robust_list(0x555556629660, 24) = 0 [pid 5578] chdir("./85") = 0 ./strace-static-x86_64: Process 5579 attached [pid 5578] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5579] set_robust_list(0x555556629660, 24 [pid 5578] <... prctl resumed>) = 0 [pid 5579] <... set_robust_list resumed>) = 0 [pid 5578] setpgid(0, 0 [pid 5579] chdir("./83" [pid 5578] <... setpgid resumed>) = 0 [pid 5579] <... chdir resumed>) = 0 [pid 5578] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5579] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5578] <... openat resumed>) = 3 [pid 5579] <... prctl resumed>) = 0 [pid 5578] write(3, "1000", 4 [pid 5579] setpgid(0, 0 [pid 5578] <... write resumed>) = 4 [pid 5579] <... setpgid resumed>) = 0 [pid 5578] close(3 [pid 5579] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5578] <... close resumed>) = 0 [pid 5579] <... openat resumed>) = 3 [pid 5578] symlink("/dev/binderfs", "./binderfs" [pid 5579] write(3, "1000", 4 [pid 5578] <... symlink resumed>) = 0 [pid 5579] <... write resumed>) = 4 [pid 5578] memfd_create("syzkaller", 0 [pid 5579] close(3) = 0 [pid 5579] symlink("/dev/binderfs", "./binderfs" [pid 5578] <... memfd_create resumed>) = 3 [pid 5579] <... symlink resumed>) = 0 [pid 5579] memfd_create("syzkaller", 0 [pid 5578] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5579] <... memfd_create resumed>) = 3 [pid 5578] <... mmap resumed>) = 0x7f3b887a1000 [pid 5573] <... mount resumed>) = 0 [pid 5579] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5573] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5573] chdir("./file0") = 0 [pid 5573] ioctl(4, LOOP_CLR_FD) = 0 [pid 5573] close(4) = 0 [pid 5573] exit_group(0) = ? [pid 5573] +++ exited with 0 +++ [ 106.587693][ T5576] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 106.604376][ T5575] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5573, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5052] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5052] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5577] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] newfstatat(AT_FDCWD, "./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./83/binderfs") = 0 [pid 5052] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5575] <... mount resumed>) = 0 [pid 5575] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5575] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5575] chdir("./file0" [pid 5052] newfstatat(AT_FDCWD, "./83/file0", [pid 5575] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5575] ioctl(4, LOOP_CLR_FD [pid 5052] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5575] <... ioctl resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5575] close(4 [pid 5052] newfstatat(4, "", [pid 5578] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5575] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5575] exit_group(0 [pid 5052] getdents64(4, [pid 5575] <... exit_group resumed>) = ? [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5575] +++ exited with 0 +++ [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5575, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] close(4) = 0 [pid 5052] rmdir("./83/file0" [pid 5049] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5576] <... mount resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] getdents64(3, [pid 5049] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5052] close(3) = 0 [pid 5049] newfstatat(3, "", [pid 5052] rmdir("./83" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5576] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5576] <... openat resumed>) = 3 [pid 5052] mkdir("./84", 0777 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5576] chdir("./file0" [pid 5052] <... mkdir resumed>) = 0 [pid 5049] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5579] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5576] <... chdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5576] ioctl(4, LOOP_CLR_FD [pid 5052] <... openat resumed>) = 3 [pid 5049] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5576] <... ioctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5576] close(4 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] unlink("./86/binderfs" [pid 5576] <... close resumed>) = 0 [pid 5052] <... ioctl resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5577] <... write resumed>) = 2097152 [pid 5576] exit_group(0 [pid 5049] <... umount2 resumed>) = 0 [pid 5052] close(3 [pid 5577] munmap(0x7f3b887a1000, 138412032 [pid 5576] <... exit_group resumed>) = ? [pid 5049] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5576] +++ exited with 0 +++ [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./86/file0", [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5576, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=4 /* 0.04 s */} --- [pid 5577] <... munmap resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, [pid 5047] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./86/file0" [pid 5577] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... rmdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5577] <... openat resumed>) = 4 [pid 5049] getdents64(3, [pid 5047] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5049] close(3 [pid 5047] newfstatat(3, "", [pid 5049] <... close resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] rmdir("./86" [pid 5047] getdents64(3, [pid 5049] <... rmdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5577] ioctl(4, LOOP_SET_FD, 3 [pid 5049] mkdir("./87", 0777 [pid 5047] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = 0 [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5580 ./strace-static-x86_64: Process 5580 attached [pid 5578] <... write resumed>) = 2097152 [pid 5047] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5580] set_robust_list(0x555556629660, 24) = 0 [pid 5580] chdir("./87" [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5580] <... chdir resumed>) = 0 [pid 5580] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] unlink("./86/binderfs" [pid 5580] <... prctl resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5580] setpgid(0, 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5580] <... setpgid resumed>) = 0 [pid 5047] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5580] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5581 attached ) = 3 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5581 [pid 5580] write(3, "1000", 4 [pid 5581] set_robust_list(0x555556629660, 24 [pid 5580] <... write resumed>) = 4 [pid 5579] <... write resumed>) = 2097152 [pid 5047] <... umount2 resumed>) = 0 [pid 5580] close(3) = 0 [pid 5579] munmap(0x7f3b887a1000, 138412032 [pid 5578] munmap(0x7f3b887a1000, 138412032 [pid 5047] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5580] symlink("/dev/binderfs", "./binderfs" [pid 5581] <... set_robust_list resumed>) = 0 [pid 5580] <... symlink resumed>) = 0 [pid 5579] <... munmap resumed>) = 0 [pid 5578] <... munmap resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5580] memfd_create("syzkaller", 0 [pid 5581] chdir("./84" [pid 5047] newfstatat(AT_FDCWD, "./86/file0", [pid 5581] <... chdir resumed>) = 0 [pid 5580] <... memfd_create resumed>) = 3 [pid 5577] <... ioctl resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5581] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5580] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5577] close(3 [pid 5047] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5581] <... prctl resumed>) = 0 [pid 5580] <... mmap resumed>) = 0x7f3b887a1000 [pid 5577] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5581] setpgid(0, 0 [pid 5047] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5581] <... setpgid resumed>) = 0 [pid 5579] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5577] mkdir("./file0", 0777 [pid 5581] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5579] <... openat resumed>) = 4 [ 106.829749][ T5577] loop3: detected capacity change from 0 to 4096 [pid 5047] <... openat resumed>) = 4 [pid 5579] ioctl(4, LOOP_SET_FD, 3 [pid 5581] <... openat resumed>) = 3 [pid 5577] <... mkdir resumed>) = 0 [pid 5047] newfstatat(4, "", [pid 5581] write(3, "1000", 4) = 4 [pid 5578] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5581] close(3 [pid 5578] <... openat resumed>) = 4 [pid 5578] ioctl(4, LOOP_SET_FD, 3 [pid 5581] <... close resumed>) = 0 [pid 5577] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5047] getdents64(4, [pid 5581] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5579] <... ioctl resumed>) = 0 [pid 5579] close(3) = 0 [pid 5579] mkdir("./file0", 0777) = 0 [pid 5047] getdents64(4, [pid 5579] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5581] memfd_create("syzkaller", 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5578] <... ioctl resumed>) = 0 [pid 5047] close(4 [pid 5578] close(3) = 0 [pid 5047] <... close resumed>) = 0 [pid 5578] mkdir("./file0", 0777 [pid 5581] <... memfd_create resumed>) = 3 [pid 5578] <... mkdir resumed>) = 0 [pid 5047] rmdir("./86/file0" [pid 5578] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5047] <... rmdir resumed>) = 0 [ 106.876032][ T5579] loop4: detected capacity change from 0 to 4096 [ 106.885806][ T5578] loop1: detected capacity change from 0 to 4096 [ 106.896950][ T5577] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 106.909065][ T5579] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5581] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] getdents64(3, [pid 5581] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./86") = 0 [pid 5579] <... mount resumed>) = 0 [pid 5579] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] mkdir("./87", 0777 [pid 5579] <... openat resumed>) = 3 [pid 5579] chdir("./file0") = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5579] ioctl(4, LOOP_CLR_FD) = 0 [pid 5579] close(4) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5579] exit_group(0) = ? [pid 5580] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5579] +++ exited with 0 +++ [pid 5047] <... openat resumed>) = 3 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5579, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5051] umount2("./83", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 106.926116][ T5578] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./83/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./83/binderfs") = 0 [pid 5051] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5577] <... mount resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5577] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] close(3 [pid 5577] <... openat resumed>) = 3 [pid 5047] <... close resumed>) = 0 [pid 5577] chdir("./file0" [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5582 attached [pid 5577] <... chdir resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5582 [pid 5577] ioctl(4, LOOP_CLR_FD [pid 5582] set_robust_list(0x555556629660, 24) = 0 [pid 5577] <... ioctl resumed>) = 0 [pid 5577] close(4 [pid 5582] chdir("./87" [pid 5577] <... close resumed>) = 0 [pid 5582] <... chdir resumed>) = 0 [pid 5578] <... mount resumed>) = 0 [pid 5577] exit_group(0 [pid 5582] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5581] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5578] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5577] <... exit_group resumed>) = ? [pid 5578] <... openat resumed>) = 3 [pid 5578] chdir("./file0") = 0 [pid 5578] ioctl(4, LOOP_CLR_FD) = 0 [pid 5578] close(4) = 0 [pid 5578] exit_group(0) = ? [pid 5582] <... prctl resumed>) = 0 [pid 5578] +++ exited with 0 +++ [pid 5582] setpgid(0, 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5578, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5582] <... setpgid resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5051] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5582] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5577] +++ exited with 0 +++ [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./83/file0", [pid 5582] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5577, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 5048] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5582] write(3, "1000", 4 [pid 5048] <... openat resumed>) = 3 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5582] <... write resumed>) = 4 [pid 5582] close(3 [pid 5048] newfstatat(3, "", [pid 5582] <... close resumed>) = 0 [pid 5582] symlink("/dev/binderfs", "./binderfs" [pid 5051] umount2("./83/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(3, [pid 5582] <... symlink resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] newfstatat(4, "", [pid 5050] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5582] memfd_create("syzkaller", 0 [pid 5580] <... write resumed>) = 2097152 [pid 5051] getdents64(4, [pid 5050] <... openat resumed>) = 3 [pid 5048] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(3, "", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] newfstatat(AT_FDCWD, "./85/binderfs", [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(3, [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] close(4) = 0 [pid 5048] unlink("./85/binderfs" [pid 5582] <... memfd_create resumed>) = 3 [pid 5580] munmap(0x7f3b887a1000, 138412032 [pid 5051] rmdir("./83/file0" [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5582] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5050] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5582] <... mmap resumed>) = 0x7f3b887a1000 [pid 5580] <... munmap resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(3, [pid 5050] newfstatat(AT_FDCWD, "./85/binderfs", [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./85/binderfs" [pid 5051] close(3) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5050] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] rmdir("./83") = 0 [pid 5580] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] mkdir("./84", 0777 [pid 5580] <... openat resumed>) = 4 [pid 5051] <... mkdir resumed>) = 0 [pid 5580] ioctl(4, LOOP_SET_FD, 3 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] <... umount2 resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] close(3 [pid 5050] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(AT_FDCWD, "./85/file0", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./85/file0", [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", [pid 5050] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5583 attached [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5583 [pid 5583] set_robust_list(0x555556629660, 24) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5583] chdir("./84" [pid 5050] newfstatat(4, "", [pid 5583] <... chdir resumed>) = 0 [pid 5048] getdents64(4, [pid 5583] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5583] <... prctl resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5583] setpgid(0, 0 [pid 5050] getdents64(4, [pid 5048] getdents64(4, [pid 5583] <... setpgid resumed>) = 0 [pid 5580] <... ioctl resumed>) = 0 [pid 5583] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5580] close(3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5583] <... openat resumed>) = 3 [pid 5580] <... close resumed>) = 0 [pid 5580] mkdir("./file0", 0777 [pid 5583] write(3, "1000", 4 [pid 5580] <... mkdir resumed>) = 0 [pid 5583] <... write resumed>) = 4 [pid 5583] close(3) = 0 [pid 5583] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5580] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5583] memfd_create("syzkaller", 0 [pid 5050] getdents64(4, [pid 5048] close(4) = 0 [pid 5048] rmdir("./85/file0" [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [ 107.100188][ T5580] loop2: detected capacity change from 0 to 4096 [pid 5581] <... write resumed>) = 2097152 [pid 5050] close(4 [pid 5048] <... rmdir resumed>) = 0 [pid 5583] <... memfd_create resumed>) = 3 [pid 5583] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5050] <... close resumed>) = 0 [pid 5048] getdents64(3, [pid 5050] rmdir("./85/file0" [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./85" [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5050] close(3 [pid 5048] mkdir("./86", 0777 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./85" [pid 5048] <... mkdir resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] mkdir("./86", 0777 [pid 5581] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5581] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5581] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5584 ./strace-static-x86_64: Process 5584 attached [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD [ 107.147607][ T5580] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5584] set_robust_list(0x555556629660, 24) = 0 [pid 5583] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5584] chdir("./86" [pid 5582] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] close(3 [pid 5584] <... chdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5584] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5584] setpgid(0, 0) = 0 [pid 5584] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5585 [pid 5584] <... openat resumed>) = 3 [pid 5584] write(3, "1000", 4./strace-static-x86_64: Process 5585 attached ) = 4 [pid 5584] close(3 [pid 5585] set_robust_list(0x555556629660, 24) = 0 [pid 5584] <... close resumed>) = 0 [pid 5585] chdir("./86") = 0 [pid 5585] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5585] setpgid(0, 0) = 0 [pid 5585] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5581] <... ioctl resumed>) = 0 [pid 5581] close(3 [pid 5584] symlink("/dev/binderfs", "./binderfs" [pid 5585] write(3, "1000", 4 [pid 5581] <... close resumed>) = 0 [pid 5585] <... write resumed>) = 4 [pid 5584] <... symlink resumed>) = 0 [pid 5581] mkdir("./file0", 0777 [pid 5585] close(3 [pid 5581] <... mkdir resumed>) = 0 [pid 5585] <... close resumed>) = 0 [pid 5581] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5585] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5585] memfd_create("syzkaller", 0) = 3 [ 107.214549][ T5581] loop5: detected capacity change from 0 to 4096 [pid 5585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5584] memfd_create("syzkaller", 0 [pid 5583] <... write resumed>) = 2097152 [pid 5582] <... write resumed>) = 2097152 [pid 5584] <... memfd_create resumed>) = 3 [pid 5583] munmap(0x7f3b887a1000, 138412032 [pid 5584] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5583] <... munmap resumed>) = 0 [pid 5584] <... mmap resumed>) = 0x7f3b887a1000 [pid 5582] munmap(0x7f3b887a1000, 138412032 [pid 5583] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5583] ioctl(4, LOOP_SET_FD, 3 [pid 5582] <... munmap resumed>) = 0 [pid 5580] <... mount resumed>) = 0 [pid 5582] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5580] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5583] <... ioctl resumed>) = 0 [pid 5580] chdir("./file0" [pid 5583] close(3) = 0 [pid 5580] <... chdir resumed>) = 0 [ 107.273027][ T5581] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 107.301526][ T5583] loop4: detected capacity change from 0 to 4096 [pid 5582] <... openat resumed>) = 4 [pid 5580] ioctl(4, LOOP_CLR_FD [pid 5582] ioctl(4, LOOP_SET_FD, 3 [pid 5580] <... ioctl resumed>) = 0 [pid 5580] close(4 [pid 5583] mkdir("./file0", 0777 [pid 5580] <... close resumed>) = 0 [pid 5583] <... mkdir resumed>) = 0 [pid 5583] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5580] exit_group(0) = ? [pid 5580] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5580, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5582] <... ioctl resumed>) = 0 [pid 5581] <... mount resumed>) = 0 [pid 5049] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5582] close(3) = 0 [pid 5049] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5582] mkdir("./file0", 0777 [pid 5581] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./87/binderfs" [pid 5582] <... mkdir resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5581] <... openat resumed>) = 3 [pid 5581] chdir("./file0") = 0 [pid 5585] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5581] ioctl(4, LOOP_CLR_FD [ 107.329006][ T5582] loop0: detected capacity change from 0 to 4096 [ 107.338370][ T5583] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5582] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5049] <... umount2 resumed>) = 0 [pid 5049] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", [pid 5584] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5581] <... ioctl resumed>) = 0 [pid 5581] close(4) = 0 [pid 5049] getdents64(4, [pid 5581] exit_group(0) = ? [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./87/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./87") = 0 [pid 5049] mkdir("./88", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5582] <... mount resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5581] +++ exited with 0 +++ [pid 5049] ioctl(3, LOOP_CLR_FD) = 0 [pid 5049] close(3 [pid 5585] <... write resumed>) = 2097152 [pid 5583] <... mount resumed>) = 0 [pid 5582] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... close resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5581, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 5586 attached [pid 5583] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5582] <... openat resumed>) = 3 [pid 5583] <... openat resumed>) = 3 [pid 5586] set_robust_list(0x555556629660, 24 [pid 5583] chdir("./file0" [pid 5582] chdir("./file0" [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5586 [pid 5586] <... set_robust_list resumed>) = 0 [pid 5583] <... chdir resumed>) = 0 [pid 5582] <... chdir resumed>) = 0 [pid 5052] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5586] chdir("./88" [pid 5583] ioctl(4, LOOP_CLR_FD [pid 5582] ioctl(4, LOOP_CLR_FD [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5583] <... ioctl resumed>) = 0 [pid 5582] <... ioctl resumed>) = 0 [ 107.376455][ T5582] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5052] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5586] <... chdir resumed>) = 0 [pid 5583] close(4 [pid 5582] close(4 [pid 5052] <... openat resumed>) = 3 [pid 5583] <... close resumed>) = 0 [pid 5582] <... close resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5586] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5585] munmap(0x7f3b887a1000, 138412032 [pid 5583] exit_group(0 [pid 5582] exit_group(0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5585] <... munmap resumed>) = 0 [pid 5052] getdents64(3, [pid 5586] <... prctl resumed>) = 0 [pid 5583] <... exit_group resumed>) = ? [pid 5582] <... exit_group resumed>) = ? [pid 5585] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5586] setpgid(0, 0 [pid 5584] <... write resumed>) = 2097152 [pid 5583] +++ exited with 0 +++ [pid 5582] +++ exited with 0 +++ [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5586] <... setpgid resumed>) = 0 [pid 5052] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5586] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5583, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5582, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5585] <... openat resumed>) = 4 [pid 5052] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5051] umount2("./84", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5586] <... openat resumed>) = 3 [pid 5585] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5586] write(3, "1000", 4 [pid 5052] unlink("./84/binderfs" [pid 5051] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5586] <... write resumed>) = 4 [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 5586] close(3 [pid 5052] <... unlink resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5586] <... close resumed>) = 0 [pid 5584] munmap(0x7f3b887a1000, 138412032 [pid 5051] getdents64(3, [pid 5047] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5586] symlink("/dev/binderfs", "./binderfs" [pid 5052] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./84/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5586] <... symlink resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] unlink("./84/binderfs" [pid 5584] <... munmap resumed>) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5051] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5586] memfd_create("syzkaller", 0 [pid 5584] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5051] <... umount2 resumed>) = 0 [pid 5047] newfstatat(3, "", [pid 5585] <... ioctl resumed>) = 0 [pid 5584] <... openat resumed>) = 4 [pid 5051] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5585] close(3 [pid 5584] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(3, [pid 5586] <... memfd_create resumed>) = 3 [pid 5585] <... close resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./84/file0", [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5585] mkdir("./file0", 0777 [pid 5051] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5585] <... mkdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] newfstatat(AT_FDCWD, "./87/binderfs", [pid 5051] <... openat resumed>) = 4 [pid 5586] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5585] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] newfstatat(4, "", [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5586] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] unlink("./87/binderfs") = 0 [pid 5047] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [ 107.473923][ T5585] loop3: detected capacity change from 0 to 4096 [ 107.504640][ T5584] loop1: detected capacity change from 0 to 4096 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5584] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5584] close(3 [pid 5051] rmdir("./84/file0" [pid 5584] <... close resumed>) = 0 [pid 5584] mkdir("./file0", 0777) = 0 [pid 5584] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./84") = 0 [pid 5051] mkdir("./85", 0777) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5047] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... ioctl resumed>) = 0 [pid 5051] close(3 [pid 5047] newfstatat(AT_FDCWD, "./87/file0", [pid 5051] <... close resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5587 [pid 5047] <... openat resumed>) = 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(4, "", [pid 5052] newfstatat(AT_FDCWD, "./84/file0", ./strace-static-x86_64: Process 5587 attached [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5587] set_robust_list(0x555556629660, 24 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./84/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5587] <... set_robust_list resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5047] getdents64(4, [pid 5587] chdir("./85" [pid 5052] newfstatat(4, "", [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5587] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5587] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] getdents64(4, [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5587] <... prctl resumed>) = 0 [pid 5047] close(4 [pid 5587] setpgid(0, 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... close resumed>) = 0 [pid 5587] <... setpgid resumed>) = 0 [pid 5047] rmdir("./87/file0" [pid 5587] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5585] <... mount resumed>) = 0 [ 107.533860][ T5585] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 107.557981][ T5584] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5052] close(4 [pid 5587] <... openat resumed>) = 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5587] write(3, "1000", 4 [pid 5585] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... close resumed>) = 0 [pid 5047] getdents64(3, [pid 5587] <... write resumed>) = 4 [pid 5585] <... openat resumed>) = 3 [pid 5052] rmdir("./84/file0" [pid 5587] close(3 [pid 5585] chdir("./file0" [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5587] <... close resumed>) = 0 [pid 5585] <... chdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5047] close(3 [pid 5587] symlink("/dev/binderfs", "./binderfs" [pid 5585] ioctl(4, LOOP_CLR_FD [pid 5047] <... close resumed>) = 0 [pid 5052] getdents64(3, [pid 5587] <... symlink resumed>) = 0 [pid 5585] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] rmdir("./87" [pid 5586] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5587] memfd_create("syzkaller", 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] mkdir("./88", 0777 [pid 5585] close(4 [pid 5052] close(3) = 0 [pid 5585] <... close resumed>) = 0 [pid 5052] rmdir("./84" [pid 5585] exit_group(0 [pid 5052] <... rmdir resumed>) = 0 [pid 5585] <... exit_group resumed>) = ? [pid 5047] <... mkdir resumed>) = 0 [pid 5587] <... memfd_create resumed>) = 3 [pid 5587] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5587] <... mmap resumed>) = 0x7f3b887a1000 [pid 5585] +++ exited with 0 +++ [pid 5052] mkdir("./85", 0777 [pid 5047] <... openat resumed>) = 3 [pid 5052] <... mkdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5585, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5052] <... openat resumed>) = 3 [pid 5050] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", [pid 5052] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] getdents64(3, [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5047] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5588 attached [pid 5050] unlink("./86/binderfs" [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5588] set_robust_list(0x555556629660, 24 [pid 5584] <... mount resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5589 attached [pid 5588] <... set_robust_list resumed>) = 0 [pid 5584] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5588 [pid 5050] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5589] set_robust_list(0x555556629660, 24 [pid 5588] chdir("./85" [pid 5584] <... openat resumed>) = 3 [pid 5584] chdir("./file0" [pid 5589] <... set_robust_list resumed>) = 0 [pid 5584] <... chdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5589 [pid 5589] chdir("./88" [pid 5588] <... chdir resumed>) = 0 [pid 5586] <... write resumed>) = 2097152 [pid 5584] ioctl(4, LOOP_CLR_FD [pid 5588] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5584] <... ioctl resumed>) = 0 [pid 5588] <... prctl resumed>) = 0 [pid 5588] setpgid(0, 0 [pid 5584] close(4 [pid 5588] <... setpgid resumed>) = 0 [pid 5589] <... chdir resumed>) = 0 [pid 5589] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5584] <... close resumed>) = 0 [pid 5589] <... prctl resumed>) = 0 [pid 5588] <... openat resumed>) = 3 [pid 5584] exit_group(0 [pid 5589] setpgid(0, 0 [pid 5588] write(3, "1000", 4 [pid 5584] <... exit_group resumed>) = ? [pid 5589] <... setpgid resumed>) = 0 [pid 5588] <... write resumed>) = 4 [pid 5584] +++ exited with 0 +++ [pid 5589] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5588] close(3 [pid 5586] munmap(0x7f3b887a1000, 138412032 [pid 5589] <... openat resumed>) = 3 [pid 5588] <... close resumed>) = 0 [pid 5050] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5589] write(3, "1000", 4 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5584, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5589] <... write resumed>) = 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5589] close(3 [pid 5048] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5589] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./86/file0", [pid 5589] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5589] <... symlink resumed>) = 0 [pid 5588] symlink("/dev/binderfs", "./binderfs" [pid 5586] <... munmap resumed>) = 0 [pid 5050] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5589] memfd_create("syzkaller", 0 [pid 5588] <... symlink resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... openat resumed>) = 3 [pid 5050] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] newfstatat(3, "", [pid 5050] <... openat resumed>) = 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5588] memfd_create("syzkaller", 0 [pid 5050] newfstatat(4, "", [pid 5586] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] getdents64(3, [pid 5589] <... memfd_create resumed>) = 3 [pid 5589] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5588] <... memfd_create resumed>) = 3 [pid 5586] <... openat resumed>) = 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5589] <... mmap resumed>) = 0x7f3b887a1000 [pid 5588] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5586] ioctl(4, LOOP_SET_FD, 3 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5048] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5588] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] rmdir("./86/file0" [pid 5048] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5050] <... rmdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./86/binderfs" [pid 5050] getdents64(3, [pid 5048] <... unlink resumed>) = 0 [pid 5048] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./86") = 0 [pid 5050] mkdir("./87", 0777 [pid 5586] <... ioctl resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5586] close(3) = 0 [pid 5586] mkdir("./file0", 0777 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5587] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5586] <... mkdir resumed>) = 0 [pid 5050] close(3 [pid 5048] <... umount2 resumed>) = 0 [pid 5586] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5050] <... close resumed>) = 0 [pid 5048] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./86/file0", [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5590 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 107.742706][ T5586] loop2: detected capacity change from 0 to 4096 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./86/file0") = 0 ./strace-static-x86_64: Process 5590 attached [pid 5048] getdents64(3, [pid 5590] set_robust_list(0x555556629660, 24 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5590] <... set_robust_list resumed>) = 0 [pid 5048] close(3 [pid 5590] chdir("./87") = 0 [pid 5048] <... close resumed>) = 0 [pid 5590] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] rmdir("./86" [pid 5590] <... prctl resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5590] setpgid(0, 0 [pid 5048] mkdir("./87", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = 0 [pid 5048] close(3) = 0 [pid 5590] <... setpgid resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5590] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5590] write(3, "1000", 4./strace-static-x86_64: Process 5591 attached [pid 5588] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5590] <... write resumed>) = 4 [pid 5586] <... mount resumed>) = 0 [pid 5591] set_robust_list(0x555556629660, 24 [pid 5590] close(3 [pid 5586] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5591 [pid 5591] <... set_robust_list resumed>) = 0 [pid 5590] <... close resumed>) = 0 [pid 5591] chdir("./87" [pid 5590] symlink("/dev/binderfs", "./binderfs" [pid 5586] <... openat resumed>) = 3 [pid 5591] <... chdir resumed>) = 0 [pid 5590] <... symlink resumed>) = 0 [pid 5586] chdir("./file0" [pid 5591] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5589] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5591] <... prctl resumed>) = 0 [pid 5591] setpgid(0, 0) = 0 [pid 5591] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5586] <... chdir resumed>) = 0 [ 107.792522][ T5586] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5591] <... openat resumed>) = 3 [pid 5590] memfd_create("syzkaller", 0 [pid 5586] ioctl(4, LOOP_CLR_FD [pid 5591] write(3, "1000", 4) = 4 [pid 5591] close(3) = 0 [pid 5591] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5591] memfd_create("syzkaller", 0 [pid 5590] <... memfd_create resumed>) = 3 [pid 5588] <... write resumed>) = 2097152 [pid 5586] <... ioctl resumed>) = 0 [pid 5590] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5586] close(4 [pid 5590] <... mmap resumed>) = 0x7f3b887a1000 [pid 5586] <... close resumed>) = 0 [pid 5586] exit_group(0 [pid 5591] <... memfd_create resumed>) = 3 [pid 5591] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5588] munmap(0x7f3b887a1000, 138412032 [pid 5586] <... exit_group resumed>) = ? [pid 5587] <... write resumed>) = 2097152 [pid 5586] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5586, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5049] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5588] <... munmap resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5587] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... openat resumed>) = 3 [pid 5588] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5587] <... munmap resumed>) = 0 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5588] <... openat resumed>) = 4 [pid 5049] getdents64(3, [pid 5588] ioctl(4, LOOP_SET_FD, 3 [pid 5587] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5589] <... write resumed>) = 2097152 [pid 5049] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./88/binderfs") = 0 [pid 5049] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5587] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = 0 [pid 5587] ioctl(4, LOOP_SET_FD, 3 [pid 5049] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./88/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./88") = 0 [pid 5049] mkdir("./89", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5591] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5587] <... ioctl resumed>) = 0 [pid 5588] <... ioctl resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5589] munmap(0x7f3b887a1000, 138412032 [pid 5587] close(3 [pid 5049] <... ioctl resumed>) = 0 [pid 5589] <... munmap resumed>) = 0 [pid 5588] close(3 [pid 5587] <... close resumed>) = 0 [pid 5049] close(3 [pid 5588] <... close resumed>) = 0 [pid 5588] mkdir("./file0", 0777) = 0 [pid 5587] mkdir("./file0", 0777) = 0 [pid 5587] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 107.926027][ T5588] loop5: detected capacity change from 0 to 4096 [ 107.938025][ T5587] loop4: detected capacity change from 0 to 4096 [pid 5589] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5589] ioctl(4, LOOP_SET_FD, 3 [pid 5590] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5588] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5049] <... close resumed>) = 0 [pid 5589] <... ioctl resumed>) = 0 [pid 5589] close(3) = 0 [pid 5589] mkdir("./file0", 0777) = 0 [pid 5589] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5591] <... write resumed>) = 2097152 ./strace-static-x86_64: Process 5592 attached [pid 5591] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5592 [pid 5592] set_robust_list(0x555556629660, 24) = 0 [pid 5592] chdir("./89") = 0 [pid 5591] <... munmap resumed>) = 0 [pid 5592] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5591] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5592] <... prctl resumed>) = 0 [pid 5591] <... openat resumed>) = 4 [pid 5592] setpgid(0, 0 [pid 5591] ioctl(4, LOOP_SET_FD, 3 [pid 5592] <... setpgid resumed>) = 0 [ 107.979534][ T5589] loop0: detected capacity change from 0 to 4096 [ 107.986615][ T5587] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 107.997481][ T5588] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 108.019412][ T5589] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5592] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5592] write(3, "1000", 4) = 4 [pid 5592] close(3) = 0 [pid 5592] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5592] memfd_create("syzkaller", 0) = 3 [pid 5591] <... ioctl resumed>) = 0 [pid 5588] <... mount resumed>) = 0 [pid 5591] close(3 [pid 5588] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5590] <... write resumed>) = 2097152 [pid 5592] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5591] <... close resumed>) = 0 [pid 5590] munmap(0x7f3b887a1000, 138412032 [pid 5588] <... openat resumed>) = 3 [pid 5592] <... mmap resumed>) = 0x7f3b887a1000 [pid 5591] mkdir("./file0", 0777) = 0 [pid 5588] chdir("./file0") = 0 [pid 5591] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5590] <... munmap resumed>) = 0 [pid 5587] <... mount resumed>) = 0 [pid 5588] ioctl(4, LOOP_CLR_FD [pid 5590] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5588] <... ioctl resumed>) = 0 [ 108.055531][ T5591] loop1: detected capacity change from 0 to 4096 [pid 5588] close(4 [pid 5590] <... openat resumed>) = 4 [pid 5587] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5590] ioctl(4, LOOP_SET_FD, 3 [pid 5588] <... close resumed>) = 0 [pid 5587] <... openat resumed>) = 3 [pid 5588] exit_group(0) = ? [pid 5590] <... ioctl resumed>) = 0 [pid 5587] chdir("./file0" [pid 5588] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5588, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5587] <... chdir resumed>) = 0 [pid 5587] ioctl(4, LOOP_CLR_FD) = 0 [pid 5587] close(4 [pid 5589] <... mount resumed>) = 0 [pid 5589] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5587] <... close resumed>) = 0 [pid 5590] close(3 [pid 5589] <... openat resumed>) = 3 [pid 5587] exit_group(0) = ? [pid 5589] chdir("./file0" [pid 5590] <... close resumed>) = 0 [pid 5052] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5587] +++ exited with 0 +++ [pid 5590] mkdir("./file0", 0777 [pid 5589] <... chdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5590] <... mkdir resumed>) = 0 [pid 5589] ioctl(4, LOOP_CLR_FD [pid 5052] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5589] <... ioctl resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5590] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5589] close(4 [pid 5052] newfstatat(3, "", [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5587, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5589] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] umount2("./85", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5589] exit_group(0 [pid 5052] getdents64(3, [pid 5589] <... exit_group resumed>) = ? [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(3, "", [pid 5052] newfstatat(AT_FDCWD, "./85/binderfs", [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5592] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5589] +++ exited with 0 +++ [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] getdents64(3, [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5589, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [ 108.098908][ T5591] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 108.112684][ T5590] loop3: detected capacity change from 0 to 4096 [pid 5047] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] unlink("./85/binderfs" [pid 5051] umount2("./85/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] unlink("./88/binderfs" [pid 5052] <... unlink resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... unlink resumed>) = 0 [pid 5052] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] unlink("./85/binderfs") = 0 [pid 5051] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5590] <... mount resumed>) = 0 [pid 5590] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 108.141504][ T5590] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5590] chdir("./file0" [pid 5047] <... umount2 resumed>) = 0 [pid 5592] <... write resumed>) = 2097152 [pid 5590] <... chdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5590] ioctl(4, LOOP_CLR_FD) = 0 [pid 5590] close(4) = 0 [pid 5047] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5590] exit_group(0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5592] munmap(0x7f3b887a1000, 138412032 [pid 5590] <... exit_group resumed>) = ? [pid 5047] newfstatat(AT_FDCWD, "./88/file0", [pid 5590] +++ exited with 0 +++ [pid 5052] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = 0 [pid 5592] <... munmap resumed>) = 0 [pid 5591] <... mount resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5591] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] newfstatat(AT_FDCWD, "./85/file0", [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5590, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5047] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5591] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5591] chdir("./file0" [pid 5052] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(AT_FDCWD, "./85/file0", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5591] <... chdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... openat resumed>) = 4 [pid 5592] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5050] <... openat resumed>) = 3 [pid 5047] newfstatat(4, "", [pid 5592] <... openat resumed>) = 4 [pid 5050] newfstatat(3, "", [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5592] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5591] ioctl(4, LOOP_CLR_FD [pid 5052] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] umount2("./85/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] unlink("./87/binderfs" [pid 5047] getdents64(4, [pid 5050] <... unlink resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(4) = 0 [pid 5047] rmdir("./88/file0" [pid 5591] <... ioctl resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... rmdir resumed>) = 0 [pid 5591] close(4 [pid 5052] newfstatat(4, "", [pid 5051] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5591] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5591] exit_group(0 [pid 5052] getdents64(4, [pid 5051] <... openat resumed>) = 4 [pid 5047] getdents64(3, [pid 5591] <... exit_group resumed>) = ? [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] newfstatat(4, "", [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./88" [pid 5591] +++ exited with 0 +++ [pid 5052] getdents64(4, [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5591, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=2 /* 0.02 s */} --- [pid 5047] mkdir("./89", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5048] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] getdents64(4, [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5052] close(4 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... close resumed>) = 0 [pid 5051] getdents64(4, [pid 5052] rmdir("./85/file0" [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... rmdir resumed>) = 0 [pid 5051] close(4 [pid 5048] <... openat resumed>) = 3 [pid 5047] close(3 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./85/file0" [pid 5048] newfstatat(3, "", [pid 5047] <... close resumed>) = 0 [pid 5592] <... ioctl resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5592] close(3 [pid 5052] getdents64(3, [pid 5051] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] getdents64(3, [pid 5592] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5593 attached [pid 5052] close(3 [pid 5051] close(3 [pid 5593] set_robust_list(0x555556629660, 24 [pid 5052] <... close resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5048] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5593 [pid 5593] <... set_robust_list resumed>) = 0 [pid 5052] rmdir("./85" [pid 5051] rmdir("./85" [pid 5592] mkdir("./file0", 0777 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... rmdir resumed>) = 0 [pid 5592] <... mkdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5051] mkdir("./86", 0777 [pid 5048] newfstatat(AT_FDCWD, "./87/binderfs", [pid 5593] chdir("./89" [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5592] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5051] <... mkdir resumed>) = 0 [pid 5048] unlink("./87/binderfs" [pid 5593] <... chdir resumed>) = 0 [pid 5052] mkdir("./86", 0777 [pid 5593] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... mkdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... unlink resumed>) = 0 [pid 5593] <... prctl resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... openat resumed>) = 3 [pid 5048] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5593] setpgid(0, 0 [pid 5052] <... openat resumed>) = 3 [ 108.229718][ T5592] loop2: detected capacity change from 0 to 4096 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5593] <... setpgid resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5593] <... openat resumed>) = 3 [pid 5052] close(3 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./87/file0", [pid 5593] write(3, "1000", 4 [pid 5052] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5594 [pid 5593] <... write resumed>) = 4 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5594 attached [pid 5593] close(3 [pid 5050] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5595 attached [pid 5594] set_robust_list(0x555556629660, 24 [pid 5593] <... close resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5595 [pid 5050] newfstatat(4, "", [pid 5594] <... set_robust_list resumed>) = 0 [pid 5593] symlink("/dev/binderfs", "./binderfs" [pid 5595] set_robust_list(0x555556629660, 24 [pid 5594] chdir("./86" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5594] <... chdir resumed>) = 0 [pid 5593] <... symlink resumed>) = 0 [pid 5595] <... set_robust_list resumed>) = 0 [pid 5594] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] getdents64(4, [pid 5595] chdir("./86" [pid 5593] memfd_create("syzkaller", 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5595] <... chdir resumed>) = 0 [pid 5050] getdents64(4, [pid 5595] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5595] <... prctl resumed>) = 0 [pid 5594] <... prctl resumed>) = 0 [pid 5593] <... memfd_create resumed>) = 3 [pid 5050] close(4 [pid 5594] setpgid(0, 0 [pid 5593] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5595] setpgid(0, 0 [pid 5050] <... close resumed>) = 0 [pid 5595] <... setpgid resumed>) = 0 [pid 5594] <... setpgid resumed>) = 0 [pid 5593] <... mmap resumed>) = 0x7f3b887a1000 [pid 5592] <... mount resumed>) = 0 [pid 5050] rmdir("./87/file0" [pid 5595] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5594] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5592] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... rmdir resumed>) = 0 [pid 5595] <... openat resumed>) = 3 [pid 5050] getdents64(3, [pid 5595] write(3, "1000", 4 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5595] <... write resumed>) = 4 [pid 5050] close(3 [pid 5595] close(3 [pid 5050] <... close resumed>) = 0 [pid 5595] <... close resumed>) = 0 [pid 5050] rmdir("./87" [ 108.281790][ T5592] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5595] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... rmdir resumed>) = 0 [pid 5595] <... symlink resumed>) = 0 [pid 5595] memfd_create("syzkaller", 0) = 3 [pid 5594] <... openat resumed>) = 3 [pid 5592] <... openat resumed>) = 3 [pid 5050] mkdir("./88", 0777) = 0 [pid 5595] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5594] write(3, "1000", 4 [pid 5592] chdir("./file0" [pid 5048] <... umount2 resumed>) = 0 [pid 5594] <... write resumed>) = 4 [pid 5592] <... chdir resumed>) = 0 [pid 5594] close(3 [pid 5592] ioctl(4, LOOP_CLR_FD [pid 5594] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5594] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... openat resumed>) = 3 [pid 5592] <... ioctl resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5594] <... symlink resumed>) = 0 [pid 5592] close(4 [pid 5594] memfd_create("syzkaller", 0 [pid 5592] <... close resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] close(3 [pid 5592] exit_group(0 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5594] <... memfd_create resumed>) = 3 [pid 5592] <... exit_group resumed>) = ? [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5596 [pid 5592] +++ exited with 0 +++ ./strace-static-x86_64: Process 5596 attached [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5592, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5596] set_robust_list(0x555556629660, 24 [pid 5594] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5596] <... set_robust_list resumed>) = 0 [pid 5594] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5596] chdir("./88" [pid 5048] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5596] <... chdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5596] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] getdents64(3, [pid 5596] <... prctl resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./89/binderfs", [pid 5596] setpgid(0, 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5596] <... setpgid resumed>) = 0 [pid 5049] unlink("./89/binderfs" [pid 5048] newfstatat(AT_FDCWD, "./87/file0", [pid 5596] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... unlink resumed>) = 0 [pid 5596] <... openat resumed>) = 3 [pid 5049] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5596] write(3, "1000", 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5596] <... write resumed>) = 4 [pid 5048] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5596] close(3 [pid 5048] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5596] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5596] symlink("/dev/binderfs", "./binderfs" [pid 5048] newfstatat(4, "", [pid 5596] <... symlink resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, [pid 5596] memfd_create("syzkaller", 0 [pid 5593] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5595] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5594] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] close(4) = 0 [pid 5596] <... memfd_create resumed>) = 3 [pid 5048] rmdir("./87/file0" [pid 5596] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5048] rmdir("./87") = 0 [pid 5048] mkdir("./88", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5049] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5597 attached [pid 5049] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5597] set_robust_list(0x555556629660, 24 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5597] <... set_robust_list resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5597] chdir("./88" [pid 5049] <... openat resumed>) = 4 [pid 5597] <... chdir resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5597] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5597] <... prctl resumed>) = 0 [pid 5049] getdents64(4, [pid 5597] setpgid(0, 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5597 [pid 5593] <... write resumed>) = 2097152 [pid 5593] munmap(0x7f3b887a1000, 138412032 [pid 5597] <... setpgid resumed>) = 0 [pid 5597] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5593] <... munmap resumed>) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./89/file0" [pid 5597] <... openat resumed>) = 3 [pid 5049] <... rmdir resumed>) = 0 [pid 5597] write(3, "1000", 4 [pid 5049] getdents64(3, [pid 5597] <... write resumed>) = 4 [pid 5594] <... write resumed>) = 2097152 [pid 5593] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5597] close(3 [pid 5049] close(3) = 0 [pid 5049] rmdir("./89" [pid 5597] <... close resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5597] symlink("/dev/binderfs", "./binderfs" [pid 5049] mkdir("./90", 0777 [pid 5597] <... symlink resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5593] <... openat resumed>) = 4 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5597] memfd_create("syzkaller", 0 [pid 5593] ioctl(4, LOOP_SET_FD, 3 [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5598 attached [pid 5598] set_robust_list(0x555556629660, 24 [pid 5595] <... write resumed>) = 2097152 [pid 5598] <... set_robust_list resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5598 [pid 5598] chdir("./90") = 0 [pid 5598] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5598] setpgid(0, 0) = 0 [pid 5598] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5597] <... memfd_create resumed>) = 3 [pid 5596] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5595] munmap(0x7f3b887a1000, 138412032 [pid 5594] munmap(0x7f3b887a1000, 138412032 [pid 5598] <... openat resumed>) = 3 [pid 5598] write(3, "1000", 4) = 4 [pid 5598] close(3 [pid 5597] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5595] <... munmap resumed>) = 0 [pid 5594] <... munmap resumed>) = 0 [pid 5593] <... ioctl resumed>) = 0 [pid 5598] <... close resumed>) = 0 [pid 5597] <... mmap resumed>) = 0x7f3b887a1000 [pid 5593] close(3 [pid 5598] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5598] memfd_create("syzkaller", 0 [pid 5593] <... close resumed>) = 0 [pid 5593] mkdir("./file0", 0777 [pid 5598] <... memfd_create resumed>) = 3 [pid 5595] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5595] <... openat resumed>) = 4 [pid 5593] <... mkdir resumed>) = 0 [ 108.541180][ T5593] loop0: detected capacity change from 0 to 4096 [pid 5598] <... mmap resumed>) = 0x7f3b887a1000 [pid 5595] ioctl(4, LOOP_SET_FD, 3 [pid 5594] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5593] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5594] <... openat resumed>) = 4 [pid 5594] ioctl(4, LOOP_SET_FD, 3 [pid 5596] <... write resumed>) = 2097152 [pid 5596] munmap(0x7f3b887a1000, 138412032 [pid 5595] <... ioctl resumed>) = 0 [pid 5595] close(3) = 0 [pid 5595] mkdir("./file0", 0777) = 0 [pid 5595] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5596] <... munmap resumed>) = 0 [pid 5594] <... ioctl resumed>) = 0 [pid 5594] close(3 [pid 5597] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5594] <... close resumed>) = 0 [pid 5596] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 108.586466][ T5595] loop5: detected capacity change from 0 to 4096 [ 108.587237][ T5593] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 108.606599][ T5594] loop4: detected capacity change from 0 to 4096 [ 108.621221][ T5595] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5596] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5596] close(3 [pid 5594] mkdir("./file0", 0777 [pid 5596] <... close resumed>) = 0 [pid 5594] <... mkdir resumed>) = 0 [pid 5596] mkdir("./file0", 0777 [pid 5597] <... write resumed>) = 2097152 [pid 5596] <... mkdir resumed>) = 0 [pid 5594] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5598] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5597] munmap(0x7f3b887a1000, 138412032 [pid 5595] <... mount resumed>) = 0 [pid 5596] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5595] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5597] <... munmap resumed>) = 0 [ 108.635738][ T5596] loop3: detected capacity change from 0 to 4096 [ 108.669465][ T5594] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5598] <... write resumed>) = 2097152 [pid 5597] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5595] <... openat resumed>) = 3 [pid 5598] munmap(0x7f3b887a1000, 138412032 [pid 5597] <... openat resumed>) = 4 [pid 5595] chdir("./file0") = 0 [pid 5595] ioctl(4, LOOP_CLR_FD) = 0 [pid 5597] ioctl(4, LOOP_SET_FD, 3 [pid 5598] <... munmap resumed>) = 0 [pid 5595] close(4 [pid 5593] <... mount resumed>) = 0 [pid 5595] <... close resumed>) = 0 [pid 5595] exit_group(0 [pid 5593] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5595] <... exit_group resumed>) = ? [pid 5593] <... openat resumed>) = 3 [pid 5595] +++ exited with 0 +++ [pid 5593] chdir("./file0") = 0 [pid 5594] <... mount resumed>) = 0 [pid 5593] ioctl(4, LOOP_CLR_FD [pid 5594] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5593] <... ioctl resumed>) = 0 [pid 5594] <... openat resumed>) = 3 [pid 5593] close(4 [pid 5594] chdir("./file0" [pid 5593] <... close resumed>) = 0 [pid 5594] <... chdir resumed>) = 0 [pid 5594] ioctl(4, LOOP_CLR_FD [pid 5593] exit_group(0 [pid 5594] <... ioctl resumed>) = 0 [pid 5594] close(4) = 0 [pid 5594] exit_group(0 [pid 5593] <... exit_group resumed>) = ? [pid 5598] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5594] <... exit_group resumed>) = ? [pid 5593] +++ exited with 0 +++ [pid 5598] <... openat resumed>) = 4 [pid 5598] ioctl(4, LOOP_SET_FD, 3 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5593, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5047] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5595, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5594] +++ exited with 0 +++ [pid 5052] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5594, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5047] getdents64(3, [pid 5052] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", [pid 5047] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] umount2("./86", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(3, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./89/binderfs", [pid 5597] <... ioctl resumed>) = 0 [pid 5596] <... mount resumed>) = 0 [pid 5052] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... openat resumed>) = 3 [pid 5047] unlink("./89/binderfs" [pid 5598] <... ioctl resumed>) = 0 [pid 5596] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5051] newfstatat(3, "", [pid 5047] <... unlink resumed>) = 0 [pid 5598] close(3 [pid 5597] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5598] <... close resumed>) = 0 [pid 5597] <... close resumed>) = 0 [pid 5596] <... openat resumed>) = 3 [pid 5052] unlink("./86/binderfs" [pid 5598] mkdir("./file0", 0777 [pid 5597] mkdir("./file0", 0777 [pid 5596] chdir("./file0" [pid 5052] <... unlink resumed>) = 0 [pid 5051] getdents64(3, [pid 5052] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5598] <... mkdir resumed>) = 0 [pid 5597] <... mkdir resumed>) = 0 [pid 5597] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5598] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5596] <... chdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5596] ioctl(4, LOOP_CLR_FD [ 108.679369][ T5596] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 108.700776][ T5597] loop1: detected capacity change from 0 to 4096 [ 108.716032][ T5598] loop2: detected capacity change from 0 to 4096 [pid 5051] umount2("./86/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5596] <... ioctl resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5596] close(4) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5596] exit_group(0 [pid 5051] unlink("./86/binderfs" [pid 5052] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... unlink resumed>) = 0 [pid 5596] <... exit_group resumed>) = ? [pid 5051] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./86/file0", [pid 5047] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5596] +++ exited with 0 +++ [pid 5052] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(AT_FDCWD, "./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./89/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3 [pid 5052] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5596, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5047] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5047] rmdir("./89" [pid 5050] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] newfstatat(4, "", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... rmdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5052] getdents64(4, [pid 5050] newfstatat(3, "", [pid 5047] mkdir("./90", 0777 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(3, [pid 5047] <... mkdir resumed>) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] close(4 [pid 5047] close(3 [pid 5052] <... close resumed>) = 0 [pid 5047] <... close resumed>) = 0 [ 108.749403][ T5598] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 108.752805][ T5597] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5052] rmdir("./86/file0" [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5598] <... mount resumed>) = 0 [pid 5598] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5598] chdir("./file0" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./88/binderfs", [pid 5598] <... chdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] getdents64(3, [pid 5598] ioctl(4, LOOP_CLR_FD) = 0 [pid 5598] close(4 [pid 5050] unlink("./88/binderfs" [pid 5598] <... close resumed>) = 0 ./strace-static-x86_64: Process 5599 attached [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5599 [pid 5050] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] close(3 [pid 5599] set_robust_list(0x555556629660, 24 [pid 5052] <... close resumed>) = 0 [pid 5599] <... set_robust_list resumed>) = 0 [pid 5052] rmdir("./86" [pid 5599] chdir("./90" [pid 5598] exit_group(0 [pid 5052] <... rmdir resumed>) = 0 [pid 5599] <... chdir resumed>) = 0 [pid 5598] <... exit_group resumed>) = ? [pid 5599] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5599] setpgid(0, 0) = 0 [pid 5052] mkdir("./87", 0777 [pid 5599] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5052] <... mkdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 3 [pid 5051] newfstatat(AT_FDCWD, "./86/file0", [pid 5599] write(3, "1000", 4 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5599] <... write resumed>) = 4 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5599] close(3 [pid 5052] close(3 [pid 5599] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5599] symlink("/dev/binderfs", "./binderfs" [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5599] <... symlink resumed>) = 0 [pid 5598] +++ exited with 0 +++ [pid 5051] umount2("./86/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5600 attached [pid 5599] memfd_create("syzkaller", 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5598, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5600] set_robust_list(0x555556629660, 24 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5049] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5600] <... set_robust_list resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5600] chdir("./87" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5600] <... chdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5600] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5599] <... memfd_create resumed>) = 3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5599] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5599] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5600] <... prctl resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5600 [pid 5049] newfstatat(AT_FDCWD, "./90/binderfs", [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5600] setpgid(0, 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5600] <... setpgid resumed>) = 0 [pid 5049] unlink("./90/binderfs" [pid 5600] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... unlink resumed>) = 0 [pid 5600] <... openat resumed>) = 3 [pid 5051] <... openat resumed>) = 4 [pid 5049] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(4, "", [pid 5600] write(3, "1000", 4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5600] <... write resumed>) = 4 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5600] close(3 [pid 5051] getdents64(4, [pid 5600] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5600] symlink("/dev/binderfs", "./binderfs" [pid 5051] close(4 [pid 5600] <... symlink resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5051] rmdir("./86/file0" [pid 5600] memfd_create("syzkaller", 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5600] <... memfd_create resumed>) = 3 [pid 5051] getdents64(3, [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] newfstatat(AT_FDCWD, "./88/file0", [pid 5051] close(3) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] rmdir("./86" [pid 5600] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] mkdir("./87", 0777 [pid 5050] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... mkdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] <... openat resumed>) = 4 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] newfstatat(4, "", [pid 5051] close(3) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5601 attached [pid 5050] getdents64(4, [pid 5601] set_robust_list(0x555556629660, 24 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./88/file0" [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5601 [pid 5050] <... rmdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5601] <... set_robust_list resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5601] chdir("./87" [pid 5050] close(3) = 0 [pid 5050] rmdir("./88" [pid 5601] <... chdir resumed>) = 0 [pid 5601] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... rmdir resumed>) = 0 [pid 5049] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5601] <... prctl resumed>) = 0 [pid 5050] mkdir("./89", 0777 [pid 5601] setpgid(0, 0 [pid 5597] <... mount resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5601] <... setpgid resumed>) = 0 [pid 5601] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] newfstatat(AT_FDCWD, "./90/file0", [pid 5601] <... openat resumed>) = 3 [pid 5597] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5601] write(3, "1000", 4) = 4 [pid 5601] close(3 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5601] <... close resumed>) = 0 [pid 5601] symlink("/dev/binderfs", "./binderfs" [pid 5597] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 3 [pid 5049] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5601] <... symlink resumed>) = 0 [pid 5599] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5597] chdir("./file0" [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5597] <... chdir resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5601] memfd_create("syzkaller", 0 [pid 5597] ioctl(4, LOOP_CLR_FD [pid 5050] close(3 [pid 5049] <... openat resumed>) = 4 [pid 5597] <... ioctl resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5597] close(4 [pid 5049] newfstatat(4, "", [pid 5601] <... memfd_create resumed>) = 3 [pid 5597] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5601] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5597] exit_group(0 [pid 5049] getdents64(4, [pid 5601] <... mmap resumed>) = 0x7f3b887a1000 [pid 5597] <... exit_group resumed>) = ? [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5597] +++ exited with 0 +++ [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4./strace-static-x86_64: Process 5602 attached ) = 0 [pid 5602] set_robust_list(0x555556629660, 24 [pid 5600] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5602 [pid 5049] rmdir("./90/file0" [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5597, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5602] <... set_robust_list resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5602] chdir("./89" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5602] <... chdir resumed>) = 0 [pid 5049] close(3 [pid 5048] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... close resumed>) = 0 [pid 5602] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] rmdir("./90" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... rmdir resumed>) = 0 [pid 5049] mkdir("./91", 0777 [pid 5602] <... prctl resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5602] setpgid(0, 0 [pid 5048] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5602] <... setpgid resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5602] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5599] <... write resumed>) = 2097152 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5602] <... openat resumed>) = 3 [pid 5599] munmap(0x7f3b887a1000, 138412032 [pid 5048] getdents64(3, [pid 5602] write(3, "1000", 4) = 4 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5602] close(3 [pid 5048] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5602] <... close resumed>) = 0 [pid 5602] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... openat resumed>) = 3 [pid 5602] <... symlink resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] newfstatat(AT_FDCWD, "./88/binderfs", [pid 5049] close(3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5603 [pid 5048] unlink("./88/binderfs" [pid 5602] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5603 attached ) = 3 [pid 5048] <... unlink resumed>) = 0 [pid 5603] set_robust_list(0x555556629660, 24 [pid 5602] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5599] <... munmap resumed>) = 0 [pid 5048] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5603] <... set_robust_list resumed>) = 0 [pid 5603] chdir("./91") = 0 [pid 5603] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5603] setpgid(0, 0) = 0 [pid 5602] <... mmap resumed>) = 0x7f3b887a1000 [pid 5603] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5603] write(3, "1000", 4) = 4 [pid 5599] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5603] close(3 [pid 5600] <... write resumed>) = 2097152 [pid 5599] <... openat resumed>) = 4 [pid 5600] munmap(0x7f3b887a1000, 138412032 [pid 5603] <... close resumed>) = 0 [pid 5600] <... munmap resumed>) = 0 [pid 5599] ioctl(4, LOOP_SET_FD, 3 [pid 5603] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5603] memfd_create("syzkaller", 0) = 3 [pid 5603] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5601] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5603] <... mmap resumed>) = 0x7f3b887a1000 [pid 5600] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5600] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... umount2 resumed>) = 0 [pid 5600] <... ioctl resumed>) = 0 [pid 5599] <... ioctl resumed>) = 0 [pid 5599] close(3 [pid 5048] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5599] <... close resumed>) = 0 [pid 5599] mkdir("./file0", 0777 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5599] <... mkdir resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./88/file0", [pid 5600] close(3 [pid 5599] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5600] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5600] mkdir("./file0", 0777 [pid 5048] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5600] <... mkdir resumed>) = 0 [pid 5602] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 109.068187][ T5599] loop0: detected capacity change from 0 to 4096 [ 109.092806][ T5600] loop5: detected capacity change from 0 to 4096 [pid 5600] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5048] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5603] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5601] <... write resumed>) = 2097152 [pid 5601] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./88/file0" [pid 5601] <... munmap resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./88") = 0 [pid 5601] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 109.130291][ T5599] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 109.150166][ T5600] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5601] ioctl(4, LOOP_SET_FD, 3 [pid 5048] mkdir("./89", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5603] <... write resumed>) = 2097152 [pid 5602] <... write resumed>) = 2097152 [pid 5601] <... ioctl resumed>) = 0 [pid 5048] close(3 [pid 5602] munmap(0x7f3b887a1000, 138412032 [pid 5601] close(3 [pid 5048] <... close resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5604 attached [pid 5602] <... munmap resumed>) = 0 [pid 5601] <... close resumed>) = 0 [pid 5599] <... mount resumed>) = 0 [pid 5603] munmap(0x7f3b887a1000, 138412032 [pid 5602] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5601] mkdir("./file0", 0777 [pid 5599] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5602] <... openat resumed>) = 4 [pid 5601] <... mkdir resumed>) = 0 [pid 5599] <... openat resumed>) = 3 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5604 [pid 5604] set_robust_list(0x555556629660, 24 [pid 5603] <... munmap resumed>) = 0 [pid 5602] ioctl(4, LOOP_SET_FD, 3 [pid 5601] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5600] <... mount resumed>) = 0 [ 109.181099][ T5601] loop4: detected capacity change from 0 to 4096 [pid 5599] chdir("./file0" [pid 5604] <... set_robust_list resumed>) = 0 [pid 5603] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5600] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5600] chdir("./file0") = 0 [pid 5600] ioctl(4, LOOP_CLR_FD) = 0 [pid 5600] close(4) = 0 [pid 5600] exit_group(0) = ? [pid 5600] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5600, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5604] chdir("./89" [pid 5603] <... openat resumed>) = 4 [pid 5599] <... chdir resumed>) = 0 [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5604] <... chdir resumed>) = 0 [pid 5602] <... ioctl resumed>) = 0 [pid 5052] <... restart_syscall resumed>) = 0 [pid 5052] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5604] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5603] ioctl(4, LOOP_SET_FD, 3 [pid 5602] close(3 [pid 5599] ioctl(4, LOOP_CLR_FD [pid 5052] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5604] <... prctl resumed>) = 0 [pid 5603] <... ioctl resumed>) = 0 [pid 5602] <... close resumed>) = 0 [pid 5599] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5604] setpgid(0, 0 [pid 5603] close(3 [pid 5602] mkdir("./file0", 0777 [pid 5599] close(4 [pid 5052] newfstatat(AT_FDCWD, "./87/binderfs", [pid 5604] <... setpgid resumed>) = 0 [pid 5603] <... close resumed>) = 0 [pid 5602] <... mkdir resumed>) = 0 [pid 5599] <... close resumed>) = 0 [ 109.225449][ T5602] loop3: detected capacity change from 0 to 4096 [ 109.242465][ T5601] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 109.252594][ T5603] loop2: detected capacity change from 0 to 4096 [pid 5604] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5603] mkdir("./file0", 0777 [pid 5602] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5599] exit_group(0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5604] <... openat resumed>) = 3 [pid 5603] <... mkdir resumed>) = 0 [pid 5601] <... mount resumed>) = 0 [pid 5052] unlink("./87/binderfs" [pid 5601] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5604] write(3, "1000", 4 [pid 5603] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5601] <... openat resumed>) = 3 [pid 5599] <... exit_group resumed>) = ? [pid 5052] <... unlink resumed>) = 0 [pid 5604] <... write resumed>) = 4 [pid 5601] chdir("./file0" [pid 5599] +++ exited with 0 +++ [pid 5052] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5604] close(3 [pid 5601] <... chdir resumed>) = 0 [pid 5601] ioctl(4, LOOP_CLR_FD [pid 5604] <... close resumed>) = 0 [pid 5604] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5599, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5604] memfd_create("syzkaller", 0 [pid 5601] <... ioctl resumed>) = 0 [pid 5047] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5601] close(4 [pid 5047] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5601] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5601] exit_group(0 [pid 5047] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5601] <... exit_group resumed>) = ? [pid 5047] <... openat resumed>) = 3 [pid 5604] <... memfd_create resumed>) = 3 [pid 5047] newfstatat(3, "", [pid 5604] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5604] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5601] +++ exited with 0 +++ [pid 5047] newfstatat(AT_FDCWD, "./90/binderfs", [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5601, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... restart_syscall resumed>) = 0 [pid 5047] unlink("./90/binderfs" [pid 5052] newfstatat(AT_FDCWD, "./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5052] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] umount2("./87", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 4 [pid 5051] <... openat resumed>) = 3 [pid 5047] newfstatat(AT_FDCWD, "./90/file0", [pid 5051] newfstatat(3, "", [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(3, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] umount2("./87/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(4, "", [pid 5051] newfstatat(AT_FDCWD, "./87/binderfs", [pid 5052] newfstatat(4, "", [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] unlink("./87/binderfs" [pid 5047] getdents64(4, [pid 5052] getdents64(4, [pid 5051] <... unlink resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, [ 109.268319][ T5602] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 109.282902][ T5603] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5047] getdents64(4, [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5047] close(4 [pid 5052] rmdir("./87/file0" [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./90/file0" [pid 5052] <... rmdir resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] rmdir("./90" [pid 5052] close(3 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] mkdir("./91", 0777 [pid 5052] <... close resumed>) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5052] rmdir("./87") = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] mkdir("./88", 0777 [pid 5603] <... mount resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5603] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5603] chdir("./file0") = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5603] ioctl(4, LOOP_CLR_FD [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5603] <... ioctl resumed>) = 0 [pid 5047] close(3 [pid 5603] close(4 [pid 5047] <... close resumed>) = 0 [pid 5603] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5603] exit_group(0 [pid 5602] <... mount resumed>) = 0 [pid 5603] <... exit_group resumed>) = ? [pid 5603] +++ exited with 0 +++ [pid 5051] <... umount2 resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5605 ./strace-static-x86_64: Process 5605 attached [pid 5605] set_robust_list(0x555556629660, 24) = 0 [pid 5602] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5605] chdir("./91" [pid 5602] <... openat resumed>) = 3 [pid 5052] <... openat resumed>) = 3 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5603, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5605] <... chdir resumed>) = 0 [pid 5602] chdir("./file0" [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5605] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5605] setpgid(0, 0 [pid 5602] <... chdir resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5605] <... setpgid resumed>) = 0 [pid 5605] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5602] ioctl(4, LOOP_CLR_FD [pid 5052] close(3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5605] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5051] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5605] write(3, "1000", 4 [pid 5602] <... ioctl resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5605] <... write resumed>) = 4 [pid 5602] close(4 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] newfstatat(AT_FDCWD, "./87/file0", [pid 5049] <... openat resumed>) = 3 [pid 5605] close(3 [pid 5602] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] newfstatat(3, "", [pid 5605] <... close resumed>) = 0 [pid 5051] umount2("./87/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5605] symlink("/dev/binderfs", "./binderfs" [pid 5602] exit_group(0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5605] <... symlink resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5605] memfd_create("syzkaller", 0 [pid 5602] <... exit_group resumed>) = ? [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5606 [pid 5051] <... openat resumed>) = 4 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5605] <... memfd_create resumed>) = 3 [pid 5051] newfstatat(4, "", [pid 5049] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5605] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5602] +++ exited with 0 +++ [pid 5051] getdents64(4, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5605] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] newfstatat(AT_FDCWD, "./91/binderfs", ./strace-static-x86_64: Process 5606 attached [pid 5604] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] getdents64(4, [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5602, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5606] set_robust_list(0x555556629660, 24 [pid 5051] close(4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] unlink("./91/binderfs" [pid 5051] rmdir("./87/file0" [pid 5050] <... openat resumed>) = 3 [pid 5049] <... unlink resumed>) = 0 [pid 5606] <... set_robust_list resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5050] newfstatat(3, "", [pid 5606] chdir("./88" [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] close(3 [pid 5050] getdents64(3, [pid 5051] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] rmdir("./87" [pid 5050] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5606] <... chdir resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5606] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] mkdir("./88", 0777 [pid 5050] newfstatat(AT_FDCWD, "./89/binderfs", [pid 5606] <... prctl resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5606] setpgid(0, 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] unlink("./89/binderfs" [pid 5606] <... setpgid resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] <... unlink resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5607 attached [pid 5606] <... openat resumed>) = 3 [pid 5607] set_robust_list(0x555556629660, 24 [pid 5606] write(3, "1000", 4) = 4 [pid 5606] close(3 [pid 5607] <... set_robust_list resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5607 [pid 5607] chdir("./88") = 0 [pid 5607] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5606] <... close resumed>) = 0 [pid 5607] <... prctl resumed>) = 0 [pid 5607] setpgid(0, 0) = 0 [pid 5606] symlink("/dev/binderfs", "./binderfs" [pid 5607] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5606] <... symlink resumed>) = 0 [pid 5607] write(3, "1000", 4) = 4 [pid 5607] close(3) = 0 [pid 5607] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5049] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./91/file0", [pid 5607] memfd_create("syzkaller", 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5607] <... memfd_create resumed>) = 3 [pid 5606] memfd_create("syzkaller", 0 [pid 5604] <... write resumed>) = 2097152 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5607] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5606] <... memfd_create resumed>) = 3 [pid 5049] newfstatat(4, "", [pid 5606] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5606] <... mmap resumed>) = 0x7f3b887a1000 [pid 5605] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5604] munmap(0x7f3b887a1000, 138412032 [pid 5050] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5604] <... munmap resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] newfstatat(AT_FDCWD, "./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5604] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] <... openat resumed>) = 4 [pid 5049] getdents64(4, [pid 5604] <... openat resumed>) = 4 [pid 5050] newfstatat(4, "", [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5604] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./89/file0" [pid 5049] close(4 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] rmdir("./91/file0" [pid 5050] close(3) = 0 [pid 5050] rmdir("./89" [pid 5049] <... rmdir resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5050] mkdir("./90", 0777 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5049] close(3 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... close resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5049] rmdir("./91" [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... rmdir resumed>) = 0 [pid 5604] <... ioctl resumed>) = 0 [pid 5604] close(3) = 0 [pid 5604] mkdir("./file0", 0777) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5608 [ 109.540510][ T5604] loop1: detected capacity change from 0 to 4096 [pid 5604] mount("/dev/loop1", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 5608 attached [pid 5049] mkdir("./92", 0777 [pid 5608] set_robust_list(0x555556629660, 24) = 0 [pid 5608] chdir("./90") = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5608] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5605] <... write resumed>) = 2097152 [pid 5049] <... openat resumed>) = 3 [pid 5608] <... prctl resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5608] setpgid(0, 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5608] <... setpgid resumed>) = 0 [pid 5049] close(3 [pid 5608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5607] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5609 attached [pid 5608] <... openat resumed>) = 3 [pid 5605] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5608] write(3, "1000", 4 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5609 [pid 5609] set_robust_list(0x555556629660, 24) = 0 [pid 5608] <... write resumed>) = 4 [pid 5608] close(3 [pid 5606] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5609] chdir("./92" [pid 5608] <... close resumed>) = 0 [pid 5608] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5609] <... chdir resumed>) = 0 [pid 5609] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5608] memfd_create("syzkaller", 0 [ 109.582955][ T5604] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5605] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5609] <... prctl resumed>) = 0 [pid 5609] setpgid(0, 0) = 0 [pid 5608] <... memfd_create resumed>) = 3 [pid 5605] ioctl(4, LOOP_SET_FD, 3 [pid 5609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5608] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5604] <... mount resumed>) = 0 [pid 5609] <... openat resumed>) = 3 [pid 5604] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5604] chdir("./file0") = 0 [pid 5604] ioctl(4, LOOP_CLR_FD) = 0 [pid 5604] close(4) = 0 [pid 5604] exit_group(0) = ? [pid 5604] +++ exited with 0 +++ [pid 5605] <... ioctl resumed>) = 0 [pid 5605] close(3) = 0 [pid 5605] mkdir("./file0", 0777) = 0 [pid 5605] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5609] write(3, "1000", 4 [pid 5607] <... write resumed>) = 2097152 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5604, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5609] <... write resumed>) = 4 [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5609] close(3 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5609] <... close resumed>) = 0 [pid 5048] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5609] symlink("/dev/binderfs", "./binderfs" [pid 5607] munmap(0x7f3b887a1000, 138412032 [pid 5609] <... symlink resumed>) = 0 [pid 5607] <... munmap resumed>) = 0 [pid 5606] <... write resumed>) = 2097152 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5607] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5609] memfd_create("syzkaller", 0 [pid 5048] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5607] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... openat resumed>) = 3 [ 109.647351][ T5605] loop0: detected capacity change from 0 to 4096 [ 109.679277][ T5605] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5609] <... memfd_create resumed>) = 3 [pid 5607] <... ioctl resumed>) = 0 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5609] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5609] <... mmap resumed>) = 0x7f3b887a1000 [pid 5606] munmap(0x7f3b887a1000, 138412032 [pid 5048] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./89/binderfs") = 0 [pid 5048] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5606] <... munmap resumed>) = 0 [pid 5048] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5607] close(3 [pid 5605] <... mount resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5608] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5607] <... close resumed>) = 0 [pid 5606] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5048] <... openat resumed>) = 4 [pid 5607] mkdir("./file0", 0777 [pid 5606] <... openat resumed>) = 4 [pid 5605] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] newfstatat(4, "", [pid 5606] ioctl(4, LOOP_SET_FD, 3 [pid 5605] <... openat resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5607] <... mkdir resumed>) = 0 [pid 5605] chdir("./file0" [ 109.702933][ T5607] loop4: detected capacity change from 0 to 4096 [pid 5048] getdents64(4, [pid 5605] <... chdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, [pid 5607] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5605] ioctl(4, LOOP_CLR_FD [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5605] <... ioctl resumed>) = 0 [pid 5048] close(4 [pid 5605] close(4 [pid 5048] <... close resumed>) = 0 [pid 5605] <... close resumed>) = 0 [pid 5048] rmdir("./89/file0") = 0 [pid 5605] exit_group(0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5605] <... exit_group resumed>) = ? [pid 5048] <... close resumed>) = 0 [pid 5605] +++ exited with 0 +++ [pid 5048] rmdir("./89") = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5605, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5048] mkdir("./90", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5047] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] newfstatat(3, "", [pid 5048] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5606] <... ioctl resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5047] getdents64(3, [pid 5606] close(3 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5606] <... close resumed>) = 0 [pid 5606] mkdir("./file0", 0777./strace-static-x86_64: Process 5610 attached [pid 5047] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5610] set_robust_list(0x555556629660, 24 [pid 5606] <... mkdir resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5610 [ 109.745011][ T5606] loop5: detected capacity change from 0 to 4096 [ 109.750683][ T5607] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5610] <... set_robust_list resumed>) = 0 [pid 5610] chdir("./90" [pid 5606] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5047] newfstatat(AT_FDCWD, "./91/binderfs", [pid 5610] <... chdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5610] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5609] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5608] <... write resumed>) = 2097152 [pid 5047] unlink("./91/binderfs" [pid 5610] <... prctl resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5610] setpgid(0, 0 [pid 5047] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5610] <... setpgid resumed>) = 0 [pid 5610] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5608] munmap(0x7f3b887a1000, 138412032 [pid 5607] <... mount resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5608] <... munmap resumed>) = 0 [pid 5607] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5610] <... openat resumed>) = 3 [pid 5608] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5607] <... openat resumed>) = 3 [pid 5047] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5607] chdir("./file0" [pid 5608] <... openat resumed>) = 4 [pid 5607] <... chdir resumed>) = 0 [pid 5608] ioctl(4, LOOP_SET_FD, 3 [pid 5607] ioctl(4, LOOP_CLR_FD [pid 5610] write(3, "1000", 4 [pid 5607] <... ioctl resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 109.806836][ T5606] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5610] <... write resumed>) = 4 [pid 5047] newfstatat(AT_FDCWD, "./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5610] close(3 [pid 5047] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5610] <... close resumed>) = 0 [pid 5610] symlink("/dev/binderfs", "./binderfs" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5610] <... symlink resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, [pid 5610] memfd_create("syzkaller", 0 [pid 5607] close(4 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5607] <... close resumed>) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./91/file0") = 0 [pid 5607] exit_group(0 [pid 5047] getdents64(3, [pid 5607] <... exit_group resumed>) = ? [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./91") = 0 [pid 5047] mkdir("./92", 0777 [pid 5610] <... memfd_create resumed>) = 3 [pid 5047] <... mkdir resumed>) = 0 [pid 5608] <... ioctl resumed>) = 0 [pid 5610] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5607] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5607, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5051] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5610] <... mmap resumed>) = 0x7f3b887a1000 [pid 5608] close(3 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5609] <... write resumed>) = 2097152 [pid 5608] <... close resumed>) = 0 [pid 5608] mkdir("./file0", 0777 [pid 5051] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5608] <... mkdir resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5611 attached [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5611] set_robust_list(0x555556629660, 24 [pid 5051] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5611] <... set_robust_list resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5611] chdir("./92" [pid 5608] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] newfstatat(3, "", [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5611 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5611] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5611] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] newfstatat(AT_FDCWD, "./88/binderfs", [pid 5611] <... prctl resumed>) = 0 [pid 5609] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./88/binderfs") = 0 [pid 5051] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 109.851249][ T5608] loop3: detected capacity change from 0 to 4096 [pid 5611] setpgid(0, 0) = 0 [pid 5611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5609] <... munmap resumed>) = 0 [pid 5606] <... mount resumed>) = 0 [pid 5606] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5611] <... openat resumed>) = 3 [pid 5611] write(3, "1000", 4) = 4 [pid 5606] <... openat resumed>) = 3 [pid 5611] close(3 [pid 5609] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5606] chdir("./file0" [pid 5611] <... close resumed>) = 0 [pid 5609] <... openat resumed>) = 4 [pid 5606] <... chdir resumed>) = 0 [pid 5611] symlink("/dev/binderfs", "./binderfs" [pid 5606] ioctl(4, LOOP_CLR_FD [pid 5611] <... symlink resumed>) = 0 [pid 5609] ioctl(4, LOOP_SET_FD, 3 [pid 5606] <... ioctl resumed>) = 0 [pid 5606] close(4) = 0 [pid 5611] memfd_create("syzkaller", 0 [pid 5609] <... ioctl resumed>) = 0 [pid 5606] exit_group(0) = ? [pid 5609] close(3 [pid 5611] <... memfd_create resumed>) = 3 [pid 5609] <... close resumed>) = 0 [pid 5609] mkdir("./file0", 0777 [pid 5611] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5609] <... mkdir resumed>) = 0 [pid 5606] +++ exited with 0 +++ [pid 5611] <... mmap resumed>) = 0x7f3b887a1000 [pid 5609] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5606, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5052] umount2("./88", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, [pid 5610] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./88/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = 0 [ 109.905544][ T5608] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 109.940286][ T5609] loop2: detected capacity change from 0 to 4096 [pid 5051] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./88/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./88/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./88" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5052] unlink("./88/binderfs") = 0 [pid 5051] mkdir("./89", 0777 [pid 5052] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... mkdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5052] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./88/file0", [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5608] <... mount resumed>) = 0 [pid 5608] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 5612 attached ) = 3 [pid 5612] set_robust_list(0x555556629660, 24 [pid 5608] chdir("./file0" [pid 5612] <... set_robust_list resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5612 [pid 5612] chdir("./89" [pid 5608] <... chdir resumed>) = 0 [pid 5608] ioctl(4, LOOP_CLR_FD) = 0 [pid 5608] close(4 [pid 5612] <... chdir resumed>) = 0 [pid 5612] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5608] <... close resumed>) = 0 [pid 5608] exit_group(0) = ? [pid 5612] <... prctl resumed>) = 0 [ 109.985099][ T5609] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5612] setpgid(0, 0) = 0 [pid 5612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5608] +++ exited with 0 +++ [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5608, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5612] <... openat resumed>) = 3 [pid 5050] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5612] write(3, "1000", 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", [pid 5612] <... write resumed>) = 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5612] close(3 [pid 5050] getdents64(3, [pid 5612] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5612] symlink("/dev/binderfs", "./binderfs" [pid 5610] <... write resumed>) = 2097152 [pid 5050] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5612] <... symlink resumed>) = 0 [pid 5612] memfd_create("syzkaller", 0 [pid 5611] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] newfstatat(AT_FDCWD, "./90/binderfs", [pid 5052] umount2("./88/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] unlink("./90/binderfs" [pid 5052] <... openat resumed>) = 4 [pid 5050] <... unlink resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5050] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5612] <... memfd_create resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] getdents64(4, [pid 5612] <... mmap resumed>) = 0x7f3b887a1000 [pid 5610] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, [pid 5609] <... mount resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5610] <... munmap resumed>) = 0 [pid 5609] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] rmdir("./88/file0") = 0 [pid 5610] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5610] ioctl(4, LOOP_SET_FD, 3 [pid 5609] <... openat resumed>) = 3 [pid 5609] chdir("./file0" [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5609] <... chdir resumed>) = 0 [pid 5052] close(3 [pid 5609] ioctl(4, LOOP_CLR_FD) = 0 [pid 5052] <... close resumed>) = 0 [pid 5609] close(4) = 0 [pid 5052] rmdir("./88") = 0 [pid 5609] exit_group(0 [pid 5052] mkdir("./89", 0777 [pid 5609] <... exit_group resumed>) = ? [pid 5609] +++ exited with 0 +++ [pid 5052] <... mkdir resumed>) = 0 [pid 5610] <... ioctl resumed>) = 0 [pid 5610] close(3) = 0 [pid 5610] mkdir("./file0", 0777) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5609, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5610] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5611] <... write resumed>) = 2097152 [pid 5052] <... openat resumed>) = 3 [pid 5050] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] newfstatat(AT_FDCWD, "./90/file0", [pid 5049] <... openat resumed>) = 3 [pid 5052] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] newfstatat(3, "", [pid 5052] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5611] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5613 [pid 5050] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... openat resumed>) = 4 [pid 5049] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5613 attached [pid 5050] newfstatat(4, "", [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5613] set_robust_list(0x555556629660, 24 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] newfstatat(AT_FDCWD, "./92/binderfs", [pid 5050] getdents64(4, [pid 5613] <... set_robust_list resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5613] chdir("./89" [pid 5050] getdents64(4, [pid 5049] unlink("./92/binderfs" [pid 5613] <... chdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5613] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... unlink resumed>) = 0 [pid 5613] <... prctl resumed>) = 0 [pid 5612] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5611] <... munmap resumed>) = 0 [pid 5050] close(4 [pid 5049] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5613] setpgid(0, 0 [pid 5611] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5613] <... setpgid resumed>) = 0 [pid 5611] <... openat resumed>) = 4 [pid 5050] <... close resumed>) = 0 [ 110.101661][ T5610] loop1: detected capacity change from 0 to 4096 [ 110.132560][ T5610] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5613] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5611] ioctl(4, LOOP_SET_FD, 3 [pid 5050] rmdir("./90/file0" [pid 5049] <... umount2 resumed>) = 0 [pid 5613] <... openat resumed>) = 3 [pid 5613] write(3, "1000", 4) = 4 [pid 5613] close(3) = 0 [pid 5613] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5613] memfd_create("syzkaller", 0 [pid 5611] <... ioctl resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(3, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5613] <... memfd_create resumed>) = 3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] newfstatat(AT_FDCWD, "./92/file0", [pid 5613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5613] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... close resumed>) = 0 [pid 5049] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] rmdir("./90" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5611] close(3 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5611] <... close resumed>) = 0 [pid 5050] mkdir("./91", 0777 [pid 5611] mkdir("./file0", 0777 [pid 5049] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", [pid 5611] <... mkdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5611] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5050] <... mkdir resumed>) = 0 [ 110.192891][ T5611] loop0: detected capacity change from 0 to 4096 [pid 5049] getdents64(4, [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5610] <... mount resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5049] getdents64(4, [pid 5610] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5610] <... openat resumed>) = 3 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(4 [pid 5610] chdir("./file0" [pid 5050] close(3 [pid 5049] <... close resumed>) = 0 [pid 5612] <... write resumed>) = 2097152 [pid 5611] <... mount resumed>) = 0 [pid 5610] <... chdir resumed>) = 0 [pid 5049] rmdir("./92/file0" [pid 5610] ioctl(4, LOOP_CLR_FD) = 0 [pid 5610] close(4) = 0 [pid 5610] exit_group(0) = ? [pid 5610] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5610, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5048] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5611] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... close resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5612] munmap(0x7f3b887a1000, 138412032 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] getdents64(3, [pid 5048] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5611] <... openat resumed>) = 3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5612] <... munmap resumed>) = 0 [pid 5611] chdir("./file0" [pid 5049] close(3 [pid 5048] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5614 attached [pid 5611] <... chdir resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5614 [pid 5049] <... close resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5614] set_robust_list(0x555556629660, 24 [pid 5612] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5611] ioctl(4, LOOP_CLR_FD [pid 5049] rmdir("./92" [pid 5614] <... set_robust_list resumed>) = 0 [pid 5612] <... openat resumed>) = 4 [pid 5611] <... ioctl resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5614] chdir("./91" [pid 5612] ioctl(4, LOOP_SET_FD, 3 [pid 5611] close(4 [ 110.239192][ T5611] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5049] mkdir("./93", 0777 [pid 5048] getdents64(3, [pid 5614] <... chdir resumed>) = 0 [pid 5613] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5611] <... close resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5611] exit_group(0 [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5615 [pid 5048] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5614] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5614] setpgid(0, 0 [pid 5048] newfstatat(AT_FDCWD, "./90/binderfs", [pid 5611] <... exit_group resumed>) = ? [pid 5614] <... setpgid resumed>) = 0 [pid 5611] +++ exited with 0 +++ [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5615 attached [pid 5612] <... ioctl resumed>) = 0 [pid 5615] set_robust_list(0x555556629660, 24 [pid 5614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] unlink("./90/binderfs" [pid 5615] <... set_robust_list resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5611, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5048] <... unlink resumed>) = 0 [pid 5615] chdir("./93") = 0 [pid 5047] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5615] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5614] <... openat resumed>) = 3 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5615] <... prctl resumed>) = 0 [pid 5614] write(3, "1000", 4 [pid 5048] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5615] setpgid(0, 0 [pid 5614] <... write resumed>) = 4 [pid 5615] <... setpgid resumed>) = 0 [pid 5614] close(3 [pid 5612] close(3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... openat resumed>) = 3 [pid 5615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5614] <... close resumed>) = 0 [pid 5612] <... close resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./90/file0", [pid 5047] newfstatat(3, "", [pid 5614] symlink("/dev/binderfs", "./binderfs" [pid 5612] mkdir("./file0", 0777 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5615] <... openat resumed>) = 3 [pid 5614] <... symlink resumed>) = 0 [pid 5612] <... mkdir resumed>) = 0 [pid 5048] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5615] write(3, "1000", 4 [pid 5614] memfd_create("syzkaller", 0 [pid 5612] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5047] getdents64(3, [pid 5615] <... write resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 110.298812][ T5612] loop4: detected capacity change from 0 to 4096 [pid 5615] close(3 [pid 5614] <... memfd_create resumed>) = 3 [pid 5048] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5615] <... close resumed>) = 0 [pid 5614] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... openat resumed>) = 4 [pid 5047] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5615] symlink("/dev/binderfs", "./binderfs" [pid 5614] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] newfstatat(4, "", [pid 5615] <... symlink resumed>) = 0 [pid 5613] <... write resumed>) = 2097152 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5615] memfd_create("syzkaller", 0 [pid 5048] getdents64(4, [pid 5047] newfstatat(AT_FDCWD, "./92/binderfs", [pid 5613] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5613] <... munmap resumed>) = 0 [pid 5048] getdents64(4, [pid 5047] unlink("./92/binderfs" [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5047] <... unlink resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./90/file0" [pid 5047] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5613] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5048] rmdir("./90") = 0 [pid 5613] <... openat resumed>) = 4 [pid 5613] ioctl(4, LOOP_SET_FD, 3 [pid 5615] <... memfd_create resumed>) = 3 [pid 5048] mkdir("./91", 0777 [pid 5615] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5615] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5613] <... ioctl resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5612] <... mount resumed>) = 0 [pid 5612] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5612] chdir("./file0") = 0 [pid 5612] ioctl(4, LOOP_CLR_FD) = 0 [pid 5612] close(4) = 0 [pid 5612] exit_group(0) = ? [ 110.355709][ T5612] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 110.390488][ T5613] loop5: detected capacity change from 0 to 4096 [pid 5613] close(3 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5613] <... close resumed>) = 0 [pid 5613] mkdir("./file0", 0777 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5616 [pid 5613] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5616 attached [pid 5613] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5616] set_robust_list(0x555556629660, 24) = 0 [pid 5616] chdir("./91") = 0 [pid 5616] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5614] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5612] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5612, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5616] <... prctl resumed>) = 0 [pid 5616] setpgid(0, 0) = 0 [pid 5616] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5051] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5616] write(3, "1000", 4) = 4 [pid 5616] close(3) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5616] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5616] memfd_create("syzkaller", 0 [pid 5051] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 5616] <... memfd_create resumed>) = 3 [pid 5616] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(AT_FDCWD, "./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] unlink("./89/binderfs" [pid 5047] newfstatat(AT_FDCWD, "./92/file0", [pid 5051] <... unlink resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 110.443038][ T5613] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5047] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5615] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] rmdir("./92/file0") = 0 [pid 5047] getdents64(3, [pid 5614] <... write resumed>) = 2097152 [pid 5613] <... mount resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3 [pid 5614] munmap(0x7f3b887a1000, 138412032 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./92" [pid 5613] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5613] chdir("./file0" [pid 5047] mkdir("./93", 0777 [pid 5613] <... chdir resumed>) = 0 [pid 5613] ioctl(4, LOOP_CLR_FD) = 0 [pid 5613] close(4) = 0 [pid 5613] exit_group(0 [pid 5047] <... mkdir resumed>) = 0 [pid 5613] <... exit_group resumed>) = ? [pid 5613] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5613, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5052] umount2("./89", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5614] <... munmap resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5616] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5614] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] <... openat resumed>) = 3 [pid 5614] <... openat resumed>) = 4 [pid 5052] getdents64(3, [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5614] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] newfstatat(AT_FDCWD, "./89/file0", [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] umount2("./89/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./89/binderfs") = 0 [pid 5052] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5617 attached [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5617 [pid 5614] <... ioctl resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5614] close(3 [pid 5617] set_robust_list(0x555556629660, 24 [pid 5614] <... close resumed>) = 0 [pid 5617] <... set_robust_list resumed>) = 0 [pid 5615] <... write resumed>) = 2097152 [pid 5614] mkdir("./file0", 0777 [pid 5051] <... openat resumed>) = 4 [pid 5617] chdir("./93") = 0 [pid 5614] <... mkdir resumed>) = 0 [ 110.566874][ T5614] loop3: detected capacity change from 0 to 4096 [pid 5051] newfstatat(4, "", [pid 5617] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5615] munmap(0x7f3b887a1000, 138412032 [pid 5614] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5617] <... prctl resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5617] setpgid(0, 0) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5617] write(3, "1000", 4) = 4 [pid 5617] close(3) = 0 [pid 5617] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5617] memfd_create("syzkaller", 0) = 3 [pid 5617] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5615] <... munmap resumed>) = 0 [pid 5051] close(4) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] rmdir("./89/file0" [pid 5615] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... rmdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5615] <... openat resumed>) = 4 [pid 5052] newfstatat(AT_FDCWD, "./89/file0", [pid 5051] getdents64(3, [pid 5615] ioctl(4, LOOP_SET_FD, 3 [pid 5616] <... write resumed>) = 2097152 [pid 5616] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] umount2("./89/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", [pid 5051] close(3 [pid 5615] <... ioctl resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... close resumed>) = 0 [pid 5615] close(3) = 0 [pid 5052] getdents64(4, [pid 5051] rmdir("./89" [pid 5616] <... munmap resumed>) = 0 [pid 5615] mkdir("./file0", 0777 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] mkdir("./90", 0777 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5615] <... mkdir resumed>) = 0 [pid 5052] close(4 [pid 5051] <... mkdir resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] rmdir("./89/file0" [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] <... rmdir resumed>) = 0 [pid 5051] close(3) = 0 [ 110.622467][ T5614] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 110.641429][ T5615] loop2: detected capacity change from 0 to 4096 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5618 attached [pid 5615] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] getdents64(3, [pid 5616] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5618 [pid 5618] set_robust_list(0x555556629660, 24 [pid 5616] <... openat resumed>) = 4 [pid 5052] close(3) = 0 [pid 5616] ioctl(4, LOOP_SET_FD, 3 [pid 5052] rmdir("./89" [pid 5618] <... set_robust_list resumed>) = 0 [pid 5617] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5614] <... mount resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5618] chdir("./90" [pid 5616] <... ioctl resumed>) = 0 [pid 5052] mkdir("./90", 0777 [pid 5618] <... chdir resumed>) = 0 [pid 5616] close(3 [pid 5614] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... mkdir resumed>) = 0 [pid 5618] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5616] <... close resumed>) = 0 [pid 5614] <... openat resumed>) = 3 [pid 5615] <... mount resumed>) = 0 [pid 5618] <... prctl resumed>) = 0 [pid 5616] mkdir("./file0", 0777 [pid 5615] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5614] chdir("./file0" [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5618] setpgid(0, 0 [pid 5616] <... mkdir resumed>) = 0 [pid 5615] <... openat resumed>) = 3 [pid 5614] <... chdir resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5618] <... setpgid resumed>) = 0 [pid 5615] chdir("./file0" [pid 5618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5616] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5615] <... chdir resumed>) = 0 [pid 5614] ioctl(4, LOOP_CLR_FD [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5618] <... openat resumed>) = 3 [pid 5615] ioctl(4, LOOP_CLR_FD [pid 5614] <... ioctl resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5618] write(3, "1000", 4 [pid 5615] <... ioctl resumed>) = 0 [pid 5618] <... write resumed>) = 4 [pid 5615] close(4 [pid 5614] close(4 [pid 5052] close(3 [pid 5618] close(3) = 0 [pid 5618] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5615] <... close resumed>) = 0 [pid 5618] memfd_create("syzkaller", 0 [pid 5615] exit_group(0 [pid 5614] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5614] exit_group(0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5618] <... memfd_create resumed>) = 3 [pid 5615] <... exit_group resumed>) = ? [pid 5618] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5617] <... write resumed>) = 2097152 [pid 5615] +++ exited with 0 +++ [pid 5618] <... mmap resumed>) = 0x7f3b887a1000 [pid 5617] munmap(0x7f3b887a1000, 138412032 [pid 5616] <... mount resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5615, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5614] <... exit_group resumed>) = ? [ 110.695029][ T5615] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 110.695449][ T5616] loop1: detected capacity change from 0 to 4096 [ 110.734740][ T5616] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5614] +++ exited with 0 +++ [pid 5049] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5619 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5614, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5049] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", [pid 5617] <... munmap resumed>) = 0 [pid 5616] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5616] <... openat resumed>) = 3 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] getdents64(3, [pid 5616] chdir("./file0" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5616] <... chdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5616] ioctl(4, LOOP_CLR_FD [pid 5050] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./93/binderfs", [pid 5616] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5619 attached [pid 5616] close(4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5619] set_robust_list(0x555556629660, 24 [pid 5616] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] unlink("./93/binderfs" [pid 5619] <... set_robust_list resumed>) = 0 [pid 5616] exit_group(0 [pid 5619] chdir("./90" [pid 5617] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5616] <... exit_group resumed>) = ? [pid 5050] <... openat resumed>) = 3 [pid 5049] <... unlink resumed>) = 0 [pid 5619] <... chdir resumed>) = 0 [pid 5617] <... openat resumed>) = 4 [pid 5616] +++ exited with 0 +++ [pid 5049] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5619] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] newfstatat(3, "", [pid 5619] <... prctl resumed>) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5616, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5619] setpgid(0, 0 [pid 5048] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5619] <... setpgid resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5619] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5619] <... openat resumed>) = 3 [pid 5619] write(3, "1000", 4 [pid 5048] <... openat resumed>) = 3 [pid 5619] <... write resumed>) = 4 [pid 5048] newfstatat(3, "", [pid 5619] close(3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5619] <... close resumed>) = 0 [pid 5048] getdents64(3, [pid 5619] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5619] <... symlink resumed>) = 0 [pid 5619] memfd_create("syzkaller", 0 [pid 5048] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./91/binderfs", [pid 5619] <... memfd_create resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5619] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] unlink("./91/binderfs" [pid 5619] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... unlink resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5617] ioctl(4, LOOP_SET_FD, 3 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5617] <... ioctl resumed>) = 0 [pid 5050] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5618] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5617] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./91/binderfs", [pid 5049] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./91/binderfs" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... unlink resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./93/file0", [pid 5048] newfstatat(AT_FDCWD, "./91/file0", [pid 5050] <... umount2 resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5617] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5617] mkdir("./file0", 0777 [pid 5050] newfstatat(AT_FDCWD, "./91/file0", [pid 5049] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", [pid 5617] <... mkdir resumed>) = 0 [pid 5050] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(4, "", [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5617] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, [pid 5050] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] newfstatat(4, "", [ 110.823303][ T5617] loop0: detected capacity change from 0 to 4096 [pid 5049] getdents64(4, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] getdents64(4, [pid 5048] close(4 [pid 5050] getdents64(4, [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] rmdir("./91/file0" [pid 5049] close(4) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5049] rmdir("./93/file0" [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5049] <... rmdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5049] getdents64(3, [pid 5048] getdents64(3, [pid 5050] rmdir("./91/file0" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] close(3 [pid 5048] close(3 [pid 5050] getdents64(3, [pid 5049] <... close resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5049] rmdir("./93" [pid 5048] rmdir("./91" [pid 5050] rmdir("./91") = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5050] mkdir("./92", 0777 [pid 5048] mkdir("./92", 0777 [pid 5050] <... mkdir resumed>) = 0 [pid 5049] mkdir("./94", 0777 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5620 attached [pid 5620] set_robust_list(0x555556629660, 24 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5620 [pid 5620] <... set_robust_list resumed>) = 0 [pid 5618] <... write resumed>) = 2097152 [pid 5620] chdir("./92" [ 110.865711][ T5617] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... openat resumed>) = 3 [pid 5620] <... chdir resumed>) = 0 [pid 5619] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5620] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5620] <... prctl resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5620] setpgid(0, 0) = 0 [pid 5620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5620] <... openat resumed>) = 3 [pid 5620] write(3, "1000", 4 [pid 5618] munmap(0x7f3b887a1000, 138412032 [pid 5049] close(3 [pid 5048] close(3 [pid 5617] <... mount resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5617] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5620] <... write resumed>) = 4 [pid 5617] <... openat resumed>) = 3 [pid 5620] close(3 [pid 5618] <... munmap resumed>) = 0 [pid 5617] chdir("./file0" [pid 5620] <... close resumed>) = 0 [pid 5617] <... chdir resumed>) = 0 [pid 5617] ioctl(4, LOOP_CLR_FD [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... close resumed>) = 0 [pid 5617] <... ioctl resumed>) = 0 [pid 5620] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5621 attached ) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5621] set_robust_list(0x555556629660, 24 [pid 5620] memfd_create("syzkaller", 0 [pid 5617] close(4) = 0 [pid 5617] exit_group(0./strace-static-x86_64: Process 5622 attached ) = ? [pid 5622] set_robust_list(0x555556629660, 24 [pid 5618] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5621] <... set_robust_list resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5621 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5622 [pid 5622] <... set_robust_list resumed>) = 0 [pid 5620] <... memfd_create resumed>) = 3 [pid 5618] <... openat resumed>) = 4 [pid 5622] chdir("./92" [pid 5621] chdir("./94" [pid 5620] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5618] ioctl(4, LOOP_SET_FD, 3 [pid 5622] <... chdir resumed>) = 0 [pid 5621] <... chdir resumed>) = 0 [pid 5620] <... mmap resumed>) = 0x7f3b887a1000 [pid 5618] <... ioctl resumed>) = 0 [pid 5617] +++ exited with 0 +++ [pid 5622] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5621] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5617, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5622] <... prctl resumed>) = 0 [pid 5621] <... prctl resumed>) = 0 [pid 5047] <... restart_syscall resumed>) = 0 [pid 5047] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5621] setpgid(0, 0 [pid 5619] <... write resumed>) = 2097152 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5622] setpgid(0, 0 [pid 5047] <... openat resumed>) = 3 [pid 5621] <... setpgid resumed>) = 0 [pid 5622] <... setpgid resumed>) = 0 [pid 5047] newfstatat(3, "", [pid 5622] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5621] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5621] <... openat resumed>) = 3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5622] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5622] write(3, "1000", 4 [pid 5047] newfstatat(AT_FDCWD, "./93/binderfs", [pid 5622] <... write resumed>) = 4 [pid 5618] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5621] write(3, "1000", 4 [pid 5622] close(3 [pid 5618] <... close resumed>) = 0 [pid 5047] unlink("./93/binderfs" [pid 5622] <... close resumed>) = 0 [pid 5621] <... write resumed>) = 4 [pid 5618] mkdir("./file0", 0777 [pid 5047] <... unlink resumed>) = 0 [pid 5618] <... mkdir resumed>) = 0 [pid 5621] close(3) = 0 [pid 5618] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5047] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5621] symlink("/dev/binderfs", "./binderfs" [pid 5622] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5621] <... symlink resumed>) = 0 [pid 5619] munmap(0x7f3b887a1000, 138412032 [pid 5622] memfd_create("syzkaller", 0 [pid 5621] memfd_create("syzkaller", 0 [pid 5622] <... memfd_create resumed>) = 3 [pid 5621] <... memfd_create resumed>) = 3 [pid 5619] <... munmap resumed>) = 0 [pid 5622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5621] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 110.965581][ T5618] loop4: detected capacity change from 0 to 4096 [ 111.003467][ T5618] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5619] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5621] <... mmap resumed>) = 0x7f3b887a1000 [pid 5619] <... openat resumed>) = 4 [pid 5619] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5620] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5619] close(3 [pid 5047] <... umount2 resumed>) = 0 [pid 5619] <... close resumed>) = 0 [pid 5619] mkdir("./file0", 0777 [pid 5047] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5619] <... mkdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5619] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5047] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./93/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./93") = 0 [pid 5047] mkdir("./94", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5623 ./strace-static-x86_64: Process 5623 attached [pid 5623] set_robust_list(0x555556629660, 24) = 0 [pid 5621] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5623] chdir("./94") = 0 [pid 5618] <... mount resumed>) = 0 [pid 5623] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5623] setpgid(0, 0) = 0 [pid 5623] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5623] write(3, "1000", 4 [pid 5618] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5623] <... write resumed>) = 4 [pid 5623] close(3) = 0 [ 111.052713][ T5619] loop5: detected capacity change from 0 to 4096 [ 111.092228][ T5619] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5623] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5618] <... openat resumed>) = 3 [pid 5618] chdir("./file0" [pid 5623] memfd_create("syzkaller", 0 [pid 5622] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5618] <... chdir resumed>) = 0 [pid 5618] ioctl(4, LOOP_CLR_FD) = 0 [pid 5618] close(4) = 0 [pid 5618] exit_group(0 [pid 5623] <... memfd_create resumed>) = 3 [pid 5623] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5621] <... write resumed>) = 2097152 [pid 5618] <... exit_group resumed>) = ? [pid 5621] munmap(0x7f3b887a1000, 138412032 [pid 5620] <... write resumed>) = 2097152 [pid 5618] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5618, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5051] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5620] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./90/binderfs") = 0 [pid 5051] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5620] <... munmap resumed>) = 0 [pid 5622] <... write resumed>) = 2097152 [pid 5621] <... munmap resumed>) = 0 [pid 5619] <... mount resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5620] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5619] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5619] <... openat resumed>) = 3 [pid 5620] <... openat resumed>) = 4 [pid 5619] chdir("./file0" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./90/file0", [pid 5620] ioctl(4, LOOP_SET_FD, 3 [pid 5619] <... chdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5619] ioctl(4, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./90/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./90") = 0 [pid 5622] munmap(0x7f3b887a1000, 138412032 [pid 5621] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5620] <... ioctl resumed>) = 0 [pid 5619] <... ioctl resumed>) = 0 [pid 5619] close(4 [pid 5623] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5622] <... munmap resumed>) = 0 [pid 5621] <... openat resumed>) = 4 [pid 5620] close(3 [pid 5619] <... close resumed>) = 0 [pid 5051] mkdir("./91", 0777 [pid 5622] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5621] ioctl(4, LOOP_SET_FD, 3 [pid 5620] <... close resumed>) = 0 [pid 5619] exit_group(0 [pid 5620] mkdir("./file0", 0777 [pid 5619] <... exit_group resumed>) = ? [pid 5620] <... mkdir resumed>) = 0 [pid 5619] +++ exited with 0 +++ [pid 5051] <... mkdir resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5619, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] umount2("./90", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./90/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./90/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./90/binderfs") = 0 [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5622] <... openat resumed>) = 4 [pid 5621] <... ioctl resumed>) = 0 [pid 5620] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5624 ./strace-static-x86_64: Process 5624 attached [pid 5624] set_robust_list(0x555556629660, 24) = 0 [pid 5624] chdir("./91" [ 111.214552][ T5620] loop3: detected capacity change from 0 to 4096 [ 111.238061][ T5621] loop2: detected capacity change from 0 to 4096 [ 111.253437][ T5620] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5622] ioctl(4, LOOP_SET_FD, 3 [pid 5621] close(3 [pid 5052] <... umount2 resumed>) = 0 [pid 5052] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5621] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./90/file0", [pid 5621] mkdir("./file0", 0777 [pid 5624] <... chdir resumed>) = 0 [pid 5621] <... mkdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5624] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] umount2("./90/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5624] <... prctl resumed>) = 0 [pid 5621] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5624] setpgid(0, 0 [pid 5052] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5624] <... setpgid resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] newfstatat(4, "", [pid 5624] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5624] write(3, "1000", 4 [pid 5052] getdents64(4, [pid 5624] <... write resumed>) = 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5624] close(3 [pid 5052] getdents64(4, [pid 5624] <... close resumed>) = 0 [pid 5624] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5622] <... ioctl resumed>) = 0 [pid 5052] close(4) = 0 [pid 5622] close(3 [pid 5052] rmdir("./90/file0" [pid 5624] memfd_create("syzkaller", 0 [pid 5622] <... close resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5622] mkdir("./file0", 0777 [pid 5052] getdents64(3, [pid 5622] <... mkdir resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5622] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] close(3) = 0 [pid 5052] rmdir("./90") = 0 [ 111.268616][ T5622] loop1: detected capacity change from 0 to 4096 [ 111.282682][ T5621] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5624] <... memfd_create resumed>) = 3 [pid 5052] mkdir("./91", 0777 [pid 5624] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5624] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5620] <... mount resumed>) = 0 [pid 5623] <... write resumed>) = 2097152 [pid 5622] <... mount resumed>) = 0 [pid 5621] <... mount resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5622] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5622] chdir("./file0") = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5622] ioctl(4, LOOP_CLR_FD [pid 5621] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5622] <... ioctl resumed>) = 0 [pid 5052] close(3 [pid 5622] close(4 [pid 5621] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5620] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5621] chdir("./file0" [pid 5622] <... close resumed>) = 0 [pid 5621] <... chdir resumed>) = 0 [pid 5622] exit_group(0 [pid 5621] ioctl(4, LOOP_CLR_FD) = 0 [pid 5620] <... openat resumed>) = 3 [pid 5620] chdir("./file0" [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5625 [pid 5621] close(4./strace-static-x86_64: Process 5625 attached ) = 0 [pid 5622] <... exit_group resumed>) = ? [pid 5620] <... chdir resumed>) = 0 [pid 5620] ioctl(4, LOOP_CLR_FD [pid 5621] exit_group(0 [pid 5620] <... ioctl resumed>) = 0 [pid 5625] set_robust_list(0x555556629660, 24 [pid 5623] munmap(0x7f3b887a1000, 138412032 [pid 5621] <... exit_group resumed>) = ? [pid 5620] close(4 [pid 5623] <... munmap resumed>) = 0 [pid 5620] <... close resumed>) = 0 [pid 5620] exit_group(0) = ? [ 111.314646][ T5622] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5625] <... set_robust_list resumed>) = 0 [pid 5622] +++ exited with 0 +++ [pid 5621] +++ exited with 0 +++ [pid 5620] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5621, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5620, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5622, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5625] chdir("./91" [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5625] <... chdir resumed>) = 0 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5049] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5625] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5623] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5050] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5625] setpgid(0, 0 [pid 5048] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5625] <... setpgid resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5625] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5623] <... openat resumed>) = 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5623] ioctl(4, LOOP_SET_FD, 3 [pid 5050] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5625] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] newfstatat(3, "", [pid 5625] write(3, "1000", 4 [pid 5050] newfstatat(3, "", [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5625] <... write resumed>) = 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] newfstatat(3, "", [pid 5048] getdents64(3, [pid 5625] close(3 [pid 5623] <... ioctl resumed>) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./92/binderfs", [pid 5625] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5625] symlink("/dev/binderfs", "./binderfs" [pid 5050] unlink("./92/binderfs" [pid 5048] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... unlink resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5625] <... symlink resumed>) = 0 [pid 5624] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] getdents64(3, [pid 5048] newfstatat(AT_FDCWD, "./92/binderfs", [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./92/binderfs" [pid 5625] memfd_create("syzkaller", 0 [pid 5049] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... unlink resumed>) = 0 [pid 5048] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5623] close(3) = 0 [pid 5623] mkdir("./file0", 0777) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5625] <... memfd_create resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5625] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] newfstatat(AT_FDCWD, "./94/binderfs", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5625] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(AT_FDCWD, "./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5623] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5048] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = 0 [pid 5049] unlink("./94/binderfs" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... unlink resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./92/file0" [pid 5050] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... rmdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(3, [pid 5050] newfstatat(AT_FDCWD, "./92/file0", [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] close(3 [pid 5050] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] rmdir("./92" [pid 5050] <... openat resumed>) = 4 [pid 5048] <... rmdir resumed>) = 0 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, [pid 5048] mkdir("./93", 0777 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... mkdir resumed>) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./92/file0" [pid 5048] <... openat resumed>) = 3 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5050] getdents64(3, [pid 5048] <... ioctl resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5048] close(3 [pid 5050] <... close resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5050] rmdir("./92" [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5626 attached [pid 5626] set_robust_list(0x555556629660, 24) = 0 [pid 5050] mkdir("./93", 0777 [pid 5626] chdir("./93") = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5626 [ 111.394443][ T5623] loop0: detected capacity change from 0 to 4096 [ 111.432436][ T5623] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5626] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5626] setpgid(0, 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5626] <... setpgid resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5626] <... openat resumed>) = 3 [pid 5626] write(3, "1000", 4 [pid 5050] close(3 [pid 5626] <... write resumed>) = 4 [pid 5050] <... close resumed>) = 0 [pid 5626] close(3 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5626] <... close resumed>) = 0 [pid 5626] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5626] memfd_create("syzkaller", 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5627 ./strace-static-x86_64: Process 5627 attached [pid 5627] set_robust_list(0x555556629660, 24 [pid 5626] <... memfd_create resumed>) = 3 [pid 5627] <... set_robust_list resumed>) = 0 [pid 5626] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5627] chdir("./93" [pid 5626] <... mmap resumed>) = 0x7f3b887a1000 [pid 5624] <... write resumed>) = 2097152 [pid 5627] <... chdir resumed>) = 0 [pid 5627] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... umount2 resumed>) = 0 [pid 5627] <... prctl resumed>) = 0 [pid 5625] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5624] munmap(0x7f3b887a1000, 138412032 [pid 5049] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5624] <... munmap resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./94/file0", [pid 5627] setpgid(0, 0) = 0 [pid 5627] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5627] write(3, "1000", 4) = 4 [pid 5627] close(3) = 0 [pid 5627] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5627] memfd_create("syzkaller", 0 [pid 5049] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5627] <... memfd_create resumed>) = 3 [pid 5627] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5624] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5627] <... mmap resumed>) = 0x7f3b887a1000 [pid 5624] <... openat resumed>) = 4 [pid 5049] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5624] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", [pid 5624] <... ioctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./94/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5624] close(3) = 0 [pid 5049] close(3 [pid 5624] mkdir("./file0", 0777 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./94" [pid 5624] <... mkdir resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5049] mkdir("./95", 0777 [pid 5624] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] <... mkdir resumed>) = 0 [pid 5623] <... mount resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5623] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... openat resumed>) = 3 [pid 5623] <... openat resumed>) = 3 [ 111.553115][ T5624] loop4: detected capacity change from 0 to 4096 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5626] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5623] chdir("./file0" [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5623] <... chdir resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5623] ioctl(4, LOOP_CLR_FD [pid 5625] <... write resumed>) = 2097152 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5628 [pid 5623] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5628 attached [pid 5623] close(4 [pid 5628] set_robust_list(0x555556629660, 24 [pid 5627] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5625] munmap(0x7f3b887a1000, 138412032 [pid 5623] <... close resumed>) = 0 [pid 5628] <... set_robust_list resumed>) = 0 [pid 5623] exit_group(0 [pid 5628] chdir("./95" [pid 5623] <... exit_group resumed>) = ? [pid 5628] <... chdir resumed>) = 0 [pid 5628] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5623] +++ exited with 0 +++ [pid 5628] <... prctl resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5623, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [ 111.610718][ T5624] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5628] setpgid(0, 0) = 0 [pid 5628] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5625] <... munmap resumed>) = 0 [pid 5047] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5625] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5625] <... openat resumed>) = 4 [pid 5625] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", [pid 5628] write(3, "1000", 4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5628] <... write resumed>) = 4 [pid 5047] getdents64(3, [pid 5628] close(3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5628] <... close resumed>) = 0 [pid 5047] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5628] symlink("/dev/binderfs", "./binderfs" [pid 5047] newfstatat(AT_FDCWD, "./94/binderfs", [pid 5628] <... symlink resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5628] memfd_create("syzkaller", 0 [pid 5047] unlink("./94/binderfs") = 0 [pid 5047] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5047] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./94/file0", [pid 5628] <... memfd_create resumed>) = 3 [pid 5624] <... mount resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5628] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5624] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... openat resumed>) = 4 [pid 5624] <... openat resumed>) = 3 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5625] <... ioctl resumed>) = 0 [pid 5624] chdir("./file0" [pid 5047] getdents64(4, [pid 5625] close(3 [pid 5626] <... write resumed>) = 2097152 [pid 5625] <... close resumed>) = 0 [pid 5624] <... chdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5626] munmap(0x7f3b887a1000, 138412032 [pid 5047] getdents64(4, [pid 5626] <... munmap resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./94/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5625] mkdir("./file0", 0777 [pid 5624] ioctl(4, LOOP_CLR_FD [pid 5047] close(3) = 0 [pid 5625] <... mkdir resumed>) = 0 [pid 5624] <... ioctl resumed>) = 0 [pid 5047] rmdir("./94" [pid 5624] close(4) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5624] exit_group(0 [pid 5047] mkdir("./95", 0777 [pid 5625] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5624] <... exit_group resumed>) = ? [pid 5047] <... mkdir resumed>) = 0 [ 111.688325][ T5625] loop5: detected capacity change from 0 to 4096 [pid 5626] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5624] +++ exited with 0 +++ [pid 5626] <... openat resumed>) = 4 [pid 5626] ioctl(4, LOOP_SET_FD, 3 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5624, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5629 [pid 5051] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5629 attached [pid 5627] <... write resumed>) = 2097152 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5629] set_robust_list(0x555556629660, 24 [pid 5051] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5629] <... set_robust_list resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5629] chdir("./95") = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5629] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5627] munmap(0x7f3b887a1000, 138412032 [pid 5051] newfstatat(AT_FDCWD, "./91/binderfs", [pid 5629] <... prctl resumed>) = 0 [pid 5627] <... munmap resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5629] setpgid(0, 0) = 0 [pid 5629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5051] unlink("./91/binderfs") = 0 [pid 5051] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5629] write(3, "1000", 4 [pid 5627] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 111.750155][ T5625] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 111.751035][ T5626] loop1: detected capacity change from 0 to 4096 [pid 5627] ioctl(4, LOOP_SET_FD, 3 [pid 5629] <... write resumed>) = 4 [pid 5627] <... ioctl resumed>) = 0 [pid 5625] <... mount resumed>) = 0 [pid 5629] close(3 [pid 5625] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5629] <... close resumed>) = 0 [pid 5628] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5626] <... ioctl resumed>) = 0 [pid 5625] <... openat resumed>) = 3 [pid 5629] symlink("/dev/binderfs", "./binderfs" [pid 5626] close(3 [pid 5625] chdir("./file0" [pid 5626] <... close resumed>) = 0 [pid 5625] <... chdir resumed>) = 0 [pid 5626] mkdir("./file0", 0777 [pid 5625] ioctl(4, LOOP_CLR_FD [pid 5629] <... symlink resumed>) = 0 [pid 5626] <... mkdir resumed>) = 0 [pid 5625] <... ioctl resumed>) = 0 [pid 5626] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5629] memfd_create("syzkaller", 0 [pid 5625] close(4) = 0 [pid 5625] exit_group(0) = ? [pid 5629] <... memfd_create resumed>) = 3 [pid 5625] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5625, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5629] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] umount2("./91", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5629] <... mmap resumed>) = 0x7f3b887a1000 [pid 5627] close(3 [pid 5052] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5627] <... close resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5627] mkdir("./file0", 0777 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5627] <... mkdir resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5627] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./91/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./91/binderfs", [pid 5051] newfstatat(AT_FDCWD, "./91/file0", [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./91/binderfs" [pid 5051] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... unlink resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 111.805889][ T5627] loop3: detected capacity change from 0 to 4096 [ 111.830222][ T5626] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./91/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./91") = 0 [pid 5051] mkdir("./92", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5630 attached [pid 5630] set_robust_list(0x555556629660, 24) = 0 [pid 5630] chdir("./92" [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5630 [pid 5630] <... chdir resumed>) = 0 [pid 5630] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5630] setpgid(0, 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5630] <... setpgid resumed>) = 0 [pid 5630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5630] write(3, "1000", 4) = 4 [pid 5630] close(3) = 0 [pid 5630] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5630] memfd_create("syzkaller", 0 [pid 5052] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./91/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5630] <... memfd_create resumed>) = 3 [pid 5052] newfstatat(4, "", [pid 5630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5630] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [ 111.863119][ T5627] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5628] <... write resumed>) = 2097152 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./91/file0") = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./91" [pid 5628] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... rmdir resumed>) = 0 [pid 5052] mkdir("./92", 0777) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5628] <... munmap resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5628] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] <... close resumed>) = 0 [pid 5628] <... openat resumed>) = 4 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5628] ioctl(4, LOOP_SET_FD, 3 [pid 5626] <... mount resumed>) = 0 [pid 5626] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5629] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5626] <... openat resumed>) = 3 [pid 5626] chdir("./file0" [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5631 [pid 5626] <... chdir resumed>) = 0 [pid 5626] ioctl(4, LOOP_CLR_FD) = 0 [pid 5626] close(4) = 0 ./strace-static-x86_64: Process 5631 attached [pid 5626] exit_group(0 [pid 5631] set_robust_list(0x555556629660, 24 [pid 5626] <... exit_group resumed>) = ? [pid 5631] <... set_robust_list resumed>) = 0 [pid 5626] +++ exited with 0 +++ [pid 5631] chdir("./92") = 0 [pid 5631] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5626, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5631] setpgid(0, 0 [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5631] <... setpgid resumed>) = 0 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5631] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5630] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5628] <... ioctl resumed>) = 0 [pid 5631] <... openat resumed>) = 3 [pid 5631] write(3, "1000", 4 [pid 5628] close(3 [pid 5048] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5628] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5628] mkdir("./file0", 0777 [pid 5048] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5631] <... write resumed>) = 4 [pid 5631] close(3 [pid 5048] <... openat resumed>) = 3 [pid 5631] <... close resumed>) = 0 [pid 5631] symlink("/dev/binderfs", "./binderfs" [pid 5628] <... mkdir resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5631] <... symlink resumed>) = 0 [pid 5628] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5631] memfd_create("syzkaller", 0 [pid 5048] getdents64(3, [pid 5627] <... mount resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5631] <... memfd_create resumed>) = 3 [pid 5627] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 111.973060][ T5628] loop2: detected capacity change from 0 to 4096 [pid 5048] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5627] <... openat resumed>) = 3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5631] <... mmap resumed>) = 0x7f3b887a1000 [pid 5627] chdir("./file0" [pid 5048] newfstatat(AT_FDCWD, "./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./93/binderfs") = 0 [pid 5627] <... chdir resumed>) = 0 [pid 5048] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5627] ioctl(4, LOOP_CLR_FD) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5048] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5627] close(4 [pid 5048] <... openat resumed>) = 4 [pid 5627] <... close resumed>) = 0 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5627] exit_group(0 [pid 5048] getdents64(4, [pid 5629] <... write resumed>) = 2097152 [pid 5627] <... exit_group resumed>) = ? [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, [pid 5627] +++ exited with 0 +++ [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5627, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./93/file0" [pid 5050] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] <... rmdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] getdents64(3, [pid 5630] <... write resumed>) = 2097152 [pid 5050] <... openat resumed>) = 3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [ 112.018624][ T5628] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5048] rmdir("./93" [pid 5630] munmap(0x7f3b887a1000, 138412032 [pid 5629] munmap(0x7f3b887a1000, 138412032 [pid 5050] newfstatat(3, "", [pid 5048] <... rmdir resumed>) = 0 [pid 5629] <... munmap resumed>) = 0 [pid 5630] <... munmap resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] mkdir("./94", 0777 [pid 5629] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5050] getdents64(3, [pid 5048] <... mkdir resumed>) = 0 [pid 5630] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5629] ioctl(4, LOOP_SET_FD, 3 [pid 5630] <... openat resumed>) = 4 [pid 5628] <... mount resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5630] ioctl(4, LOOP_SET_FD, 3 [pid 5628] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... openat resumed>) = 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5629] <... ioctl resumed>) = 0 [pid 5631] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5630] <... ioctl resumed>) = 0 [pid 5628] <... openat resumed>) = 3 [pid 5050] newfstatat(AT_FDCWD, "./93/binderfs", [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5629] close(3 [pid 5630] close(3) = 0 [pid 5629] <... close resumed>) = 0 [pid 5630] mkdir("./file0", 0777 [pid 5629] mkdir("./file0", 0777 [pid 5630] <... mkdir resumed>) = 0 [pid 5629] <... mkdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] unlink("./93/binderfs" [pid 5048] close(3 [pid 5050] <... unlink resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5050] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5632 attached [pid 5632] set_robust_list(0x555556629660, 24) = 0 [pid 5632] chdir("./94" [ 112.100098][ T5629] loop0: detected capacity change from 0 to 4096 [ 112.108517][ T5630] loop4: detected capacity change from 0 to 4096 [pid 5630] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5629] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5628] chdir("./file0" [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5632 [pid 5632] <... chdir resumed>) = 0 [pid 5632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5631] <... write resumed>) = 2097152 [pid 5628] <... chdir resumed>) = 0 [pid 5632] setpgid(0, 0 [pid 5631] munmap(0x7f3b887a1000, 138412032 [pid 5632] <... setpgid resumed>) = 0 [pid 5632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5628] ioctl(4, LOOP_CLR_FD [pid 5632] <... openat resumed>) = 3 [pid 5628] <... ioctl resumed>) = 0 [pid 5632] write(3, "1000", 4 [pid 5628] close(4 [pid 5632] <... write resumed>) = 4 [pid 5628] <... close resumed>) = 0 [pid 5632] close(3 [pid 5628] exit_group(0) = ? [pid 5632] <... close resumed>) = 0 [pid 5628] +++ exited with 0 +++ [pid 5632] symlink("/dev/binderfs", "./binderfs" [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5628, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5049] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5632] <... symlink resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5632] memfd_create("syzkaller", 0 [pid 5631] <... munmap resumed>) = 0 [pid 5632] <... memfd_create resumed>) = 3 [pid 5631] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] newfstatat(3, "", [pid 5631] <... openat resumed>) = 4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5632] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5631] ioctl(4, LOOP_SET_FD, 3 [ 112.145288][ T5630] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 112.164443][ T5629] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5049] getdents64(3, [pid 5050] <... umount2 resumed>) = 0 [pid 5632] <... mmap resumed>) = 0x7f3b887a1000 [pid 5631] <... ioctl resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5631] close(3 [pid 5049] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5631] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./95/binderfs", [pid 5631] mkdir("./file0", 0777 [pid 5050] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5631] <... mkdir resumed>) = 0 [pid 5049] unlink("./95/binderfs" [pid 5631] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5049] <... unlink resumed>) = 0 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 112.190178][ T5631] loop5: detected capacity change from 0 to 4096 [pid 5049] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5629] <... mount resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5049] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5629] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5629] <... openat resumed>) = 3 [pid 5049] newfstatat(AT_FDCWD, "./95/file0", [pid 5629] chdir("./file0" [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5629] <... chdir resumed>) = 0 [pid 5050] close(4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5629] ioctl(4, LOOP_CLR_FD [pid 5049] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5629] <... ioctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5629] close(4 [pid 5049] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5629] <... close resumed>) = 0 [pid 5630] <... mount resumed>) = 0 [pid 5629] exit_group(0 [pid 5050] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5629] <... exit_group resumed>) = ? [pid 5050] rmdir("./93/file0" [pid 5049] newfstatat(4, "", [pid 5629] +++ exited with 0 +++ [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5630] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] getdents64(3, [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5629, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5630] <... openat resumed>) = 3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] getdents64(4, [pid 5047] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] close(3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... close resumed>) = 0 [pid 5049] close(4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] rmdir("./93" [pid 5049] <... close resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... rmdir resumed>) = 0 [pid 5049] rmdir("./95/file0" [pid 5047] <... openat resumed>) = 3 [pid 5630] chdir("./file0" [pid 5050] mkdir("./94", 0777 [pid 5047] newfstatat(3, "", [pid 5630] <... chdir resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5630] ioctl(4, LOOP_CLR_FD [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5630] <... ioctl resumed>) = 0 [pid 5630] close(4 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] getdents64(3, [pid 5630] <... close resumed>) = 0 [pid 5049] close(3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5630] exit_group(0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./95" [pid 5631] <... mount resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5630] <... exit_group resumed>) = ? [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5631] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5630] +++ exited with 0 +++ [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... rmdir resumed>) = 0 [pid 5631] <... openat resumed>) = 3 [pid 5050] close(3 [pid 5049] mkdir("./96", 0777 [pid 5631] chdir("./file0" [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5630, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5631] <... chdir resumed>) = 0 [pid 5051] <... restart_syscall resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [ 112.218642][ T5631] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 5633 attached [pid 5631] ioctl(4, LOOP_CLR_FD [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5047] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5633] set_robust_list(0x555556629660, 24 [pid 5631] <... ioctl resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5633] <... set_robust_list resumed>) = 0 [pid 5631] close(4 [pid 5051] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5631] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5633] chdir("./94" [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] newfstatat(AT_FDCWD, "./95/binderfs", [pid 5633] <... chdir resumed>) = 0 [pid 5631] exit_group(0 [pid 5051] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5633 [pid 5049] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5633] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5631] <... exit_group resumed>) = ? [pid 5051] <... openat resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 5047] unlink("./95/binderfs" [pid 5632] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] newfstatat(3, "", [pid 5047] <... unlink resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(3, [pid 5631] +++ exited with 0 +++ [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5631, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5633] <... prctl resumed>) = 0 [pid 5051] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5633] setpgid(0, 0) = 0 [pid 5051] unlink("./92/binderfs" [pid 5052] umount2("./92", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] <... unlink resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./92/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./92/binderfs") = 0 [pid 5052] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5634 attached [pid 5633] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5634 [pid 5634] set_robust_list(0x555556629660, 24 [pid 5633] <... openat resumed>) = 3 [pid 5634] <... set_robust_list resumed>) = 0 [pid 5633] write(3, "1000", 4 [pid 5634] chdir("./96" [pid 5633] <... write resumed>) = 4 [pid 5634] <... chdir resumed>) = 0 [pid 5633] close(3) = 0 [pid 5634] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5633] symlink("/dev/binderfs", "./binderfs" [pid 5634] <... prctl resumed>) = 0 [pid 5634] setpgid(0, 0 [pid 5633] <... symlink resumed>) = 0 [pid 5634] <... setpgid resumed>) = 0 [pid 5633] memfd_create("syzkaller", 0 [pid 5634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5633] <... memfd_create resumed>) = 3 [pid 5633] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5634] <... openat resumed>) = 3 [pid 5633] <... mmap resumed>) = 0x7f3b887a1000 [pid 5634] write(3, "1000", 4) = 4 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5047] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./95/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./95") = 0 [pid 5634] close(3) = 0 [pid 5632] <... write resumed>) = 2097152 [pid 5047] mkdir("./96", 0777 [pid 5634] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5051] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... mkdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./92/file0", [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5051] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] close(3 [pid 5051] <... openat resumed>) = 4 [pid 5047] <... close resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5634] memfd_create("syzkaller", 0 [pid 5632] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5635 attached [pid 5632] <... munmap resumed>) = 0 [pid 5051] getdents64(4, [pid 5635] set_robust_list(0x555556629660, 24 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5635 [pid 5635] <... set_robust_list resumed>) = 0 [pid 5051] getdents64(4, [pid 5635] chdir("./96" [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./92/file0" [pid 5635] <... chdir resumed>) = 0 [pid 5634] <... memfd_create resumed>) = 3 [pid 5051] <... rmdir resumed>) = 0 [pid 5635] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5635] setpgid(0, 0 [pid 5632] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5051] getdents64(3, [pid 5635] <... setpgid resumed>) = 0 [pid 5632] <... openat resumed>) = 4 [pid 5635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5632] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5635] <... openat resumed>) = 3 [pid 5634] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] close(3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./92") = 0 [pid 5635] write(3, "1000", 4) = 4 [pid 5635] close(3) = 0 [pid 5635] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5635] memfd_create("syzkaller", 0 [pid 5052] newfstatat(AT_FDCWD, "./92/file0", [pid 5051] mkdir("./93", 0777 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./92/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] <... mkdir resumed>) = 0 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] getdents64(4, [pid 5051] close(3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... close resumed>) = 0 [pid 5635] <... memfd_create resumed>) = 3 [pid 5052] close(4 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... close resumed>) = 0 [pid 5635] <... mmap resumed>) = 0x7f3b887a1000 [pid 5632] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5636 attached [pid 5632] close(3 [pid 5052] rmdir("./92/file0" [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5636 [pid 5632] <... close resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5632] mkdir("./file0", 0777) = 0 [pid 5636] set_robust_list(0x555556629660, 24 [pid 5632] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] getdents64(3, [pid 5636] <... set_robust_list resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5636] chdir("./93" [pid 5052] close(3 [pid 5636] <... chdir resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5636] prctl(PR_SET_PDEATHSIG, SIGKILL [ 112.407739][ T5632] loop1: detected capacity change from 0 to 4096 [pid 5052] rmdir("./92" [pid 5636] <... prctl resumed>) = 0 [pid 5633] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5636] setpgid(0, 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5636] <... setpgid resumed>) = 0 [pid 5052] mkdir("./93", 0777 [pid 5636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... mkdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5636] <... openat resumed>) = 3 [pid 5636] write(3, "1000", 4 [pid 5634] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5636] <... write resumed>) = 4 [pid 5636] close(3 [pid 5052] close(3 [pid 5636] <... close resumed>) = 0 [pid 5636] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... close resumed>) = 0 [pid 5636] <... symlink resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5637 attached [pid 5636] memfd_create("syzkaller", 0 [pid 5637] set_robust_list(0x555556629660, 24) = 0 [pid 5636] <... memfd_create resumed>) = 3 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5637 [pid 5636] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5637] chdir("./93" [pid 5636] <... mmap resumed>) = 0x7f3b887a1000 [ 112.458358][ T5632] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5635] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5637] <... chdir resumed>) = 0 [pid 5633] <... write resumed>) = 2097152 [pid 5637] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5633] munmap(0x7f3b887a1000, 138412032 [pid 5637] setpgid(0, 0) = 0 [pid 5637] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5637] write(3, "1000", 4) = 4 [pid 5637] close(3) = 0 [pid 5637] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5637] memfd_create("syzkaller", 0) = 3 [pid 5634] <... write resumed>) = 2097152 [pid 5633] <... munmap resumed>) = 0 [pid 5637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5633] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5633] ioctl(4, LOOP_SET_FD, 3 [pid 5634] munmap(0x7f3b887a1000, 138412032 [pid 5636] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5634] <... munmap resumed>) = 0 [pid 5633] <... ioctl resumed>) = 0 [pid 5633] close(3) = 0 [pid 5633] mkdir("./file0", 0777) = 0 [pid 5632] <... mount resumed>) = 0 [pid 5632] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5634] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5632] chdir("./file0" [pid 5635] <... write resumed>) = 2097152 [pid 5634] <... openat resumed>) = 4 [pid 5633] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5632] <... chdir resumed>) = 0 [pid 5634] ioctl(4, LOOP_SET_FD, 3 [ 112.572850][ T5633] loop3: detected capacity change from 0 to 4096 [ 112.612202][ T5634] loop2: detected capacity change from 0 to 4096 [pid 5632] ioctl(4, LOOP_CLR_FD [pid 5635] munmap(0x7f3b887a1000, 138412032 [pid 5632] <... ioctl resumed>) = 0 [pid 5632] close(4) = 0 [pid 5635] <... munmap resumed>) = 0 [pid 5635] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5637] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5635] <... openat resumed>) = 4 [pid 5632] exit_group(0 [pid 5635] ioctl(4, LOOP_SET_FD, 3 [pid 5632] <... exit_group resumed>) = ? [pid 5636] <... write resumed>) = 2097152 [pid 5632] +++ exited with 0 +++ [pid 5636] munmap(0x7f3b887a1000, 138412032 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5632, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5048] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5634] <... ioctl resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5634] close(3) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5634] mkdir("./file0", 0777 [pid 5048] newfstatat(3, "", [pid 5634] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5634] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5636] <... munmap resumed>) = 0 [pid 5048] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./94/binderfs") = 0 [pid 5636] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5635] <... ioctl resumed>) = 0 [pid 5048] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5636] ioctl(4, LOOP_SET_FD, 3 [pid 5635] close(3) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5635] mkdir("./file0", 0777 [ 112.622723][ T5633] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 112.638456][ T5635] loop0: detected capacity change from 0 to 4096 [ 112.654900][ T5634] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5048] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5635] <... mkdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5635] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5636] <... ioctl resumed>) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./94/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./94" [pid 5637] <... write resumed>) = 2097152 [pid 5048] <... rmdir resumed>) = 0 [pid 5637] munmap(0x7f3b887a1000, 138412032 [pid 5636] close(3 [pid 5048] mkdir("./95", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5635] <... mount resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5635] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... ioctl resumed>) = 0 [pid 5635] <... openat resumed>) = 3 [pid 5048] close(3 [pid 5636] <... close resumed>) = 0 [pid 5635] chdir("./file0" [pid 5048] <... close resumed>) = 0 [pid 5636] mkdir("./file0", 0777 [pid 5635] <... chdir resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5636] <... mkdir resumed>) = 0 [pid 5635] ioctl(4, LOOP_CLR_FD [pid 5633] <... mount resumed>) = 0 [pid 5637] <... munmap resumed>) = 0 [pid 5635] <... ioctl resumed>) = 0 [pid 5633] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5636] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5635] close(4 [pid 5633] <... openat resumed>) = 3 [pid 5635] <... close resumed>) = 0 [pid 5635] exit_group(0 [pid 5633] chdir("./file0"./strace-static-x86_64: Process 5638 attached [pid 5635] <... exit_group resumed>) = ? [pid 5633] <... chdir resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5638 [pid 5634] <... mount resumed>) = 0 [ 112.672531][ T5636] loop4: detected capacity change from 0 to 4096 [ 112.684252][ T5635] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5633] ioctl(4, LOOP_CLR_FD [pid 5638] set_robust_list(0x555556629660, 24 [pid 5637] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5635] +++ exited with 0 +++ [pid 5638] <... set_robust_list resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5635, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5638] chdir("./95" [pid 5047] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5047] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5633] <... ioctl resumed>) = 0 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5633] close(4) = 0 [pid 5637] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5634] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5634] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./96/binderfs", [pid 5638] <... chdir resumed>) = 0 [pid 5638] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5633] exit_group(0 [pid 5638] <... prctl resumed>) = 0 [pid 5047] unlink("./96/binderfs" [pid 5638] setpgid(0, 0 [pid 5633] <... exit_group resumed>) = ? [pid 5047] <... unlink resumed>) = 0 [pid 5638] <... setpgid resumed>) = 0 [pid 5634] chdir("./file0" [pid 5638] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5634] <... chdir resumed>) = 0 [pid 5047] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5638] <... openat resumed>) = 3 [pid 5634] ioctl(4, LOOP_CLR_FD) = 0 [pid 5634] close(4 [pid 5047] <... umount2 resumed>) = 0 [pid 5634] <... close resumed>) = 0 [pid 5634] exit_group(0 [pid 5047] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5634] <... exit_group resumed>) = ? [pid 5638] write(3, "1000", 4 [pid 5634] +++ exited with 0 +++ [pid 5633] +++ exited with 0 +++ [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5638] <... write resumed>) = 4 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5633, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5634, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5047] newfstatat(AT_FDCWD, "./96/file0", [pid 5638] close(3 [pid 5049] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5638] <... close resumed>) = 0 [pid 5047] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5638] symlink("/dev/binderfs", "./binderfs" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5638] <... symlink resumed>) = 0 [pid 5637] <... ioctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... openat resumed>) = 4 [pid 5637] close(3 [pid 5050] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] newfstatat(4, "", [pid 5637] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5637] mkdir("./file0", 0777 [pid 5050] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] newfstatat(3, "", [pid 5047] getdents64(4, [pid 5638] memfd_create("syzkaller", 0 [pid 5637] <... mkdir resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] newfstatat(3, "", [pid 5049] getdents64(3, [pid 5047] getdents64(4, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5637] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5050] getdents64(3, [pid 5049] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(4 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... close resumed>) = 0 [pid 5050] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./96/binderfs", [pid 5047] rmdir("./96/file0" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./94/binderfs", [pid 5049] unlink("./96/binderfs" [pid 5638] <... memfd_create resumed>) = 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] getdents64(3, [pid 5049] <... unlink resumed>) = 0 [pid 5638] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] unlink("./94/binderfs" [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3 [pid 5050] <... unlink resumed>) = 0 [pid 5638] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] <... close resumed>) = 0 [ 112.732018][ T5636] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 112.751169][ T5637] loop5: detected capacity change from 0 to 4096 [pid 5047] rmdir("./96") = 0 [pid 5050] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] mkdir("./97", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5050] <... umount2 resumed>) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD) = 0 [pid 5050] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5639 attached [pid 5639] set_robust_list(0x555556629660, 24 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5639 [pid 5639] <... set_robust_list resumed>) = 0 [pid 5639] chdir("./97") = 0 [pid 5639] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5639] setpgid(0, 0) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./94/file0", [pid 5639] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5639] <... openat resumed>) = 3 [pid 5639] write(3, "1000", 4) = 4 [ 112.790275][ T5637] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5050] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5639] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5639] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5639] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5050] <... openat resumed>) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5639] memfd_create("syzkaller", 0 [pid 5636] <... mount resumed>) = 0 [pid 5050] getdents64(4, [pid 5049] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5639] <... memfd_create resumed>) = 3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./96/file0", [pid 5050] getdents64(4, [pid 5639] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5639] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] close(4 [pid 5049] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] rmdir("./94/file0" [pid 5049] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5638] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5050] getdents64(3, [pid 5049] newfstatat(4, "", [pid 5636] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5636] <... openat resumed>) = 3 [pid 5050] close(3 [pid 5049] getdents64(4, [pid 5050] <... close resumed>) = 0 [pid 5636] chdir("./file0" [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] rmdir("./94" [pid 5636] <... chdir resumed>) = 0 [pid 5049] getdents64(4, [pid 5050] <... rmdir resumed>) = 0 [pid 5636] ioctl(4, LOOP_CLR_FD [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5636] <... ioctl resumed>) = 0 [pid 5050] mkdir("./95", 0777 [pid 5049] close(4 [pid 5636] close(4) = 0 [pid 5636] exit_group(0 [pid 5049] <... close resumed>) = 0 [pid 5636] <... exit_group resumed>) = ? [pid 5050] <... mkdir resumed>) = 0 [pid 5049] rmdir("./96/file0" [pid 5636] +++ exited with 0 +++ [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5638] <... write resumed>) = 2097152 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5636, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5049] <... rmdir resumed>) = 0 [pid 5051] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] close(3 [pid 5051] <... openat resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./96" [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5049] mkdir("./97", 0777 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./93/binderfs", [pid 5049] <... mkdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./93/binderfs") = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5638] munmap(0x7f3b887a1000, 138412032 [pid 5637] <... mount resumed>) = 0 [pid 5051] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 3 [pid 5637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5638] <... munmap resumed>) = 0 [pid 5637] <... openat resumed>) = 3 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... openat resumed>) = 3 [pid 5639] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] close(3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5637] chdir("./file0") = 0 [pid 5637] ioctl(4, LOOP_CLR_FD) = 0 [pid 5637] close(4) = 0 [pid 5637] exit_group(0) = ? [pid 5050] <... close resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] close(3./strace-static-x86_64: Process 5640 attached [pid 5638] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5637] +++ exited with 0 +++ [pid 5049] <... close resumed>) = 0 [pid 5640] set_robust_list(0x555556629660, 24 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5637, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5640 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5640] <... set_robust_list resumed>) = 0 [pid 5640] chdir("./95") = 0 [pid 5052] umount2("./93", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5640] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5641 attached ) = 0 [pid 5638] <... openat resumed>) = 4 [pid 5052] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5641] set_robust_list(0x555556629660, 24 [pid 5640] setpgid(0, 0 [pid 5638] ioctl(4, LOOP_SET_FD, 3 [pid 5052] newfstatat(3, "", [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5641 [pid 5640] <... setpgid resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5641] <... set_robust_list resumed>) = 0 [pid 5640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5639] <... write resumed>) = 2097152 [pid 5638] <... ioctl resumed>) = 0 [pid 5052] getdents64(3, [pid 5051] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5641] chdir("./97" [pid 5640] <... openat resumed>) = 3 [pid 5639] munmap(0x7f3b887a1000, 138412032 [pid 5638] close(3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5641] <... chdir resumed>) = 0 [pid 5640] write(3, "1000", 4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5641] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] umount2("./93/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5641] <... prctl resumed>) = 0 [pid 5641] setpgid(0, 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5641] <... setpgid resumed>) = 0 [pid 5641] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5640] <... write resumed>) = 4 [pid 5052] newfstatat(AT_FDCWD, "./93/binderfs", [pid 5051] newfstatat(AT_FDCWD, "./93/file0", [pid 5641] <... openat resumed>) = 3 [pid 5640] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5641] write(3, "1000", 4 [pid 5640] <... close resumed>) = 0 [pid 5639] <... munmap resumed>) = 0 [pid 5638] <... close resumed>) = 0 [pid 5052] unlink("./93/binderfs" [pid 5051] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5641] <... write resumed>) = 4 [pid 5640] symlink("/dev/binderfs", "./binderfs" [pid 5639] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5638] mkdir("./file0", 0777 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5641] close(3 [pid 5052] <... unlink resumed>) = 0 [pid 5641] <... close resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5641] symlink("/dev/binderfs", "./binderfs" [pid 5052] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5641] <... symlink resumed>) = 0 [pid 5640] <... symlink resumed>) = 0 [pid 5638] <... mkdir resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5641] memfd_create("syzkaller", 0 [pid 5639] <... openat resumed>) = 4 [pid 5639] ioctl(4, LOOP_SET_FD, 3 [pid 5051] newfstatat(4, "", [pid 5641] <... memfd_create resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5641] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5640] memfd_create("syzkaller", 0 [pid 5639] <... ioctl resumed>) = 0 [pid 5638] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] getdents64(4, [pid 5640] <... memfd_create resumed>) = 3 [pid 5639] close(3 [pid 5641] <... mmap resumed>) = 0x7f3b887a1000 [pid 5640] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5639] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5640] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] getdents64(4, [pid 5639] mkdir("./file0", 0777) = 0 [pid 5052] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5639] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [ 112.993960][ T5638] loop1: detected capacity change from 0 to 4096 [ 113.017109][ T5639] loop0: detected capacity change from 0 to 4096 [ 113.029468][ T5638] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5051] close(4) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] rmdir("./93/file0" [pid 5052] newfstatat(AT_FDCWD, "./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5052] umount2("./93/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(3, [pid 5052] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5051] close(3) = 0 [pid 5051] rmdir("./93" [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./93/file0") = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./93") = 0 [pid 5052] mkdir("./94", 0777) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... rmdir resumed>) = 0 [pid 5638] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5642 attached [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5642 [pid 5642] set_robust_list(0x555556629660, 24 [pid 5051] mkdir("./94", 0777 [pid 5642] <... set_robust_list resumed>) = 0 [ 113.054128][ T5639] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5642] chdir("./94") = 0 [pid 5638] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... mkdir resumed>) = 0 [pid 5638] <... openat resumed>) = 3 [pid 5638] chdir("./file0" [pid 5642] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5638] <... chdir resumed>) = 0 [pid 5642] <... prctl resumed>) = 0 [pid 5640] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5638] ioctl(4, LOOP_CLR_FD [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5642] setpgid(0, 0) = 0 [pid 5642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5639] <... mount resumed>) = 0 [pid 5638] <... ioctl resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5642] <... openat resumed>) = 3 [pid 5642] write(3, "1000", 4) = 4 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5642] close(3) = 0 [pid 5642] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5638] close(4 [pid 5642] <... symlink resumed>) = 0 [pid 5639] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5642] memfd_create("syzkaller", 0 [pid 5639] <... openat resumed>) = 3 [pid 5638] <... close resumed>) = 0 [pid 5051] close(3 [pid 5639] chdir("./file0" [pid 5638] exit_group(0 [pid 5051] <... close resumed>) = 0 [pid 5639] <... chdir resumed>) = 0 [pid 5638] <... exit_group resumed>) = ? [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5639] ioctl(4, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 5643 attached [pid 5639] close(4 [pid 5638] +++ exited with 0 +++ [pid 5642] <... memfd_create resumed>) = 3 [pid 5641] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5639] <... close resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5643 [pid 5643] set_robust_list(0x555556629660, 24 [pid 5642] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5638, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5643] <... set_robust_list resumed>) = 0 [pid 5642] <... mmap resumed>) = 0x7f3b887a1000 [pid 5639] exit_group(0 [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5643] chdir("./94" [pid 5639] <... exit_group resumed>) = ? [pid 5048] <... restart_syscall resumed>) = 0 [pid 5643] <... chdir resumed>) = 0 [pid 5639] +++ exited with 0 +++ [pid 5643] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5643] setpgid(0, 0 [pid 5048] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5639, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5643] <... setpgid resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(3, "", [pid 5047] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, [pid 5047] <... openat resumed>) = 3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] newfstatat(3, "", [pid 5048] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(3, [pid 5048] newfstatat(AT_FDCWD, "./95/binderfs", [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] unlink("./95/binderfs" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./97/binderfs" [pid 5048] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... unlink resumed>) = 0 [pid 5047] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5643] <... openat resumed>) = 3 [pid 5643] write(3, "1000", 4 [pid 5048] <... umount2 resumed>) = 0 [pid 5643] <... write resumed>) = 4 [pid 5640] <... write resumed>) = 2097152 [pid 5643] close(3 [pid 5048] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5643] <... close resumed>) = 0 [pid 5643] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./95/file0", [pid 5643] <... symlink resumed>) = 0 [pid 5641] <... write resumed>) = 2097152 [pid 5640] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5643] memfd_create("syzkaller", 0 [pid 5640] <... munmap resumed>) = 0 [pid 5048] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5643] <... memfd_create resumed>) = 3 [pid 5641] munmap(0x7f3b887a1000, 138412032 [pid 5643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5642] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5640] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = 0 [pid 5643] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... openat resumed>) = 4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5640] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", [pid 5047] newfstatat(AT_FDCWD, "./97/file0", [pid 5640] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] getdents64(4, [pid 5047] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5641] <... munmap resumed>) = 0 [pid 5048] getdents64(4, [pid 5047] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5641] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] newfstatat(4, "", [pid 5048] close(4) = 0 [pid 5641] <... openat resumed>) = 4 [pid 5048] rmdir("./95/file0" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./97/file0" [pid 5641] ioctl(4, LOOP_SET_FD, 3 [pid 5048] getdents64(3, [pid 5047] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./97") = 0 [pid 5047] mkdir("./98", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5047] close(3) = 0 [pid 5048] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] rmdir("./95" [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5644 [pid 5048] <... rmdir resumed>) = 0 [pid 5640] <... ioctl resumed>) = 0 [pid 5640] close(3) = 0 [pid 5640] mkdir("./file0", 0777 [pid 5048] mkdir("./96", 0777 [pid 5640] <... mkdir resumed>) = 0 [pid 5640] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5048] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5644 attached [ 113.246383][ T5640] loop3: detected capacity change from 0 to 4096 [ 113.282925][ T5641] loop2: detected capacity change from 0 to 4096 [pid 5644] set_robust_list(0x555556629660, 24) = 0 [pid 5644] chdir("./98" [pid 5643] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5642] <... write resumed>) = 2097152 [pid 5641] <... ioctl resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5644] <... chdir resumed>) = 0 [pid 5641] close(3 [pid 5644] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5642] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... openat resumed>) = 3 [pid 5644] <... prctl resumed>) = 0 [pid 5641] <... close resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5644] setpgid(0, 0 [pid 5641] mkdir("./file0", 0777 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5644] <... setpgid resumed>) = 0 [pid 5641] <... mkdir resumed>) = 0 [pid 5644] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5642] <... munmap resumed>) = 0 [pid 5641] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5048] close(3 [pid 5642] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5048] <... close resumed>) = 0 [pid 5642] <... openat resumed>) = 4 [ 113.302043][ T5640] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5642] ioctl(4, LOOP_SET_FD, 3 [pid 5644] <... openat resumed>) = 3 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5645 attached [pid 5645] set_robust_list(0x555556629660, 24 [pid 5644] write(3, "1000", 4 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5645 [pid 5642] <... ioctl resumed>) = 0 [pid 5645] <... set_robust_list resumed>) = 0 [pid 5644] <... write resumed>) = 4 [pid 5643] <... write resumed>) = 2097152 [pid 5644] close(3 [pid 5645] chdir("./96" [pid 5644] <... close resumed>) = 0 [pid 5641] <... mount resumed>) = 0 [pid 5644] symlink("/dev/binderfs", "./binderfs" [pid 5643] munmap(0x7f3b887a1000, 138412032 [pid 5642] close(3 [pid 5644] <... symlink resumed>) = 0 [pid 5645] <... chdir resumed>) = 0 [pid 5643] <... munmap resumed>) = 0 [pid 5642] <... close resumed>) = 0 [pid 5641] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5640] <... mount resumed>) = 0 [pid 5640] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5642] mkdir("./file0", 0777 [pid 5640] <... openat resumed>) = 3 [pid 5645] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5644] memfd_create("syzkaller", 0 [pid 5642] <... mkdir resumed>) = 0 [pid 5641] <... openat resumed>) = 3 [pid 5640] chdir("./file0" [pid 5645] <... prctl resumed>) = 0 [pid 5644] <... memfd_create resumed>) = 3 [pid 5641] chdir("./file0" [pid 5640] <... chdir resumed>) = 0 [pid 5645] setpgid(0, 0 [pid 5644] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5641] <... chdir resumed>) = 0 [pid 5640] ioctl(4, LOOP_CLR_FD [pid 5645] <... setpgid resumed>) = 0 [pid 5644] <... mmap resumed>) = 0x7f3b887a1000 [pid 5641] ioctl(4, LOOP_CLR_FD [pid 5640] <... ioctl resumed>) = 0 [pid 5645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5642] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5641] <... ioctl resumed>) = 0 [pid 5640] close(4 [pid 5641] close(4 [pid 5640] <... close resumed>) = 0 [pid 5640] exit_group(0 [pid 5641] <... close resumed>) = 0 [pid 5640] <... exit_group resumed>) = ? [ 113.344358][ T5642] loop5: detected capacity change from 0 to 4096 [ 113.355496][ T5641] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5645] <... openat resumed>) = 3 [pid 5643] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5641] exit_group(0 [pid 5640] +++ exited with 0 +++ [pid 5643] <... openat resumed>) = 4 [pid 5641] <... exit_group resumed>) = ? [pid 5643] ioctl(4, LOOP_SET_FD, 3 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5640, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5641] +++ exited with 0 +++ [pid 5050] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5645] write(3, "1000", 4 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5641, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5645] <... write resumed>) = 4 [pid 5645] close(3 [pid 5050] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(3, "", [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5645] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5645] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... openat resumed>) = 3 [pid 5050] getdents64(3, [pid 5645] <... symlink resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] newfstatat(3, "", [pid 5050] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5050] newfstatat(AT_FDCWD, "./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./95/binderfs") = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5645] memfd_create("syzkaller", 0 [pid 5643] <... ioctl resumed>) = 0 [pid 5643] close(3) = 0 [pid 5643] mkdir("./file0", 0777) = 0 [ 113.402861][ T5642] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 113.415939][ T5643] loop4: detected capacity change from 0 to 4096 [pid 5643] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5645] <... memfd_create resumed>) = 3 [pid 5644] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5645] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./97/binderfs") = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = 0 [pid 5049] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./95/file0", [pid 5049] newfstatat(4, "", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 113.447342][ T5643] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] rmdir("./95/file0" [pid 5049] getdents64(4, [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./97/file0" [pid 5642] <... mount resumed>) = 0 [pid 5050] getdents64(3, [pid 5642] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5644] <... write resumed>) = 2097152 [pid 5645] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5644] munmap(0x7f3b887a1000, 138412032 [pid 5049] getdents64(3, [pid 5642] <... openat resumed>) = 3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./95" [pid 5049] close(3 [pid 5642] chdir("./file0") = 0 [pid 5642] ioctl(4, LOOP_CLR_FD [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5642] <... ioctl resumed>) = 0 [pid 5049] rmdir("./97" [pid 5642] close(4 [pid 5049] <... rmdir resumed>) = 0 [pid 5642] <... close resumed>) = 0 [pid 5049] mkdir("./98", 0777 [pid 5050] mkdir("./96", 0777) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5642] exit_group(0 [pid 5644] <... munmap resumed>) = 0 [pid 5642] <... exit_group resumed>) = ? [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5642] +++ exited with 0 +++ [pid 5050] <... openat resumed>) = 3 [pid 5644] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5643] <... mount resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5049] <... openat resumed>) = 3 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5642, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5643] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] getdents64(3, [pid 5050] close(3 [pid 5643] <... openat resumed>) = 3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... close resumed>) = 0 [pid 5052] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5646 attached [pid 5644] <... openat resumed>) = 4 [pid 5643] chdir("./file0" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5646] set_robust_list(0x555556629660, 24 [pid 5644] ioctl(4, LOOP_SET_FD, 3 [pid 5646] <... set_robust_list resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5643] <... chdir resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./94/binderfs", [pid 5643] ioctl(4, LOOP_CLR_FD [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5643] <... ioctl resumed>) = 0 [pid 5052] unlink("./94/binderfs" [pid 5643] close(4 [pid 5052] <... unlink resumed>) = 0 [pid 5643] <... close resumed>) = 0 [pid 5052] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5646 [pid 5643] exit_group(0) = ? [pid 5643] +++ exited with 0 +++ [pid 5646] chdir("./96" [pid 5049] close(3 [pid 5646] <... chdir resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5643, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5049] <... close resumed>) = 0 [pid 5646] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] umount2("./94", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5647 attached [pid 5646] <... prctl resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5647 [pid 5647] set_robust_list(0x555556629660, 24 [pid 5646] setpgid(0, 0 [pid 5051] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5647] <... set_robust_list resumed>) = 0 [pid 5647] chdir("./98" [pid 5646] <... setpgid resumed>) = 0 [pid 5644] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5647] <... chdir resumed>) = 0 [pid 5647] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5646] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5647] <... prctl resumed>) = 0 [pid 5644] close(3 [pid 5051] newfstatat(3, "", [pid 5647] setpgid(0, 0 [pid 5644] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5647] <... setpgid resumed>) = 0 [pid 5644] mkdir("./file0", 0777 [pid 5052] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5644] <... mkdir resumed>) = 0 [pid 5647] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(3, [pid 5052] newfstatat(AT_FDCWD, "./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5647] <... openat resumed>) = 3 [pid 5051] umount2("./94/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5647] write(3, "1000", 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5646] <... openat resumed>) = 3 [pid 5647] <... write resumed>) = 4 [pid 5052] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] newfstatat(AT_FDCWD, "./94/binderfs", [pid 5647] close(3 [pid 5644] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5052] <... openat resumed>) = 4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5647] <... close resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5647] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, [pid 5647] <... symlink resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] unlink("./94/binderfs" [pid 5052] close(4 [pid 5051] <... unlink resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./94/file0") = 0 [pid 5051] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./94") = 0 [pid 5052] mkdir("./95", 0777) = 0 [pid 5646] write(3, "1000", 4 [pid 5645] <... write resumed>) = 2097152 [pid 5647] memfd_create("syzkaller", 0 [pid 5646] <... write resumed>) = 4 [pid 5645] munmap(0x7f3b887a1000, 138412032 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5646] close(3 [pid 5647] <... memfd_create resumed>) = 3 [pid 5646] <... close resumed>) = 0 [pid 5645] <... munmap resumed>) = 0 [pid 5646] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... openat resumed>) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] close(3) = 0 [pid 5646] <... symlink resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5646] memfd_create("syzkaller", 0 [pid 5645] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5646] <... memfd_create resumed>) = 3 [pid 5646] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5645] <... openat resumed>) = 4 [pid 5646] <... mmap resumed>) = 0x7f3b887a1000 [pid 5645] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5648 ./strace-static-x86_64: Process 5648 attached [pid 5648] set_robust_list(0x555556629660, 24) = 0 [ 113.573305][ T5644] loop0: detected capacity change from 0 to 4096 [ 113.611569][ T5644] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5648] chdir("./95") = 0 [pid 5648] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5648] setpgid(0, 0) = 0 [pid 5648] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5648] write(3, "1000", 4) = 4 [pid 5648] close(3) = 0 [pid 5648] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5647] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5648] memfd_create("syzkaller", 0 [pid 5647] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... umount2 resumed>) = 0 [pid 5648] <... memfd_create resumed>) = 3 [pid 5648] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5645] <... ioctl resumed>) = 0 [pid 5645] close(3) = 0 [pid 5645] mkdir("./file0", 0777) = 0 [pid 5645] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 113.646674][ T5645] loop1: detected capacity change from 0 to 4096 [pid 5051] newfstatat(AT_FDCWD, "./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./94/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", [pid 5644] <... mount resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./94/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./94") = 0 [pid 5051] mkdir("./95", 0777) = 0 [pid 5644] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5646] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5644] <... openat resumed>) = 3 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5644] chdir("./file0" [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5647] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5644] <... chdir resumed>) = 0 [pid 5644] ioctl(4, LOOP_CLR_FD) = 0 [ 113.698533][ T5645] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5644] close(4 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5649 [pid 5644] <... close resumed>) = 0 [pid 5644] exit_group(0) = ? [pid 5644] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5644, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=4 /* 0.04 s */} --- [pid 5645] <... mount resumed>) = 0 [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5645] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 5649 attached [pid 5645] <... openat resumed>) = 3 [pid 5649] set_robust_list(0x555556629660, 24 [pid 5645] chdir("./file0" [pid 5649] <... set_robust_list resumed>) = 0 [pid 5645] <... chdir resumed>) = 0 [pid 5047] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5649] chdir("./95" [pid 5645] ioctl(4, LOOP_CLR_FD [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5649] <... chdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5649] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5648] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... openat resumed>) = 3 [pid 5649] <... prctl resumed>) = 0 [pid 5047] newfstatat(3, "", [pid 5649] setpgid(0, 0) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5649] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5649] write(3, "1000", 4 [pid 5645] <... ioctl resumed>) = 0 [pid 5047] unlink("./98/binderfs" [pid 5649] <... write resumed>) = 4 [pid 5645] close(4 [pid 5649] close(3) = 0 [pid 5645] <... close resumed>) = 0 [pid 5649] symlink("/dev/binderfs", "./binderfs" [pid 5645] exit_group(0) = ? [pid 5649] <... symlink resumed>) = 0 [pid 5645] +++ exited with 0 +++ [pid 5047] <... unlink resumed>) = 0 [pid 5649] memfd_create("syzkaller", 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5645, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5047] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5649] <... memfd_create resumed>) = 3 [pid 5647] <... write resumed>) = 2097152 [pid 5649] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5647] munmap(0x7f3b887a1000, 138412032 [pid 5649] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5648] <... write resumed>) = 2097152 [pid 5647] <... munmap resumed>) = 0 [pid 5646] <... write resumed>) = 2097152 [pid 5048] <... openat resumed>) = 3 [pid 5648] munmap(0x7f3b887a1000, 138412032 [pid 5647] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5646] munmap(0x7f3b887a1000, 138412032 [pid 5647] <... openat resumed>) = 4 [pid 5048] newfstatat(3, "", [pid 5647] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5647] <... ioctl resumed>) = 0 [pid 5048] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./96/binderfs", [pid 5648] <... munmap resumed>) = 0 [pid 5647] close(3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5648] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5647] <... close resumed>) = 0 [pid 5048] unlink("./96/binderfs" [pid 5648] <... openat resumed>) = 4 [pid 5647] mkdir("./file0", 0777 [pid 5048] <... unlink resumed>) = 0 [pid 5648] ioctl(4, LOOP_SET_FD, 3 [pid 5048] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5647] <... mkdir resumed>) = 0 [pid 5648] <... ioctl resumed>) = 0 [pid 5647] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5646] <... munmap resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5648] close(3 [pid 5047] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5648] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5649] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5648] mkdir("./file0", 0777 [pid 5646] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] newfstatat(AT_FDCWD, "./98/file0", [pid 5648] <... mkdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(4, "", [pid 5048] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] newfstatat(4, "", [pid 5047] getdents64(4, [pid 5649] <... write resumed>) = 2097152 [pid 5646] <... openat resumed>) = 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5648] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, [pid 5047] getdents64(4, [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(4, [pid 5047] close(4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... close resumed>) = 0 [pid 5048] close(4 [ 113.845360][ T5647] loop2: detected capacity change from 0 to 4096 [ 113.858759][ T5648] loop5: detected capacity change from 0 to 4096 [ 113.870286][ T5647] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5047] rmdir("./98/file0" [pid 5646] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... close resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5048] rmdir("./96/file0" [pid 5047] getdents64(3, [pid 5048] <... rmdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5649] munmap(0x7f3b887a1000, 138412032 [pid 5646] <... ioctl resumed>) = 0 [pid 5048] getdents64(3, [pid 5047] close(3 [pid 5646] close(3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... close resumed>) = 0 [pid 5646] <... close resumed>) = 0 [pid 5048] close(3 [pid 5047] rmdir("./98" [pid 5649] <... munmap resumed>) = 0 [pid 5646] mkdir("./file0", 0777 [pid 5048] <... close resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5649] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] rmdir("./96" [pid 5649] <... openat resumed>) = 4 [pid 5646] <... mkdir resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] mkdir("./99", 0777 [pid 5649] ioctl(4, LOOP_SET_FD, 3 [pid 5646] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5048] mkdir("./97", 0777 [pid 5047] <... mkdir resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] close(3 [pid 5048] close(3 [pid 5047] <... close resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5651 attached ./strace-static-x86_64: Process 5650 attached [pid 5649] <... ioctl resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5650 [pid 5649] close(3 [pid 5650] set_robust_list(0x555556629660, 24 [pid 5649] <... close resumed>) = 0 [pid 5650] <... set_robust_list resumed>) = 0 [pid 5649] mkdir("./file0", 0777 [pid 5650] chdir("./99" [pid 5649] <... mkdir resumed>) = 0 [pid 5650] <... chdir resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5651 [pid 5650] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5649] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5650] setpgid(0, 0) = 0 [pid 5651] set_robust_list(0x555556629660, 24 [pid 5650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5651] <... set_robust_list resumed>) = 0 [pid 5650] write(3, "1000", 4) = 4 [ 113.911023][ T5646] loop3: detected capacity change from 0 to 4096 [ 113.920432][ T5648] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 113.936122][ T5649] loop4: detected capacity change from 0 to 4096 [ 113.944769][ T5646] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5651] chdir("./97" [pid 5650] close(3 [pid 5647] <... mount resumed>) = 0 [pid 5650] <... close resumed>) = 0 [pid 5647] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5651] <... chdir resumed>) = 0 [pid 5650] symlink("/dev/binderfs", "./binderfs" [pid 5647] <... openat resumed>) = 3 [pid 5651] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5650] <... symlink resumed>) = 0 [pid 5647] chdir("./file0" [pid 5651] <... prctl resumed>) = 0 [pid 5647] <... chdir resumed>) = 0 [pid 5647] ioctl(4, LOOP_CLR_FD [pid 5651] setpgid(0, 0 [pid 5650] memfd_create("syzkaller", 0 [pid 5647] <... ioctl resumed>) = 0 [pid 5651] <... setpgid resumed>) = 0 [pid 5650] <... memfd_create resumed>) = 3 [pid 5647] close(4 [pid 5651] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5650] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5647] <... close resumed>) = 0 [pid 5651] <... openat resumed>) = 3 [pid 5650] <... mmap resumed>) = 0x7f3b887a1000 [pid 5647] exit_group(0 [pid 5651] write(3, "1000", 4 [pid 5647] <... exit_group resumed>) = ? [pid 5651] <... write resumed>) = 4 [pid 5651] close(3) = 0 [pid 5651] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5647] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5647, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5049] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5651] memfd_create("syzkaller", 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5651] <... memfd_create resumed>) = 3 [pid 5049] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5651] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5651] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] newfstatat(AT_FDCWD, "./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./98/binderfs") = 0 [ 113.968083][ T5649] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5049] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5648] <... mount resumed>) = 0 [pid 5648] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5648] chdir("./file0") = 0 [pid 5648] ioctl(4, LOOP_CLR_FD) = 0 [pid 5648] close(4 [pid 5650] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5649] <... mount resumed>) = 0 [pid 5648] <... close resumed>) = 0 [pid 5649] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5648] exit_group(0) = ? [pid 5646] <... mount resumed>) = 0 [pid 5649] <... openat resumed>) = 3 [pid 5649] chdir("./file0" [pid 5648] +++ exited with 0 +++ [pid 5646] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5648, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5052] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5649] <... chdir resumed>) = 0 [pid 5646] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", [pid 5649] ioctl(4, LOOP_CLR_FD [pid 5646] chdir("./file0" [pid 5651] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5649] <... ioctl resumed>) = 0 [pid 5646] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5649] close(4 [pid 5646] ioctl(4, LOOP_CLR_FD [pid 5052] getdents64(3, [pid 5649] <... close resumed>) = 0 [pid 5646] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5649] exit_group(0 [pid 5646] close(4 [pid 5052] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./95/binderfs" [pid 5646] <... close resumed>) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5649] <... exit_group resumed>) = ? [pid 5052] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5646] exit_group(0 [pid 5649] +++ exited with 0 +++ [pid 5646] <... exit_group resumed>) = ? [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5649, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5051] umount2("./95", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5646] +++ exited with 0 +++ [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./95/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5646, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5051] newfstatat(AT_FDCWD, "./95/binderfs", [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5051] unlink("./95/binderfs") = 0 [pid 5051] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", [pid 5049] <... umount2 resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(3, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] newfstatat(AT_FDCWD, "./98/file0", [pid 5050] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./96/binderfs", [pid 5052] newfstatat(AT_FDCWD, "./95/file0", [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./96/binderfs") = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5650] <... write resumed>) = 2097152 [pid 5052] getdents64(4, [pid 5049] <... openat resumed>) = 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./95/file0") = 0 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5651] <... write resumed>) = 2097152 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./98/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5052] getdents64(3, [pid 5651] munmap(0x7f3b887a1000, 138412032 [pid 5049] rmdir("./98" [pid 5650] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5650] <... munmap resumed>) = 0 [pid 5052] close(3 [pid 5049] <... rmdir resumed>) = 0 [pid 5651] <... munmap resumed>) = 0 [pid 5049] mkdir("./99", 0777 [pid 5052] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5052] rmdir("./95" [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] <... rmdir resumed>) = 0 [pid 5052] mkdir("./96", 0777 [pid 5049] <... openat resumed>) = 3 [pid 5052] <... mkdir resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5051] newfstatat(AT_FDCWD, "./95/file0", [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] close(3 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5652 ./strace-static-x86_64: Process 5652 attached [pid 5650] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] <... close resumed>) = 0 [pid 5051] umount2("./95/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5650] <... openat resumed>) = 4 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5652] set_robust_list(0x555556629660, 24 [pid 5650] ioctl(4, LOOP_SET_FD, 3 [pid 5652] <... set_robust_list resumed>) = 0 [pid 5651] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5650] <... ioctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5652] chdir("./99" [pid 5651] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5653 attached [pid 5652] <... chdir resumed>) = 0 [pid 5651] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5653 [pid 5051] <... openat resumed>) = 4 [pid 5050] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(4, "", [pid 5050] newfstatat(AT_FDCWD, "./96/file0", [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5653] set_robust_list(0x555556629660, 24 [pid 5051] getdents64(4, [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5653] <... set_robust_list resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5653] chdir("./96" [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./95/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5653] <... chdir resumed>) = 0 [pid 5050] newfstatat(4, "", [pid 5653] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5653] <... prctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] getdents64(4, [pid 5653] setpgid(0, 0 [pid 5051] rmdir("./95" [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5653] <... setpgid resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] getdents64(4, [pid 5653] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5652] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5653] <... openat resumed>) = 3 [pid 5650] close(3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5650] <... close resumed>) = 0 [pid 5050] close(4 [pid 5653] write(3, "1000", 4 [pid 5650] mkdir("./file0", 0777 [pid 5050] <... close resumed>) = 0 [pid 5652] <... prctl resumed>) = 0 [pid 5650] <... mkdir resumed>) = 0 [pid 5050] rmdir("./96/file0") = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./96") = 0 [pid 5653] <... write resumed>) = 4 [pid 5653] close(3 [pid 5650] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5051] mkdir("./96", 0777 [pid 5652] setpgid(0, 0 [pid 5050] mkdir("./97", 0777 [pid 5652] <... setpgid resumed>) = 0 [pid 5651] <... ioctl resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5653] <... close resumed>) = 0 [pid 5652] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5651] close(3 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... mkdir resumed>) = 0 [pid 5653] symlink("/dev/binderfs", "./binderfs" [pid 5652] <... openat resumed>) = 3 [pid 5651] <... close resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5653] <... symlink resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] <... openat resumed>) = 3 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5051] close(3 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] <... close resumed>) = 0 [pid 5050] close(3 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5654 attached [pid 5653] memfd_create("syzkaller", 0 [pid 5652] write(3, "1000", 4 [pid 5651] mkdir("./file0", 0777 [pid 5654] set_robust_list(0x555556629660, 24 [pid 5652] <... write resumed>) = 4 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5654 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5655 ./strace-static-x86_64: Process 5655 attached [pid 5654] <... set_robust_list resumed>) = 0 [pid 5653] <... memfd_create resumed>) = 3 [pid 5652] close(3 [pid 5651] <... mkdir resumed>) = 0 [pid 5654] chdir("./96" [pid 5655] set_robust_list(0x555556629660, 24 [ 114.193183][ T5650] loop0: detected capacity change from 0 to 4096 [ 114.212285][ T5651] loop1: detected capacity change from 0 to 4096 [ 114.230151][ T5650] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5653] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5652] <... close resumed>) = 0 [pid 5651] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5654] <... chdir resumed>) = 0 [pid 5655] <... set_robust_list resumed>) = 0 [pid 5653] <... mmap resumed>) = 0x7f3b887a1000 [pid 5652] symlink("/dev/binderfs", "./binderfs" [pid 5654] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5655] chdir("./97") = 0 [pid 5654] <... prctl resumed>) = 0 [pid 5655] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5652] <... symlink resumed>) = 0 [pid 5655] <... prctl resumed>) = 0 [pid 5655] setpgid(0, 0) = 0 [pid 5655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5652] memfd_create("syzkaller", 0 [pid 5654] setpgid(0, 0) = 0 [pid 5654] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5655] write(3, "1000", 4 [pid 5654] <... openat resumed>) = 3 [pid 5654] write(3, "1000", 4 [pid 5655] <... write resumed>) = 4 [pid 5654] <... write resumed>) = 4 [pid 5655] close(3 [pid 5654] close(3 [pid 5655] <... close resumed>) = 0 [pid 5652] <... memfd_create resumed>) = 3 [pid 5654] <... close resumed>) = 0 [pid 5652] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5654] symlink("/dev/binderfs", "./binderfs" [pid 5652] <... mmap resumed>) = 0x7f3b887a1000 [pid 5655] symlink("/dev/binderfs", "./binderfs" [pid 5654] <... symlink resumed>) = 0 [pid 5655] <... symlink resumed>) = 0 [pid 5654] memfd_create("syzkaller", 0) = 3 [pid 5655] memfd_create("syzkaller", 0 [pid 5654] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5655] <... memfd_create resumed>) = 3 [pid 5654] <... mmap resumed>) = 0x7f3b887a1000 [ 114.258297][ T5651] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5650] <... mount resumed>) = 0 [pid 5650] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5650] chdir("./file0") = 0 [pid 5650] ioctl(4, LOOP_CLR_FD) = 0 [pid 5652] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5650] close(4) = 0 [pid 5650] exit_group(0) = ? [pid 5650] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5650, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5047] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5651] <... mount resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5653] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./99/binderfs") = 0 [pid 5047] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5651] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5654] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5652] <... write resumed>) = 2097152 [pid 5651] <... openat resumed>) = 3 [pid 5651] chdir("./file0" [pid 5652] munmap(0x7f3b887a1000, 138412032 [pid 5651] <... chdir resumed>) = 0 [pid 5651] ioctl(4, LOOP_CLR_FD) = 0 [pid 5652] <... munmap resumed>) = 0 [pid 5651] close(4 [pid 5652] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5651] <... close resumed>) = 0 [pid 5651] exit_group(0 [pid 5652] <... openat resumed>) = 4 [pid 5655] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5652] ioctl(4, LOOP_SET_FD, 3 [pid 5651] <... exit_group resumed>) = ? [pid 5651] +++ exited with 0 +++ [pid 5047] <... umount2 resumed>) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5651, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5048] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./97/binderfs") = 0 [pid 5048] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5654] <... write resumed>) = 2097152 [pid 5652] <... ioctl resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5654] munmap(0x7f3b887a1000, 138412032 [pid 5653] <... write resumed>) = 2097152 [pid 5652] close(3 [pid 5047] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5652] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", [pid 5654] <... munmap resumed>) = 0 [pid 5653] munmap(0x7f3b887a1000, 138412032 [pid 5652] mkdir("./file0", 0777 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5652] <... mkdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5654] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5652] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5047] close(4 [pid 5654] <... openat resumed>) = 4 [pid 5653] <... munmap resumed>) = 0 [pid 5654] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... close resumed>) = 0 [ 114.466301][ T5652] loop2: detected capacity change from 0 to 4096 [pid 5047] rmdir("./99/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./99") = 0 [pid 5047] mkdir("./100", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5656 attached [pid 5653] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5656] set_robust_list(0x555556629660, 24 [pid 5653] <... openat resumed>) = 4 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5656 [pid 5656] <... set_robust_list resumed>) = 0 [pid 5653] ioctl(4, LOOP_SET_FD, 3 [pid 5656] chdir("./100" [pid 5654] <... ioctl resumed>) = 0 [pid 5655] <... write resumed>) = 2097152 [pid 5654] close(3 [pid 5655] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... umount2 resumed>) = 0 [pid 5656] <... chdir resumed>) = 0 [pid 5656] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5656] setpgid(0, 0) = 0 [pid 5655] <... munmap resumed>) = 0 [pid 5656] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5048] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5656] write(3, "1000", 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5656] <... write resumed>) = 4 [pid 5048] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5656] close(3 [pid 5048] <... openat resumed>) = 4 [pid 5656] <... close resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5656] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5656] <... symlink resumed>) = 0 [pid 5654] <... close resumed>) = 0 [pid 5048] getdents64(4, [pid 5656] memfd_create("syzkaller", 0 [pid 5654] mkdir("./file0", 0777 [pid 5655] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5656] <... memfd_create resumed>) = 3 [pid 5048] rmdir("./97/file0" [pid 5654] <... mkdir resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5655] <... openat resumed>) = 4 [pid 5654] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 114.512988][ T5654] loop4: detected capacity change from 0 to 4096 [ 114.519480][ T5652] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 114.523503][ T5653] loop5: detected capacity change from 0 to 4096 [pid 5048] getdents64(3, [pid 5655] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./97") = 0 [pid 5048] mkdir("./98", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5656] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5656] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5657 attached , child_tidptr=0x555556629650) = 5657 [pid 5657] set_robust_list(0x555556629660, 24 [pid 5653] <... ioctl resumed>) = 0 [pid 5657] <... set_robust_list resumed>) = 0 [pid 5653] close(3 [pid 5657] chdir("./98" [pid 5653] <... close resumed>) = 0 [pid 5653] mkdir("./file0", 0777) = 0 [pid 5653] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5655] <... ioctl resumed>) = 0 [pid 5652] <... mount resumed>) = 0 [pid 5657] <... chdir resumed>) = 0 [pid 5657] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5655] close(3 [pid 5652] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5655] <... close resumed>) = 0 [pid 5657] setpgid(0, 0 [pid 5655] mkdir("./file0", 0777 [pid 5652] <... openat resumed>) = 3 [pid 5657] <... setpgid resumed>) = 0 [pid 5657] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5652] chdir("./file0" [pid 5657] <... openat resumed>) = 3 [pid 5657] write(3, "1000", 4 [pid 5655] <... mkdir resumed>) = 0 [pid 5652] <... chdir resumed>) = 0 [pid 5657] <... write resumed>) = 4 [pid 5652] ioctl(4, LOOP_CLR_FD [pid 5657] close(3 [pid 5652] <... ioctl resumed>) = 0 [pid 5657] <... close resumed>) = 0 [pid 5652] close(4 [pid 5657] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5657] memfd_create("syzkaller", 0) = 3 [pid 5652] <... close resumed>) = 0 [pid 5657] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5652] exit_group(0 [pid 5657] <... mmap resumed>) = 0x7f3b887a1000 [pid 5652] <... exit_group resumed>) = ? [pid 5652] +++ exited with 0 +++ [ 114.560196][ T5654] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 114.569709][ T5655] loop3: detected capacity change from 0 to 4096 [ 114.581551][ T5653] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5652, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5049] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5655] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./99/binderfs") = 0 [pid 5049] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5656] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5654] <... mount resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5654] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5654] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5654] chdir("./file0" [pid 5049] newfstatat(AT_FDCWD, "./99/file0", [pid 5654] <... chdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5654] ioctl(4, LOOP_CLR_FD [pid 5049] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5654] <... ioctl resumed>) = 0 [pid 5653] <... mount resumed>) = 0 [ 114.629990][ T5655] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5049] <... openat resumed>) = 4 [pid 5654] close(4 [pid 5653] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] newfstatat(4, "", [pid 5654] <... close resumed>) = 0 [pid 5653] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5657] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5654] exit_group(0 [pid 5653] chdir("./file0" [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, [pid 5654] <... exit_group resumed>) = ? [pid 5653] <... chdir resumed>) = 0 [pid 5653] ioctl(4, LOOP_CLR_FD) = 0 [pid 5654] +++ exited with 0 +++ [pid 5655] <... mount resumed>) = 0 [pid 5653] close(4 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5653] <... close resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5654, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5049] close(4 [pid 5653] exit_group(0 [pid 5049] <... close resumed>) = 0 [pid 5051] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5655] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] rmdir("./99/file0" [pid 5653] <... exit_group resumed>) = ? [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5653] +++ exited with 0 +++ [pid 5051] unlink("./96/binderfs" [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5653, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5051] <... unlink resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5051] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5655] <... openat resumed>) = 3 [pid 5049] getdents64(3, [pid 5655] chdir("./file0" [pid 5656] <... write resumed>) = 2097152 [pid 5655] <... chdir resumed>) = 0 [pid 5052] umount2("./96", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5655] ioctl(4, LOOP_CLR_FD [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5655] <... ioctl resumed>) = 0 [pid 5049] close(3 [pid 5655] close(4 [pid 5052] <... openat resumed>) = 3 [pid 5655] <... close resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5051] <... umount2 resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] rmdir("./99" [pid 5655] exit_group(0 [pid 5052] getdents64(3, [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5655] <... exit_group resumed>) = ? [pid 5051] newfstatat(AT_FDCWD, "./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5656] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5656] <... munmap resumed>) = 0 [pid 5655] +++ exited with 0 +++ [pid 5052] umount2("./96/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] mkdir("./100", 0777 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5655, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(4, [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... mkdir resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./96/binderfs", [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] getdents64(4, [pid 5050] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] unlink("./96/binderfs" [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5051] close(4 [pid 5050] newfstatat(3, "", [pid 5052] <... unlink resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] rmdir("./96/file0" [pid 5050] getdents64(3, [pid 5656] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5656] <... openat resumed>) = 4 [pid 5051] getdents64(3, [pid 5050] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5656] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5051] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] rmdir("./96" [pid 5050] unlink("./97/binderfs" [pid 5049] close(3 [pid 5657] <... write resumed>) = 2097152 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5656] <... ioctl resumed>) = 0 [pid 5050] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] mkdir("./97", 0777 [pid 5657] munmap(0x7f3b887a1000, 138412032 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5658 attached [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5658] set_robust_list(0x555556629660, 24 [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = 0 [pid 5658] <... set_robust_list resumed>) = 0 [pid 5051] close(3 [pid 5658] chdir("./100" [pid 5051] <... close resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5658 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5656] close(3 [pid 5658] <... chdir resumed>) = 0 [pid 5657] <... munmap resumed>) = 0 [pid 5656] <... close resumed>) = 0 [pid 5658] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5656] mkdir("./file0", 0777 [pid 5658] <... prctl resumed>) = 0 [pid 5658] setpgid(0, 0) = 0 [pid 5658] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5656] <... mkdir resumed>) = 0 [pid 5656] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5658] <... openat resumed>) = 3 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5659 ./strace-static-x86_64: Process 5659 attached [pid 5658] write(3, "1000", 4 [pid 5657] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] <... umount2 resumed>) = 0 [pid 5659] set_robust_list(0x555556629660, 24 [pid 5658] <... write resumed>) = 4 [pid 5050] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5659] <... set_robust_list resumed>) = 0 [pid 5658] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5659] chdir("./97" [pid 5658] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./97/file0", [pid 5659] <... chdir resumed>) = 0 [pid 5658] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5659] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5658] <... symlink resumed>) = 0 [pid 5050] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5659] <... prctl resumed>) = 0 [pid 5658] memfd_create("syzkaller", 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5659] setpgid(0, 0 [pid 5657] <... openat resumed>) = 4 [pid 5052] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5659] <... setpgid resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5659] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5658] <... memfd_create resumed>) = 3 [pid 5050] newfstatat(4, "", [pid 5659] <... openat resumed>) = 3 [pid 5658] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 114.773942][ T5656] loop0: detected capacity change from 0 to 4096 [ 114.804001][ T5656] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5659] write(3, "1000", 4 [pid 5658] <... mmap resumed>) = 0x7f3b887a1000 [pid 5657] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] getdents64(4, [pid 5659] <... write resumed>) = 4 [pid 5657] <... ioctl resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./96/file0", [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5659] close(3 [pid 5657] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] rmdir("./97/file0" [pid 5657] <... close resumed>) = 0 [pid 5052] umount2("./96/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5659] <... close resumed>) = 0 [pid 5657] mkdir("./file0", 0777 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... rmdir resumed>) = 0 [pid 5659] symlink("/dev/binderfs", "./binderfs" [pid 5050] getdents64(3, [pid 5659] <... symlink resumed>) = 0 [pid 5657] <... mkdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5052] <... openat resumed>) = 4 [pid 5050] <... close resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5050] rmdir("./97" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5657] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] getdents64(4, [pid 5050] <... rmdir resumed>) = 0 [pid 5659] memfd_create("syzkaller", 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] mkdir("./98", 0777) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = 0 [pid 5050] close(3 [pid 5659] <... memfd_create resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5660 attached [pid 5052] getdents64(4, [pid 5660] set_robust_list(0x555556629660, 24 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5660] <... set_robust_list resumed>) = 0 [pid 5660] chdir("./98" [pid 5052] close(4 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5660 [pid 5660] <... chdir resumed>) = 0 [pid 5659] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... close resumed>) = 0 [pid 5656] <... mount resumed>) = 0 [pid 5656] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] rmdir("./96/file0" [pid 5660] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5660] setpgid(0, 0) = 0 [pid 5660] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5656] <... openat resumed>) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5660] <... openat resumed>) = 3 [pid 5656] chdir("./file0" [pid 5052] getdents64(3, [pid 5659] <... mmap resumed>) = 0x7f3b887a1000 [pid 5656] <... chdir resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5660] write(3, "1000", 4 [pid 5656] ioctl(4, LOOP_CLR_FD [pid 5052] close(3 [pid 5656] <... ioctl resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5656] close(4 [pid 5052] rmdir("./96" [pid 5656] <... close resumed>) = 0 [pid 5660] <... write resumed>) = 4 [pid 5052] <... rmdir resumed>) = 0 [pid 5660] close(3 [pid 5656] exit_group(0 [pid 5052] mkdir("./97", 0777 [pid 5660] <... close resumed>) = 0 [ 114.833201][ T5657] loop1: detected capacity change from 0 to 4096 [ 114.866465][ T5657] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5660] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5656] <... exit_group resumed>) = ? [pid 5052] <... mkdir resumed>) = 0 [pid 5656] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5656, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5660] memfd_create("syzkaller", 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5047] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5660] <... memfd_create resumed>) = 3 [pid 5052] close(3 [pid 5047] getdents64(3, [pid 5660] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5660] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./100/binderfs") = 0 [pid 5047] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5661 attached [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5661 [pid 5661] set_robust_list(0x555556629660, 24) = 0 [pid 5658] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5661] chdir("./97") = 0 [pid 5661] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5657] <... mount resumed>) = 0 [pid 5661] <... prctl resumed>) = 0 [pid 5657] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5661] setpgid(0, 0 [pid 5657] <... openat resumed>) = 3 [pid 5661] <... setpgid resumed>) = 0 [pid 5657] chdir("./file0" [pid 5661] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5657] <... chdir resumed>) = 0 [pid 5657] ioctl(4, LOOP_CLR_FD [pid 5661] <... openat resumed>) = 3 [pid 5657] <... ioctl resumed>) = 0 [pid 5657] close(4) = 0 [pid 5661] write(3, "1000", 4 [pid 5659] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5657] exit_group(0 [pid 5047] <... umount2 resumed>) = 0 [pid 5661] <... write resumed>) = 4 [pid 5657] <... exit_group resumed>) = ? [pid 5657] +++ exited with 0 +++ [pid 5661] close(3 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5657, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5661] <... close resumed>) = 0 [pid 5048] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5661] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5661] <... symlink resumed>) = 0 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./98/binderfs" [pid 5661] memfd_create("syzkaller", 0 [pid 5660] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... unlink resumed>) = 0 [pid 5047] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5661] <... memfd_create resumed>) = 3 [pid 5047] newfstatat(AT_FDCWD, "./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", [pid 5661] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5661] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./100/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3 [pid 5658] <... write resumed>) = 2097152 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./100") = 0 [pid 5047] mkdir("./101", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5659] <... write resumed>) = 2097152 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5659] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5662 ./strace-static-x86_64: Process 5662 attached [pid 5659] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... umount2 resumed>) = 0 [pid 5662] set_robust_list(0x555556629660, 24 [pid 5659] <... openat resumed>) = 4 [pid 5658] munmap(0x7f3b887a1000, 138412032 [pid 5662] <... set_robust_list resumed>) = 0 [pid 5658] <... munmap resumed>) = 0 [pid 5659] ioctl(4, LOOP_SET_FD, 3 [pid 5662] chdir("./101") = 0 [pid 5662] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5662] setpgid(0, 0) = 0 [pid 5662] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5662] write(3, "1000", 4) = 4 [pid 5048] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5662] close(3) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5662] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5048] newfstatat(AT_FDCWD, "./98/file0", [pid 5662] memfd_create("syzkaller", 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5662] <... memfd_create resumed>) = 3 [pid 5658] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5658] <... openat resumed>) = 4 [pid 5048] <... openat resumed>) = 4 [pid 5658] ioctl(4, LOOP_SET_FD, 3 [pid 5048] newfstatat(4, "", [pid 5662] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5658] <... ioctl resumed>) = 0 [pid 5662] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5661] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5659] <... ioctl resumed>) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./98/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5658] close(3 [pid 5048] <... close resumed>) = 0 [pid 5658] <... close resumed>) = 0 [pid 5658] mkdir("./file0", 0777 [pid 5048] rmdir("./98") = 0 [pid 5658] <... mkdir resumed>) = 0 [pid 5659] close(3 [pid 5048] mkdir("./99", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5658] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5048] <... openat resumed>) = 3 [pid 5659] <... close resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5659] mkdir("./file0", 0777 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [ 115.092758][ T5659] loop4: detected capacity change from 0 to 4096 [ 115.104450][ T5658] loop2: detected capacity change from 0 to 4096 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5663 attached [pid 5659] <... mkdir resumed>) = 0 [pid 5663] set_robust_list(0x555556629660, 24 [pid 5660] <... write resumed>) = 2097152 [pid 5659] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5663 [pid 5663] <... set_robust_list resumed>) = 0 [pid 5663] chdir("./99" [pid 5660] munmap(0x7f3b887a1000, 138412032 [pid 5663] <... chdir resumed>) = 0 [pid 5660] <... munmap resumed>) = 0 [pid 5660] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5663] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5660] ioctl(4, LOOP_SET_FD, 3 [pid 5663] <... prctl resumed>) = 0 [pid 5663] setpgid(0, 0) = 0 [pid 5663] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5662] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5661] <... write resumed>) = 2097152 [pid 5663] <... openat resumed>) = 3 [pid 5663] write(3, "1000", 4 [pid 5661] munmap(0x7f3b887a1000, 138412032 [pid 5663] <... write resumed>) = 4 [pid 5661] <... munmap resumed>) = 0 [pid 5663] close(3) = 0 [pid 5663] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5663] memfd_create("syzkaller", 0 [pid 5661] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5660] <... ioctl resumed>) = 0 [pid 5658] <... mount resumed>) = 0 [pid 5663] <... memfd_create resumed>) = 3 [pid 5661] <... openat resumed>) = 4 [pid 5660] close(3 [pid 5658] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5663] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5661] ioctl(4, LOOP_SET_FD, 3 [pid 5660] <... close resumed>) = 0 [pid 5658] <... openat resumed>) = 3 [pid 5660] mkdir("./file0", 0777 [ 115.147037][ T5658] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 115.166265][ T5659] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 115.184517][ T5660] loop3: detected capacity change from 0 to 4096 [pid 5658] chdir("./file0" [pid 5663] <... mmap resumed>) = 0x7f3b887a1000 [pid 5660] <... mkdir resumed>) = 0 [pid 5658] <... chdir resumed>) = 0 [pid 5658] ioctl(4, LOOP_CLR_FD) = 0 [pid 5658] close(4 [pid 5660] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5658] <... close resumed>) = 0 [pid 5662] <... write resumed>) = 2097152 [pid 5658] exit_group(0 [pid 5661] <... ioctl resumed>) = 0 [pid 5658] <... exit_group resumed>) = ? [pid 5661] close(3 [pid 5658] +++ exited with 0 +++ [pid 5661] <... close resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5658, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5661] mkdir("./file0", 0777 [pid 5049] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5662] munmap(0x7f3b887a1000, 138412032 [pid 5661] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 115.209964][ T5661] loop5: detected capacity change from 0 to 4096 [ 115.231474][ T5660] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5661] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5049] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5662] <... munmap resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./100/binderfs", [pid 5659] <... mount resumed>) = 0 [pid 5662] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5659] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5662] <... openat resumed>) = 4 [pid 5659] <... openat resumed>) = 3 [pid 5049] unlink("./100/binderfs" [pid 5662] ioctl(4, LOOP_SET_FD, 3 [pid 5659] chdir("./file0" [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5659] <... chdir resumed>) = 0 [pid 5659] ioctl(4, LOOP_CLR_FD) = 0 [pid 5659] close(4) = 0 [pid 5659] exit_group(0) = ? [pid 5659] +++ exited with 0 +++ [pid 5049] <... umount2 resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5659, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5049] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./100/file0", [pid 5051] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] <... openat resumed>) = 3 [pid 5049] newfstatat(4, "", [pid 5051] newfstatat(3, "", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5663] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5662] <... ioctl resumed>) = 0 [pid 5660] <... mount resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5051] getdents64(3, [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] getdents64(4, [pid 5662] close(3 [pid 5051] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5660] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] close(4 [pid 5662] <... close resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5660] <... openat resumed>) = 3 [pid 5049] rmdir("./100/file0" [pid 5662] mkdir("./file0", 0777 [pid 5660] chdir("./file0" [pid 5051] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./100") = 0 [pid 5049] mkdir("./101", 0777 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5660] <... chdir resumed>) = 0 [pid 5660] ioctl(4, LOOP_CLR_FD [pid 5662] <... mkdir resumed>) = 0 [pid 5051] unlink("./97/binderfs" [pid 5660] <... ioctl resumed>) = 0 [pid 5660] close(4 [pid 5051] <... unlink resumed>) = 0 [pid 5660] <... close resumed>) = 0 [pid 5660] exit_group(0) = ? [pid 5051] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5662] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5049] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [ 115.257402][ T5661] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 115.283561][ T5662] loop0: detected capacity change from 0 to 4096 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5660] +++ exited with 0 +++ ./strace-static-x86_64: Process 5664 attached [pid 5664] set_robust_list(0x555556629660, 24) = 0 [pid 5664] chdir("./101") = 0 [pid 5664] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5664 [pid 5664] <... prctl resumed>) = 0 [pid 5664] setpgid(0, 0) = 0 [pid 5664] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5664] write(3, "1000", 4) = 4 [pid 5664] close(3) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5660, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5664] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5664] memfd_create("syzkaller", 0) = 3 [pid 5050] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5664] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5664] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5663] <... write resumed>) = 2097152 [pid 5050] <... openat resumed>) = 3 [pid 5663] munmap(0x7f3b887a1000, 138412032 [pid 5051] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./98/binderfs") = 0 [pid 5663] <... munmap resumed>) = 0 [pid 5661] <... mount resumed>) = 0 [ 115.340418][ T5662] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5050] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5661] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./97/file0", [pid 5661] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5661] chdir("./file0" [pid 5051] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5661] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5663] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5661] ioctl(4, LOOP_CLR_FD [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5664] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5663] <... openat resumed>) = 4 [pid 5662] <... mount resumed>) = 0 [pid 5661] <... ioctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] newfstatat(AT_FDCWD, "./98/file0", [pid 5663] ioctl(4, LOOP_SET_FD, 3 [pid 5662] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5661] close(4 [pid 5051] <... openat resumed>) = 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5661] <... close resumed>) = 0 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5661] exit_group(0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5661] <... exit_group resumed>) = ? [pid 5051] getdents64(4, [pid 5050] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5662] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5662] chdir("./file0") = 0 [pid 5051] close(4 [pid 5662] ioctl(4, LOOP_CLR_FD) = 0 [pid 5051] <... close resumed>) = 0 [pid 5662] close(4 [pid 5051] rmdir("./97/file0" [pid 5662] <... close resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5662] exit_group(0 [pid 5050] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5661] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5661, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5050] <... openat resumed>) = 4 [pid 5662] <... exit_group resumed>) = ? [pid 5662] +++ exited with 0 +++ [pid 5052] umount2("./97", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./97/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5051] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... close resumed>) = 0 [pid 5052] unlink("./97/binderfs" [pid 5051] rmdir("./97" [pid 5663] <... ioctl resumed>) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5662, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5663] close(3 [pid 5050] getdents64(4, [pid 5052] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] mkdir("./98", 0777 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] getdents64(4, [pid 5047] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5663] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5663] mkdir("./file0", 0777 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] close(4 [pid 5047] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5664] <... write resumed>) = 2097152 [pid 5663] <... mkdir resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5047] newfstatat(3, "", [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 115.444206][ T5663] loop1: detected capacity change from 0 to 4096 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] close(3 [pid 5050] rmdir("./98/file0" [pid 5047] getdents64(3, [pid 5664] munmap(0x7f3b887a1000, 138412032 [pid 5663] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5664] <... munmap resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5047] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] newfstatat(AT_FDCWD, "./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./101/binderfs") = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5665 ./strace-static-x86_64: Process 5665 attached [pid 5047] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(3, [pid 5664] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5665] set_robust_list(0x555556629660, 24 [pid 5664] <... openat resumed>) = 4 [pid 5665] <... set_robust_list resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5665] chdir("./98" [pid 5664] ioctl(4, LOOP_SET_FD, 3 [pid 5050] close(3 [pid 5052] <... umount2 resumed>) = 0 [pid 5052] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5665] <... chdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5665] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] rmdir("./98" [pid 5665] <... prctl resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5665] setpgid(0, 0 [pid 5052] umount2("./97/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... rmdir resumed>) = 0 [pid 5665] <... setpgid resumed>) = 0 [pid 5664] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5665] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5664] close(3 [pid 5052] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] mkdir("./99", 0777 [pid 5665] <... openat resumed>) = 3 [pid 5664] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5665] write(3, "1000", 4 [pid 5664] mkdir("./file0", 0777 [pid 5052] newfstatat(4, "", [pid 5665] <... write resumed>) = 4 [pid 5664] <... mkdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5665] close(3 [pid 5052] getdents64(4, [pid 5665] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... mkdir resumed>) = 0 [pid 5665] symlink("/dev/binderfs", "./binderfs" [pid 5664] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] getdents64(4, [pid 5665] <... symlink resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./97/file0" [pid 5665] memfd_create("syzkaller", 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [ 115.499562][ T5663] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 115.523177][ T5664] loop2: detected capacity change from 0 to 4096 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5665] <... memfd_create resumed>) = 3 [pid 5663] <... mount resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5047] <... umount2 resumed>) = 0 [pid 5663] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5663] chdir("./file0") = 0 [pid 5663] ioctl(4, LOOP_CLR_FD) = 0 [pid 5663] close(4 [pid 5047] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5663] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5663] exit_group(0) = ? [pid 5047] newfstatat(AT_FDCWD, "./101/file0", [pid 5663] +++ exited with 0 +++ [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] close(3 [pid 5047] <... openat resumed>) = 4 [pid 5052] close(3 [pid 5050] <... close resumed>) = 0 [pid 5665] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] newfstatat(4, "", [pid 5665] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] rmdir("./97") = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5663, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- ./strace-static-x86_64: Process 5666 attached [pid 5048] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(4, [pid 5666] set_robust_list(0x555556629660, 24 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5666] <... set_robust_list resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5666 [pid 5047] getdents64(4, [pid 5666] chdir("./99" [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5666] <... chdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] close(4 [pid 5666] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5047] <... close resumed>) = 0 [pid 5666] setpgid(0, 0) = 0 [pid 5666] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5052] mkdir("./98", 0777 [pid 5048] <... openat resumed>) = 3 [pid 5047] rmdir("./101/file0" [pid 5666] write(3, "1000", 4 [pid 5052] <... mkdir resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5047] <... rmdir resumed>) = 0 [pid 5666] <... write resumed>) = 4 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] getdents64(3, [pid 5666] close(3 [pid 5052] <... openat resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5666] <... close resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5047] close(3 [pid 5048] getdents64(3, [pid 5666] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... close resumed>) = 0 [pid 5666] <... symlink resumed>) = 0 [ 115.562308][ T5664] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] close(3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] rmdir("./101" [pid 5666] memfd_create("syzkaller", 0 [pid 5052] <... close resumed>) = 0 [pid 5048] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... rmdir resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5664] <... mount resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./99/binderfs" [pid 5047] mkdir("./102", 0777 [pid 5666] <... memfd_create resumed>) = 3 [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5667 attached [pid 5048] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5666] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5667] set_robust_list(0x555556629660, 24 [pid 5666] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5667 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5667] <... set_robust_list resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5667] chdir("./98" [pid 5664] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 3 [pid 5664] <... openat resumed>) = 3 [pid 5664] chdir("./file0" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5664] <... chdir resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./99/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5048] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5667] <... chdir resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] newfstatat(4, "", [pid 5664] ioctl(4, LOOP_CLR_FD [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5667] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5667] setpgid(0, 0) = 0 [pid 5664] <... ioctl resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5668 attached [pid 5667] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5664] close(4 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5668] set_robust_list(0x555556629660, 24 [pid 5667] <... openat resumed>) = 3 [pid 5667] write(3, "1000", 4 [pid 5668] <... set_robust_list resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5668 [pid 5668] chdir("./102") = 0 [pid 5667] <... write resumed>) = 4 [pid 5668] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5667] close(3 [pid 5668] setpgid(0, 0 [pid 5667] <... close resumed>) = 0 [pid 5667] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5667] memfd_create("syzkaller", 0 [pid 5048] getdents64(4, [pid 5664] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5664] exit_group(0 [pid 5668] <... setpgid resumed>) = 0 [pid 5668] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5667] <... memfd_create resumed>) = 3 [pid 5668] <... openat resumed>) = 3 [pid 5667] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5668] write(3, "1000", 4 [pid 5667] <... mmap resumed>) = 0x7f3b887a1000 [pid 5668] <... write resumed>) = 4 [pid 5664] <... exit_group resumed>) = ? [pid 5048] <... close resumed>) = 0 [pid 5668] close(3) = 0 [pid 5668] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5668] memfd_create("syzkaller", 0 [pid 5664] +++ exited with 0 +++ [pid 5048] rmdir("./99/file0" [pid 5668] <... memfd_create resumed>) = 3 [pid 5668] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5665] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./99" [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5664, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5048] <... rmdir resumed>) = 0 [pid 5049] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] mkdir("./100", 0777 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5049] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5049] <... openat resumed>) = 3 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] newfstatat(3, "", [pid 5048] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... close resumed>) = 0 [pid 5049] getdents64(3, [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5669 [pid 5049] newfstatat(AT_FDCWD, "./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5669 attached [pid 5049] unlink("./101/binderfs") = 0 [pid 5049] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5669] set_robust_list(0x555556629660, 24) = 0 [pid 5669] chdir("./100") = 0 [pid 5669] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... umount2 resumed>) = 0 [pid 5669] <... prctl resumed>) = 0 [pid 5666] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5669] setpgid(0, 0 [pid 5049] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5669] <... setpgid resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] newfstatat(AT_FDCWD, "./101/file0", [pid 5669] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5669] write(3, "1000", 4 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./101/file0" [pid 5669] <... write resumed>) = 4 [pid 5049] <... rmdir resumed>) = 0 [pid 5669] close(3 [pid 5049] getdents64(3, [pid 5669] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./101") = 0 [pid 5049] mkdir("./102", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5669] symlink("/dev/binderfs", "./binderfs" [pid 5049] ioctl(3, LOOP_CLR_FD) = 0 [pid 5669] <... symlink resumed>) = 0 [pid 5049] close(3) = 0 [pid 5669] memfd_create("syzkaller", 0 [pid 5665] <... write resumed>) = 2097152 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5667] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5669] <... memfd_create resumed>) = 3 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5670 ./strace-static-x86_64: Process 5670 attached [pid 5669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5670] set_robust_list(0x555556629660, 24) = 0 [pid 5670] chdir("./102") = 0 [pid 5670] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5670] setpgid(0, 0) = 0 [pid 5670] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5668] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5670] <... openat resumed>) = 3 [pid 5665] munmap(0x7f3b887a1000, 138412032 [pid 5670] write(3, "1000", 4 [pid 5665] <... munmap resumed>) = 0 [pid 5665] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5670] <... write resumed>) = 4 [pid 5667] <... write resumed>) = 2097152 [pid 5666] <... write resumed>) = 2097152 [pid 5665] <... openat resumed>) = 4 [pid 5670] close(3 [pid 5665] ioctl(4, LOOP_SET_FD, 3 [pid 5670] <... close resumed>) = 0 [pid 5670] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5668] <... write resumed>) = 2097152 [pid 5665] <... ioctl resumed>) = 0 [pid 5670] memfd_create("syzkaller", 0 [pid 5669] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5667] munmap(0x7f3b887a1000, 138412032 [pid 5666] munmap(0x7f3b887a1000, 138412032 [pid 5665] close(3 [pid 5670] <... memfd_create resumed>) = 3 [pid 5668] munmap(0x7f3b887a1000, 138412032 [pid 5666] <... munmap resumed>) = 0 [pid 5665] <... close resumed>) = 0 [pid 5670] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5668] <... munmap resumed>) = 0 [pid 5666] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5665] mkdir("./file0", 0777 [pid 5670] <... mmap resumed>) = 0x7f3b887a1000 [ 115.863374][ T5665] loop4: detected capacity change from 0 to 4096 [pid 5667] <... munmap resumed>) = 0 [pid 5666] <... openat resumed>) = 4 [pid 5665] <... mkdir resumed>) = 0 [pid 5667] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5666] ioctl(4, LOOP_SET_FD, 3 [pid 5665] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5669] <... write resumed>) = 2097152 [pid 5668] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5667] <... openat resumed>) = 4 [pid 5666] <... ioctl resumed>) = 0 [pid 5667] ioctl(4, LOOP_SET_FD, 3 [pid 5669] munmap(0x7f3b887a1000, 138412032 [pid 5668] <... openat resumed>) = 4 [pid 5667] <... ioctl resumed>) = 0 [pid 5666] close(3 [pid 5668] ioctl(4, LOOP_SET_FD, 3 [pid 5667] close(3 [pid 5666] <... close resumed>) = 0 [pid 5665] <... mount resumed>) = 0 [pid 5670] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5666] mkdir("./file0", 0777 [pid 5665] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5667] <... close resumed>) = 0 [pid 5666] <... mkdir resumed>) = 0 [pid 5665] <... openat resumed>) = 3 [pid 5667] mkdir("./file0", 0777 [pid 5665] chdir("./file0") = 0 [pid 5665] ioctl(4, LOOP_CLR_FD) = 0 [pid 5665] close(4 [pid 5667] <... mkdir resumed>) = 0 [pid 5665] <... close resumed>) = 0 [ 115.905131][ T5666] loop3: detected capacity change from 0 to 4096 [ 115.906231][ T5665] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 115.923631][ T5667] loop5: detected capacity change from 0 to 4096 [ 115.942460][ T5668] loop0: detected capacity change from 0 to 4096 [pid 5667] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5669] <... munmap resumed>) = 0 [pid 5668] <... ioctl resumed>) = 0 [pid 5666] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5665] exit_group(0 [pid 5669] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5665] <... exit_group resumed>) = ? [pid 5669] <... openat resumed>) = 4 [pid 5665] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5665, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=2 /* 0.02 s */} --- [pid 5051] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./98/binderfs") = 0 [pid 5051] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5669] ioctl(4, LOOP_SET_FD, 3 [pid 5668] close(3) = 0 [pid 5668] mkdir("./file0", 0777) = 0 [pid 5670] <... write resumed>) = 2097152 [pid 5669] <... ioctl resumed>) = 0 [pid 5668] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5669] close(3) = 0 [pid 5669] mkdir("./file0", 0777) = 0 [ 115.959761][ T5666] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 115.969443][ T5667] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 115.979261][ T5669] loop1: detected capacity change from 0 to 4096 [pid 5669] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5670] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... umount2 resumed>) = 0 [pid 5670] <... munmap resumed>) = 0 [pid 5667] <... mount resumed>) = 0 [pid 5051] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5667] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5667] <... openat resumed>) = 3 [pid 5667] chdir("./file0" [pid 5670] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5667] <... chdir resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./98/file0", [pid 5670] <... openat resumed>) = 4 [pid 5667] ioctl(4, LOOP_CLR_FD [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5670] ioctl(4, LOOP_SET_FD, 3 [pid 5667] <... ioctl resumed>) = 0 [pid 5051] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5670] <... ioctl resumed>) = 0 [pid 5667] close(4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5667] <... close resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5667] exit_group(0 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5667] <... exit_group resumed>) = ? [pid 5051] getdents64(4, [pid 5668] <... mount resumed>) = 0 [pid 5670] close(3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5668] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5667] +++ exited with 0 +++ [pid 5051] getdents64(4, [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5667, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5668] <... openat resumed>) = 3 [pid 5051] <... close resumed>) = 0 [pid 5052] umount2("./98", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] rmdir("./98/file0" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] <... rmdir resumed>) = 0 [pid 5668] chdir("./file0" [pid 5052] newfstatat(3, "", [pid 5668] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5668] ioctl(4, LOOP_CLR_FD [pid 5052] getdents64(3, [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5670] <... close resumed>) = 0 [pid 5668] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5670] mkdir("./file0", 0777 [pid 5668] close(4 [pid 5052] umount2("./98/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] close(3 [pid 5670] <... mkdir resumed>) = 0 [pid 5668] <... close resumed>) = 0 [pid 5666] <... mount resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... close resumed>) = 0 [pid 5670] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5668] exit_group(0 [pid 5052] newfstatat(AT_FDCWD, "./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 116.007754][ T5669] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 116.011977][ T5668] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 116.044753][ T5670] loop2: detected capacity change from 0 to 4096 [pid 5051] rmdir("./98" [pid 5666] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5669] <... mount resumed>) = 0 [pid 5668] <... exit_group resumed>) = ? [pid 5052] unlink("./98/binderfs" [pid 5051] <... rmdir resumed>) = 0 [pid 5669] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5666] <... openat resumed>) = 3 [pid 5052] <... unlink resumed>) = 0 [pid 5669] <... openat resumed>) = 3 [pid 5668] +++ exited with 0 +++ [pid 5666] chdir("./file0" [pid 5051] mkdir("./99", 0777 [pid 5666] <... chdir resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5666] ioctl(4, LOOP_CLR_FD [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5668, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5666] <... ioctl resumed>) = 0 [pid 5666] close(4 [pid 5669] chdir("./file0" [pid 5052] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5669] <... chdir resumed>) = 0 [pid 5666] <... close resumed>) = 0 [pid 5047] <... restart_syscall resumed>) = 0 [pid 5669] ioctl(4, LOOP_CLR_FD) = 0 [pid 5666] exit_group(0 [pid 5669] close(4 [pid 5666] <... exit_group resumed>) = ? [pid 5669] <... close resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5669] exit_group(0 [pid 5047] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5669] <... exit_group resumed>) = ? [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5669] +++ exited with 0 +++ [pid 5051] <... openat resumed>) = 3 [pid 5047] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5669, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5047] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] getdents64(3, [pid 5051] close(3 [pid 5048] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5666] +++ exited with 0 +++ [pid 5051] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5670] <... mount resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5666, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5048] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5670] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", [pid 5050] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5670] <... openat resumed>) = 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5670] chdir("./file0" [pid 5050] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5670] <... chdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5050] <... openat resumed>) = 3 [pid 5047] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5670] ioctl(4, LOOP_CLR_FD [pid 5050] newfstatat(3, "", [pid 5048] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5670] <... ioctl resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5670] close(4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] getdents64(3, [pid 5670] <... close resumed>) = 0 [pid 5670] exit_group(0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] newfstatat(AT_FDCWD, "./100/binderfs", [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5671 attached [pid 5047] unlink("./102/binderfs" [pid 5671] set_robust_list(0x555556629660, 24 [pid 5670] <... exit_group resumed>) = ? [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5671 [pid 5050] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] unlink("./100/binderfs" [pid 5671] <... set_robust_list resumed>) = 0 [pid 5047] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5671] chdir("./99" [pid 5050] newfstatat(AT_FDCWD, "./99/binderfs", [pid 5048] <... unlink resumed>) = 0 [pid 5671] <... chdir resumed>) = 0 [pid 5671] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5671] setpgid(0, 0 [pid 5670] +++ exited with 0 +++ [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5671] <... setpgid resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5670, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5671] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 116.095074][ T5670] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5050] unlink("./99/binderfs" [pid 5671] <... openat resumed>) = 3 [pid 5671] write(3, "1000", 4 [pid 5049] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5671] <... write resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5671] close(3 [pid 5049] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5671] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5671] symlink("/dev/binderfs", "./binderfs" [pid 5049] newfstatat(3, "", [pid 5671] <... symlink resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5671] memfd_create("syzkaller", 0 [pid 5050] <... unlink resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] <... umount2 resumed>) = 0 [pid 5050] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./102/binderfs") = 0 [pid 5049] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5671] <... memfd_create resumed>) = 3 [pid 5050] <... umount2 resumed>) = 0 [pid 5671] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5052] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./98/file0", [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./98/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, [pid 5047] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] newfstatat(AT_FDCWD, "./102/file0", [pid 5052] close(4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... close resumed>) = 0 [pid 5047] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] rmdir("./98/file0" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... rmdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] getdents64(3, [pid 5050] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 4 [pid 5048] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] newfstatat(4, "", [pid 5052] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] newfstatat(AT_FDCWD, "./100/file0", [pid 5050] newfstatat(AT_FDCWD, "./99/file0", [pid 5047] getdents64(4, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] rmdir("./98" [pid 5047] getdents64(4, [pid 5052] <... rmdir resumed>) = 0 [pid 5050] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] mkdir("./99", 0777 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... mkdir resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5048] <... openat resumed>) = 4 [pid 5047] <... close resumed>) = 0 [pid 5050] newfstatat(4, "", [pid 5047] rmdir("./102/file0" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] newfstatat(4, "", [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] getdents64(4, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, [pid 5047] getdents64(3, [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] getdents64(4, [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] close(3 [pid 5052] close(3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5048] getdents64(4, [pid 5052] <... close resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5050] close(4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] rmdir("./102" [pid 5048] close(4 [pid 5050] <... close resumed>) = 0 [pid 5049] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... close resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] mkdir("./103", 0777 [pid 5050] rmdir("./99/file0" [pid 5049] newfstatat(AT_FDCWD, "./102/file0", [pid 5048] rmdir("./100/file0" [pid 5047] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5672 attached [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5050] getdents64(3, [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5672 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5049] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5050] close(3) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... close resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5672] set_robust_list(0x555556629660, 24 [pid 5050] rmdir("./99" [pid 5049] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] close(3 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5047] <... close resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5672] <... set_robust_list resumed>) = 0 [pid 5050] mkdir("./100", 0777 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] rmdir("./100" [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5050] <... mkdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./102/file0") = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3./strace-static-x86_64: Process 5673 attached [pid 5672] chdir("./99" [pid 5049] <... close resumed>) = 0 [pid 5048] mkdir("./101", 0777 [pid 5049] rmdir("./102") = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5673 [pid 5673] set_robust_list(0x555556629660, 24) = 0 [pid 5673] chdir("./103" [pid 5049] mkdir("./103", 0777 [pid 5673] <... chdir resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5673] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5673] setpgid(0, 0) = 0 [pid 5673] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... mkdir resumed>) = 0 [pid 5672] <... chdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... openat resumed>) = 3 [pid 5673] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5672] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5672] setpgid(0, 0 [pid 5673] write(3, "1000", 4 [pid 5672] <... setpgid resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5673] <... write resumed>) = 4 [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5672] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5673] close(3 [pid 5672] <... openat resumed>) = 3 [pid 5673] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5674 attached [pid 5673] symlink("/dev/binderfs", "./binderfs" [pid 5674] set_robust_list(0x555556629660, 24 [pid 5673] <... symlink resumed>) = 0 [pid 5674] <... set_robust_list resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5674 [pid 5674] chdir("./103") = 0 [pid 5672] write(3, "1000", 4 [pid 5050] close(3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5674] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... close resumed>) = 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5674] <... prctl resumed>) = 0 [pid 5674] setpgid(0, 0 [pid 5673] memfd_create("syzkaller", 0 [pid 5672] <... write resumed>) = 4 [pid 5671] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] close(3 [pid 5674] <... setpgid resumed>) = 0 [pid 5672] close(3 [pid 5673] <... memfd_create resumed>) = 3 [pid 5673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5672] <... close resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5672] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5675 attached [pid 5674] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5672] <... symlink resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5674] <... openat resumed>) = 3 [pid 5674] write(3, "1000", 4) = 4 [pid 5674] close(3) = 0 [pid 5674] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5676 attached ) = 0 [pid 5672] memfd_create("syzkaller", 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5675 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5676 [pid 5676] set_robust_list(0x555556629660, 24 [pid 5675] set_robust_list(0x555556629660, 24 [pid 5674] memfd_create("syzkaller", 0 [pid 5672] <... memfd_create resumed>) = 3 [pid 5675] <... set_robust_list resumed>) = 0 [pid 5672] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5675] chdir("./100" [pid 5676] <... set_robust_list resumed>) = 0 [pid 5676] chdir("./101") = 0 [pid 5676] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5676] setpgid(0, 0) = 0 [pid 5676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5672] <... mmap resumed>) = 0x7f3b887a1000 [pid 5676] write(3, "1000", 4 [pid 5675] <... chdir resumed>) = 0 [pid 5676] <... write resumed>) = 4 [pid 5676] close(3 [pid 5674] <... memfd_create resumed>) = 3 [pid 5676] <... close resumed>) = 0 [pid 5674] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5675] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5676] symlink("/dev/binderfs", "./binderfs" [pid 5674] <... mmap resumed>) = 0x7f3b887a1000 [pid 5675] <... prctl resumed>) = 0 [pid 5676] <... symlink resumed>) = 0 [pid 5675] setpgid(0, 0 [pid 5676] memfd_create("syzkaller", 0 [pid 5675] <... setpgid resumed>) = 0 [pid 5675] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5676] <... memfd_create resumed>) = 3 [pid 5676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5675] <... openat resumed>) = 3 [pid 5675] write(3, "1000", 4) = 4 [pid 5675] close(3) = 0 [pid 5675] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5673] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5671] <... write resumed>) = 2097152 [pid 5671] munmap(0x7f3b887a1000, 138412032 [pid 5675] memfd_create("syzkaller", 0 [pid 5671] <... munmap resumed>) = 0 [pid 5672] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5671] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5675] <... memfd_create resumed>) = 3 [pid 5675] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5674] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5671] <... openat resumed>) = 4 [pid 5671] ioctl(4, LOOP_SET_FD, 3 [pid 5675] <... mmap resumed>) = 0x7f3b887a1000 [pid 5671] <... ioctl resumed>) = 0 [pid 5671] close(3) = 0 [pid 5671] mkdir("./file0", 0777) = 0 [pid 5676] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 116.400558][ T5671] loop4: detected capacity change from 0 to 4096 [pid 5671] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5673] <... write resumed>) = 2097152 [pid 5672] <... write resumed>) = 2097152 [pid 5672] munmap(0x7f3b887a1000, 138412032 [pid 5673] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5672] <... munmap resumed>) = 0 [ 116.450763][ T5671] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5675] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5674] <... write resumed>) = 2097152 [pid 5672] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5672] ioctl(4, LOOP_SET_FD, 3 [pid 5673] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5673] ioctl(4, LOOP_SET_FD, 3 [pid 5672] <... ioctl resumed>) = 0 [pid 5674] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5672] close(3) = 0 [pid 5672] mkdir("./file0", 0777 [pid 5676] <... write resumed>) = 2097152 [pid 5672] <... mkdir resumed>) = 0 [pid 5673] <... ioctl resumed>) = 0 [pid 5676] munmap(0x7f3b887a1000, 138412032 [pid 5675] <... write resumed>) = 2097152 [pid 5674] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5673] close(3 [pid 5672] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5671] <... mount resumed>) = 0 [ 116.523187][ T5672] loop5: detected capacity change from 0 to 4096 [ 116.527679][ T5673] loop0: detected capacity change from 0 to 4096 [pid 5675] munmap(0x7f3b887a1000, 138412032 [pid 5674] <... openat resumed>) = 4 [pid 5673] <... close resumed>) = 0 [pid 5671] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5676] <... munmap resumed>) = 0 [pid 5674] ioctl(4, LOOP_SET_FD, 3 [pid 5673] mkdir("./file0", 0777 [pid 5671] <... openat resumed>) = 3 [pid 5675] <... munmap resumed>) = 0 [pid 5676] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5675] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5676] ioctl(4, LOOP_SET_FD, 3 [pid 5675] <... openat resumed>) = 4 [pid 5673] <... mkdir resumed>) = 0 [pid 5671] chdir("./file0" [pid 5675] ioctl(4, LOOP_SET_FD, 3 [pid 5671] <... chdir resumed>) = 0 [pid 5673] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5671] ioctl(4, LOOP_CLR_FD) = 0 [pid 5671] close(4) = 0 [pid 5671] exit_group(0) = ? [pid 5671] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5671, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5676] <... ioctl resumed>) = 0 [pid 5676] close(3) = 0 [pid 5676] mkdir("./file0", 0777 [pid 5051] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5672] <... mount resumed>) = 0 [pid 5675] <... ioctl resumed>) = 0 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5676] <... mkdir resumed>) = 0 [pid 5675] close(3 [pid 5672] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] getdents64(3, [pid 5672] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5675] <... close resumed>) = 0 [ 116.569976][ T5672] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 116.572449][ T5674] loop2: detected capacity change from 0 to 4096 [ 116.589501][ T5676] loop1: detected capacity change from 0 to 4096 [ 116.596680][ T5675] loop3: detected capacity change from 0 to 4096 [ 116.598348][ T5673] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5676] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5674] <... ioctl resumed>) = 0 [pid 5675] mkdir("./file0", 0777 [pid 5051] newfstatat(AT_FDCWD, "./99/binderfs", [pid 5674] close(3 [pid 5675] <... mkdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5675] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5674] <... close resumed>) = 0 [pid 5051] unlink("./99/binderfs" [pid 5674] mkdir("./file0", 0777) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5051] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5672] chdir("./file0" [pid 5674] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5672] <... chdir resumed>) = 0 [pid 5672] ioctl(4, LOOP_CLR_FD) = 0 [pid 5672] close(4) = 0 [pid 5673] <... mount resumed>) = 0 [pid 5672] exit_group(0 [pid 5673] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5672] <... exit_group resumed>) = ? [pid 5672] +++ exited with 0 +++ [pid 5673] <... openat resumed>) = 3 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5672, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5674] <... mount resumed>) = 0 [pid 5673] chdir("./file0" [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5676] <... mount resumed>) = 0 [pid 5673] <... chdir resumed>) = 0 [pid 5052] <... restart_syscall resumed>) = 0 [pid 5676] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5673] ioctl(4, LOOP_CLR_FD [pid 5674] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5052] umount2("./99", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5674] chdir("./file0" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5674] <... chdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5674] ioctl(4, LOOP_CLR_FD [pid 5052] <... openat resumed>) = 3 [pid 5674] <... ioctl resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5674] close(4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5674] <... close resumed>) = 0 [pid 5052] getdents64(3, [pid 5674] exit_group(0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5674] <... exit_group resumed>) = ? [pid 5052] umount2("./99/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5674] +++ exited with 0 +++ [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5676] <... openat resumed>) = 3 [pid 5673] <... ioctl resumed>) = 0 [pid 5676] chdir("./file0" [pid 5673] close(4 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5674, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5676] <... chdir resumed>) = 0 [pid 5673] <... close resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./99/binderfs", [pid 5049] <... restart_syscall resumed>) = 0 [pid 5676] ioctl(4, LOOP_CLR_FD [pid 5673] exit_group(0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5676] <... ioctl resumed>) = 0 [pid 5673] <... exit_group resumed>) = ? [pid 5052] unlink("./99/binderfs" [pid 5676] close(4 [pid 5052] <... unlink resumed>) = 0 [ 116.629633][ T5676] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 116.641928][ T5675] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 116.651205][ T5674] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5049] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5676] <... close resumed>) = 0 [pid 5673] +++ exited with 0 +++ [pid 5052] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5676] exit_group(0 [pid 5051] <... umount2 resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5676] <... exit_group resumed>) = ? [pid 5049] <... openat resumed>) = 3 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5673, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5049] newfstatat(3, "", [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... restart_syscall resumed>) = 0 [pid 5049] getdents64(3, [pid 5676] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5676, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./103/binderfs", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] newfstatat(AT_FDCWD, "./99/file0", [pid 5049] unlink("./103/binderfs" [pid 5048] <... openat resumed>) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5675] <... mount resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5047] newfstatat(3, "", [pid 5675] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5675] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(3, [pid 5051] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] getdents64(3, [pid 5675] chdir("./file0" [pid 5048] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5675] <... chdir resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5675] ioctl(4, LOOP_CLR_FD [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] newfstatat(AT_FDCWD, "./101/binderfs", [pid 5051] getdents64(4, [pid 5675] <... ioctl resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] unlink("./101/binderfs" [pid 5675] close(4) = 0 [pid 5675] exit_group(0 [pid 5048] <... unlink resumed>) = 0 [pid 5048] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5675] <... exit_group resumed>) = ? [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5675] +++ exited with 0 +++ [pid 5051] getdents64(4, [pid 5047] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./103/binderfs") = 0 [pid 5047] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5675, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5051] close(4) = 0 [pid 5051] rmdir("./99/file0" [pid 5052] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] newfstatat(AT_FDCWD, "./99/file0", [pid 5051] getdents64(3, [pid 5050] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5049] newfstatat(AT_FDCWD, "./103/file0", [pid 5052] umount2("./99/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(3, "", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] close(3 [pid 5050] getdents64(3, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 4 [pid 5051] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... umount2 resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5049] <... openat resumed>) = 4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] rmdir("./99" [pid 5050] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(4, [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./100/binderfs", [pid 5049] newfstatat(4, "", [pid 5051] mkdir("./100", 0777 [pid 5052] getdents64(4, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] getdents64(4, [pid 5052] close(4 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] unlink("./100/binderfs" [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... close resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5049] getdents64(4, [pid 5050] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] rmdir("./99/file0" [pid 5051] <... openat resumed>) = 3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] close(4 [pid 5052] getdents64(3, [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./103/file0" [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... rmdir resumed>) = 0 [pid 5051] close(3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] getdents64(3, [pid 5052] close(3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] close(3) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5677 [pid 5052] rmdir("./99" [pid 5049] rmdir("./103" [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5052] mkdir("./100", 0777) = 0 [pid 5049] mkdir("./104", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5048] newfstatat(AT_FDCWD, "./101/file0", [pid 5052] close(3 [pid 5049] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5677 attached [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5678 attached [pid 5677] set_robust_list(0x555556629660, 24 [pid 5048] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5678] set_robust_list(0x555556629660, 24 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5678] <... set_robust_list resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5679 attached [pid 5678] chdir("./104" [pid 5677] <... set_robust_list resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5047] <... umount2 resumed>) = 0 [pid 5679] set_robust_list(0x555556629660, 24 [pid 5678] <... chdir resumed>) = 0 [pid 5677] chdir("./100" [pid 5048] newfstatat(4, "", [pid 5679] <... set_robust_list resumed>) = 0 [pid 5678] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5679 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5678 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5679] chdir("./100" [pid 5678] <... prctl resumed>) = 0 [pid 5048] getdents64(4, [pid 5679] <... chdir resumed>) = 0 [pid 5678] setpgid(0, 0 [pid 5677] <... chdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5679] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5677] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5679] <... prctl resumed>) = 0 [pid 5678] <... setpgid resumed>) = 0 [pid 5677] <... prctl resumed>) = 0 [pid 5048] getdents64(4, [pid 5679] setpgid(0, 0 [pid 5678] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5677] setpgid(0, 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5679] <... setpgid resumed>) = 0 [pid 5678] <... openat resumed>) = 3 [pid 5677] <... setpgid resumed>) = 0 [pid 5050] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] close(4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5679] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5677] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... close resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./103/file0", [pid 5679] <... openat resumed>) = 3 [pid 5678] write(3, "1000", 4 [pid 5677] <... openat resumed>) = 3 [pid 5050] newfstatat(AT_FDCWD, "./100/file0", [pid 5679] write(3, "1000", 4 [pid 5678] <... write resumed>) = 4 [pid 5048] rmdir("./101/file0" [pid 5678] close(3 [pid 5679] <... write resumed>) = 4 [pid 5678] <... close resumed>) = 0 [pid 5679] close(3 [pid 5678] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5679] <... close resumed>) = 0 [pid 5677] write(3, "1000", 4 [pid 5678] <... symlink resumed>) = 0 [pid 5047] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5677] <... write resumed>) = 4 [pid 5050] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5679] symlink("/dev/binderfs", "./binderfs" [pid 5678] memfd_create("syzkaller", 0 [pid 5677] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(3, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5677] <... close resumed>) = 0 [pid 5679] <... symlink resumed>) = 0 [pid 5677] symlink("/dev/binderfs", "./binderfs" [pid 5050] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] close(3 [pid 5679] memfd_create("syzkaller", 0 [pid 5677] <... symlink resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5048] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5048] rmdir("./101" [pid 5678] <... memfd_create resumed>) = 3 [pid 5050] newfstatat(4, "", [pid 5047] newfstatat(4, "", [pid 5678] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5678] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] getdents64(4, [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5679] <... memfd_create resumed>) = 3 [pid 5677] memfd_create("syzkaller", 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5047] getdents64(4, [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5048] mkdir("./102", 0777 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... close resumed>) = 0 [pid 5047] getdents64(4, [pid 5679] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] rmdir("./100/file0" [pid 5048] <... mkdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5679] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... rmdir resumed>) = 0 [pid 5047] close(4 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5677] <... memfd_create resumed>) = 3 [pid 5050] getdents64(3, [pid 5047] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] rmdir("./103/file0" [pid 5050] close(3 [pid 5047] <... rmdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5047] getdents64(3, ./strace-static-x86_64: Process 5680 attached [pid 5680] set_robust_list(0x555556629660, 24 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5680 [pid 5680] <... set_robust_list resumed>) = 0 [pid 5680] chdir("./102") = 0 [pid 5680] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] rmdir("./100" [pid 5677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5047] close(3 [pid 5677] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] mkdir("./101", 0777 [pid 5047] <... close resumed>) = 0 [pid 5680] <... prctl resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5047] rmdir("./103" [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5680] setpgid(0, 0) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5680] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... openat resumed>) = 3 [pid 5047] mkdir("./104", 0777 [pid 5680] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5680] write(3, "1000", 4) = 4 [pid 5680] close(3) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5680] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5680] <... symlink resumed>) = 0 [pid 5050] close(3 [pid 5680] memfd_create("syzkaller", 0 [pid 5047] <... openat resumed>) = 3 [pid 5680] <... memfd_create resumed>) = 3 [pid 5680] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] <... close resumed>) = 0 [pid 5047] close(3 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5681 attached [pid 5681] set_robust_list(0x555556629660, 24) = 0 ./strace-static-x86_64: Process 5682 attached [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5681 [pid 5682] set_robust_list(0x555556629660, 24 [pid 5681] chdir("./101" [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5682 [pid 5682] <... set_robust_list resumed>) = 0 [pid 5681] <... chdir resumed>) = 0 [pid 5682] chdir("./104" [pid 5681] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5682] <... chdir resumed>) = 0 [pid 5681] <... prctl resumed>) = 0 [pid 5682] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5681] setpgid(0, 0 [pid 5678] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5682] <... prctl resumed>) = 0 [pid 5681] <... setpgid resumed>) = 0 [pid 5682] setpgid(0, 0 [pid 5681] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5682] <... setpgid resumed>) = 0 [pid 5681] <... openat resumed>) = 3 [pid 5682] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5681] write(3, "1000", 4 [pid 5682] <... openat resumed>) = 3 [pid 5681] <... write resumed>) = 4 [pid 5682] write(3, "1000", 4 [pid 5681] close(3 [pid 5682] <... write resumed>) = 4 [pid 5681] <... close resumed>) = 0 [pid 5682] close(3 [pid 5681] symlink("/dev/binderfs", "./binderfs" [pid 5682] <... close resumed>) = 0 [pid 5681] <... symlink resumed>) = 0 [pid 5682] symlink("/dev/binderfs", "./binderfs" [pid 5681] memfd_create("syzkaller", 0 [pid 5677] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5682] <... symlink resumed>) = 0 [pid 5679] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5681] <... memfd_create resumed>) = 3 [pid 5681] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5682] memfd_create("syzkaller", 0) = 3 [pid 5682] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5680] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5678] <... write resumed>) = 2097152 [pid 5679] <... write resumed>) = 2097152 [pid 5678] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5677] <... write resumed>) = 2097152 [pid 5678] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5677] munmap(0x7f3b887a1000, 138412032 [pid 5678] ioctl(4, LOOP_SET_FD, 3 [pid 5679] munmap(0x7f3b887a1000, 138412032 [pid 5677] <... munmap resumed>) = 0 [pid 5677] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5682] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5679] <... munmap resumed>) = 0 [pid 5677] ioctl(4, LOOP_SET_FD, 3 [pid 5679] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5679] ioctl(4, LOOP_SET_FD, 3 [pid 5681] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5680] <... write resumed>) = 2097152 [pid 5678] <... ioctl resumed>) = 0 [pid 5677] <... ioctl resumed>) = 0 [pid 5678] close(3) = 0 [pid 5678] mkdir("./file0", 0777) = 0 [pid 5677] close(3) = 0 [pid 5677] mkdir("./file0", 0777) = 0 [pid 5677] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5678] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5679] <... ioctl resumed>) = 0 [pid 5679] close(3) = 0 [pid 5679] mkdir("./file0", 0777) = 0 [pid 5680] munmap(0x7f3b887a1000, 138412032 [ 117.085756][ T5678] loop2: detected capacity change from 0 to 4096 [ 117.099581][ T5677] loop4: detected capacity change from 0 to 4096 [ 117.106135][ T5679] loop5: detected capacity change from 0 to 4096 [ 117.127004][ T5677] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5679] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5680] <... munmap resumed>) = 0 [pid 5682] <... write resumed>) = 2097152 [pid 5680] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5682] munmap(0x7f3b887a1000, 138412032 [pid 5681] <... write resumed>) = 2097152 [pid 5680] ioctl(4, LOOP_SET_FD, 3 [pid 5682] <... munmap resumed>) = 0 [pid 5677] <... mount resumed>) = 0 [pid 5677] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5682] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5681] munmap(0x7f3b887a1000, 138412032 [pid 5677] chdir("./file0" [pid 5682] ioctl(4, LOOP_SET_FD, 3 [pid 5679] <... mount resumed>) = 0 [pid 5677] <... chdir resumed>) = 0 [pid 5681] <... munmap resumed>) = 0 [ 117.136492][ T5678] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 117.149635][ T5679] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 117.171491][ T5680] loop1: detected capacity change from 0 to 4096 [pid 5681] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5681] ioctl(4, LOOP_SET_FD, 3 [pid 5682] <... ioctl resumed>) = 0 [pid 5680] <... ioctl resumed>) = 0 [pid 5679] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5678] <... mount resumed>) = 0 [pid 5677] ioctl(4, LOOP_CLR_FD [pid 5682] close(3 [pid 5680] close(3 [pid 5679] <... openat resumed>) = 3 [pid 5678] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5677] <... ioctl resumed>) = 0 [pid 5681] <... ioctl resumed>) = 0 [pid 5682] <... close resumed>) = 0 [pid 5680] <... close resumed>) = 0 [pid 5679] chdir("./file0" [pid 5678] <... openat resumed>) = 3 [pid 5677] close(4 [pid 5682] mkdir("./file0", 0777 [pid 5681] close(3 [pid 5680] mkdir("./file0", 0777 [pid 5679] <... chdir resumed>) = 0 [pid 5678] chdir("./file0" [pid 5677] <... close resumed>) = 0 [pid 5681] <... close resumed>) = 0 [pid 5679] ioctl(4, LOOP_CLR_FD [pid 5678] <... chdir resumed>) = 0 [pid 5677] exit_group(0 [pid 5681] mkdir("./file0", 0777 [pid 5679] <... ioctl resumed>) = 0 [pid 5678] ioctl(4, LOOP_CLR_FD [pid 5677] <... exit_group resumed>) = ? [pid 5679] close(4 [pid 5681] <... mkdir resumed>) = 0 [pid 5679] <... close resumed>) = 0 [pid 5679] exit_group(0) = ? [pid 5681] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5677] +++ exited with 0 +++ [pid 5678] <... ioctl resumed>) = 0 [pid 5678] close(4 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5677, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5051] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5678] <... close resumed>) = 0 [pid 5680] <... mkdir resumed>) = 0 [pid 5679] +++ exited with 0 +++ [pid 5678] exit_group(0 [pid 5680] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5679, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5052] umount2("./100", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5682] <... mkdir resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5678] <... exit_group resumed>) = ? [pid 5051] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./100/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./100/binderfs") = 0 [pid 5052] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5678] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5678, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [ 117.184602][ T5682] loop0: detected capacity change from 0 to 4096 [ 117.189850][ T5681] loop3: detected capacity change from 0 to 4096 [ 117.209370][ T5681] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 117.225701][ T5680] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5682] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5049] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... openat resumed>) = 3 [pid 5051] umount2("./100/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(3, "", [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./100/binderfs", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] unlink("./100/binderfs" [pid 5049] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5051] <... unlink resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] unlink("./104/binderfs" [pid 5052] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./100/file0", [pid 5051] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(AT_FDCWD, "./100/file0", [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5681] <... mount resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] umount2("./100/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... openat resumed>) = 4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5681] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] newfstatat(4, "", [pid 5051] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5681] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... openat resumed>) = 4 [ 117.235522][ T5682] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5681] chdir("./file0") = 0 [pid 5052] getdents64(4, [pid 5051] newfstatat(4, "", [pid 5681] ioctl(4, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5052] getdents64(4, [pid 5681] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] getdents64(4, [pid 5681] close(4) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5681] exit_group(0 [pid 5052] close(4 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5681] <... exit_group resumed>) = ? [pid 5051] close(4 [pid 5681] +++ exited with 0 +++ [pid 5052] <... close resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5052] rmdir("./100/file0" [pid 5051] rmdir("./100/file0" [pid 5052] <... rmdir resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5682] <... mount resumed>) = 0 [pid 5680] <... mount resumed>) = 0 [pid 5052] getdents64(3, [pid 5051] getdents64(3, [pid 5049] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5681, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5682] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5680] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] close(3 [pid 5051] close(3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5682] <... openat resumed>) = 3 [pid 5680] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5682] chdir("./file0" [pid 5680] chdir("./file0" [pid 5052] rmdir("./100" [pid 5051] rmdir("./100" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5682] <... chdir resumed>) = 0 [pid 5682] ioctl(4, LOOP_CLR_FD [pid 5049] newfstatat(AT_FDCWD, "./104/file0", [pid 5682] <... ioctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5682] close(4 [pid 5049] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5682] <... close resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5682] exit_group(0 [pid 5680] <... chdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5680] ioctl(4, LOOP_CLR_FD [pid 5050] newfstatat(3, "", [pid 5682] <... exit_group resumed>) = ? [pid 5680] <... ioctl resumed>) = 0 [pid 5052] mkdir("./101", 0777 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5052] <... mkdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5049] newfstatat(4, "", [pid 5680] close(4) = 0 [pid 5680] exit_group(0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] mkdir("./101", 0777 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5051] <... mkdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5682] +++ exited with 0 +++ [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(4 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5682, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./104/file0" [pid 5680] <... exit_group resumed>) = ? [pid 5052] close(3 [pid 5050] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5047] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(AT_FDCWD, "./101/binderfs", [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 ./strace-static-x86_64: Process 5683 attached [pid 5680] +++ exited with 0 +++ [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5683] set_robust_list(0x555556629660, 24 [pid 5049] rmdir("./104") = 0 [pid 5683] <... set_robust_list resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] unlink("./101/binderfs" [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5680, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5047] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5683] chdir("./101" [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] <... unlink resumed>) = 0 [pid 5049] mkdir("./105", 0777 [pid 5047] <... openat resumed>) = 3 [pid 5051] close(3 [pid 5047] newfstatat(3, "", [pid 5051] <... close resumed>) = 0 [pid 5048] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5683] <... chdir resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5047] getdents64(3, [pid 5683] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5683] <... prctl resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5684 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5683] setpgid(0, 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5683 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5684 attached [pid 5683] <... setpgid resumed>) = 0 [pid 5050] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", [pid 5047] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5684] set_robust_list(0x555556629660, 24 [pid 5683] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5684] <... set_robust_list resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5684] chdir("./101" [pid 5049] close(3 [pid 5048] getdents64(3, [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5684] <... chdir resumed>) = 0 [pid 5683] <... openat resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] unlink("./104/binderfs" [pid 5684] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5683] write(3, "1000", 4 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5684] <... prctl resumed>) = 0 [pid 5683] <... write resumed>) = 4 [pid 5047] <... unlink resumed>) = 0 [pid 5684] setpgid(0, 0 [pid 5683] close(3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5685 attached [pid 5684] <... setpgid resumed>) = 0 [pid 5683] <... close resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5685] set_robust_list(0x555556629660, 24 [pid 5684] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5685 [pid 5047] <... umount2 resumed>) = 0 [pid 5684] <... openat resumed>) = 3 [pid 5683] symlink("/dev/binderfs", "./binderfs" [pid 5047] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5685] <... set_robust_list resumed>) = 0 [pid 5684] write(3, "1000", 4 [pid 5683] <... symlink resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5685] chdir("./105" [pid 5684] <... write resumed>) = 4 [pid 5048] unlink("./102/binderfs" [pid 5685] <... chdir resumed>) = 0 [pid 5685] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5684] close(3 [pid 5048] <... unlink resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./104/file0", [pid 5685] <... prctl resumed>) = 0 [pid 5048] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5685] setpgid(0, 0) = 0 [pid 5684] <... close resumed>) = 0 [pid 5683] memfd_create("syzkaller", 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5684] symlink("/dev/binderfs", "./binderfs" [pid 5047] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5685] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5684] <... symlink resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5685] <... openat resumed>) = 3 [pid 5047] <... openat resumed>) = 4 [pid 5685] write(3, "1000", 4 [pid 5047] newfstatat(4, "", [pid 5684] memfd_create("syzkaller", 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5685] <... write resumed>) = 4 [pid 5683] <... memfd_create resumed>) = 3 [pid 5685] close(3 [pid 5047] getdents64(4, [pid 5685] <... close resumed>) = 0 [pid 5683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5685] symlink("/dev/binderfs", "./binderfs" [pid 5683] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] getdents64(4, [pid 5685] <... symlink resumed>) = 0 [pid 5684] <... memfd_create resumed>) = 3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5684] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] close(4 [pid 5684] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... close resumed>) = 0 [pid 5685] memfd_create("syzkaller", 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] rmdir("./104/file0" [pid 5048] newfstatat(AT_FDCWD, "./102/file0", [pid 5047] <... rmdir resumed>) = 0 [pid 5685] <... memfd_create resumed>) = 3 [pid 5050] <... umount2 resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] getdents64(3, [pid 5685] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./101/file0", [pid 5048] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5685] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(4, "", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] getdents64(4, [pid 5050] <... openat resumed>) = 4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] close(3 [pid 5048] getdents64(4, [pid 5050] newfstatat(4, "", [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./102/file0" [pid 5050] getdents64(4, [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./104" [pid 5048] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5047] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5047] mkdir("./105", 0777 [pid 5050] rmdir("./101/file0" [pid 5048] getdents64(3, [pid 5050] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5048] close(3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5048] <... close resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] rmdir("./102" [pid 5050] <... close resumed>) = 0 [pid 5047] close(3 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] mkdir("./103", 0777 [pid 5050] rmdir("./101") = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5686 [pid 5050] mkdir("./102", 0777 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 ./strace-static-x86_64: Process 5686 attached [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5686] set_robust_list(0x555556629660, 24 [pid 5683] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... ioctl resumed>) = 0 [pid 5686] <... set_robust_list resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5048] close(3 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5686] chdir("./105" [pid 5050] <... openat resumed>) = 3 [pid 5048] <... close resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5686] <... chdir resumed>) = 0 [pid 5685] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5686] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] close(3./strace-static-x86_64: Process 5687 attached [pid 5686] <... prctl resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5687 [pid 5687] set_robust_list(0x555556629660, 24 [pid 5686] setpgid(0, 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5688 attached [pid 5686] <... setpgid resumed>) = 0 [pid 5688] set_robust_list(0x555556629660, 24) = 0 [pid 5687] <... set_robust_list resumed>) = 0 [pid 5686] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5688 [pid 5687] chdir("./103" [pid 5686] <... openat resumed>) = 3 [pid 5688] chdir("./102") = 0 [pid 5686] write(3, "1000", 4) = 4 [pid 5686] close(3) = 0 [pid 5688] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5687] <... chdir resumed>) = 0 [pid 5684] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5688] <... prctl resumed>) = 0 [pid 5688] setpgid(0, 0 [pid 5687] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5688] <... setpgid resumed>) = 0 [pid 5688] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5687] <... prctl resumed>) = 0 [pid 5688] <... openat resumed>) = 3 [pid 5687] setpgid(0, 0 [pid 5688] write(3, "1000", 4 [pid 5687] <... setpgid resumed>) = 0 [pid 5686] symlink("/dev/binderfs", "./binderfs" [pid 5688] <... write resumed>) = 4 [pid 5687] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5686] <... symlink resumed>) = 0 [pid 5683] <... write resumed>) = 2097152 [pid 5688] close(3) = 0 [pid 5688] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5687] <... openat resumed>) = 3 [pid 5686] memfd_create("syzkaller", 0 [pid 5687] write(3, "1000", 4) = 4 [pid 5687] close(3) = 0 [pid 5687] symlink("/dev/binderfs", "./binderfs" [pid 5688] memfd_create("syzkaller", 0 [pid 5687] <... symlink resumed>) = 0 [pid 5686] <... memfd_create resumed>) = 3 [pid 5686] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5683] munmap(0x7f3b887a1000, 138412032 [pid 5687] memfd_create("syzkaller", 0 [pid 5683] <... munmap resumed>) = 0 [pid 5688] <... memfd_create resumed>) = 3 [pid 5685] <... write resumed>) = 2097152 [pid 5688] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5687] <... memfd_create resumed>) = 3 [pid 5688] <... mmap resumed>) = 0x7f3b887a1000 [pid 5687] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5683] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5685] munmap(0x7f3b887a1000, 138412032 [pid 5683] <... openat resumed>) = 4 [pid 5683] ioctl(4, LOOP_SET_FD, 3 [pid 5685] <... munmap resumed>) = 0 [pid 5683] <... ioctl resumed>) = 0 [pid 5685] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5685] ioctl(4, LOOP_SET_FD, 3 [pid 5683] close(3 [pid 5684] <... write resumed>) = 2097152 [pid 5683] <... close resumed>) = 0 [pid 5684] munmap(0x7f3b887a1000, 138412032 [pid 5683] mkdir("./file0", 0777 [pid 5684] <... munmap resumed>) = 0 [pid 5683] <... mkdir resumed>) = 0 [pid 5683] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5687] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5686] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5685] <... ioctl resumed>) = 0 [pid 5684] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5685] close(3) = 0 [pid 5685] mkdir("./file0", 0777) = 0 [ 117.633921][ T5683] loop5: detected capacity change from 0 to 4096 [ 117.658111][ T5685] loop2: detected capacity change from 0 to 4096 [ 117.671765][ T5683] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5685] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5688] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5684] <... openat resumed>) = 4 [pid 5684] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5684] close(3) = 0 [pid 5686] <... write resumed>) = 2097152 [pid 5684] mkdir("./file0", 0777) = 0 [pid 5686] munmap(0x7f3b887a1000, 138412032 [ 117.693082][ T5685] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 117.711806][ T5684] loop4: detected capacity change from 0 to 4096 [pid 5684] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5688] <... write resumed>) = 2097152 [pid 5687] <... write resumed>) = 2097152 [pid 5686] <... munmap resumed>) = 0 [pid 5686] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5686] ioctl(4, LOOP_SET_FD, 3 [pid 5688] munmap(0x7f3b887a1000, 138412032 [pid 5687] munmap(0x7f3b887a1000, 138412032 [pid 5685] <... mount resumed>) = 0 [pid 5684] <... mount resumed>) = 0 [pid 5683] <... mount resumed>) = 0 [pid 5688] <... munmap resumed>) = 0 [pid 5686] <... ioctl resumed>) = 0 [pid 5685] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5683] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5686] close(3 [pid 5685] <... openat resumed>) = 3 [pid 5683] <... openat resumed>) = 3 [pid 5687] <... munmap resumed>) = 0 [pid 5684] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5688] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5687] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5686] <... close resumed>) = 0 [pid 5685] chdir("./file0" [pid 5683] chdir("./file0" [pid 5688] <... openat resumed>) = 4 [pid 5687] <... openat resumed>) = 4 [pid 5686] mkdir("./file0", 0777 [pid 5685] <... chdir resumed>) = 0 [pid 5684] <... openat resumed>) = 3 [pid 5683] <... chdir resumed>) = 0 [pid 5688] ioctl(4, LOOP_SET_FD, 3 [pid 5687] ioctl(4, LOOP_SET_FD, 3 [pid 5685] ioctl(4, LOOP_CLR_FD [pid 5684] chdir("./file0" [pid 5683] ioctl(4, LOOP_CLR_FD [pid 5686] <... mkdir resumed>) = 0 [pid 5685] <... ioctl resumed>) = 0 [pid 5683] <... ioctl resumed>) = 0 [ 117.740568][ T5684] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 117.774279][ T5686] loop0: detected capacity change from 0 to 4096 [pid 5686] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5685] close(4 [pid 5683] close(4 [pid 5684] <... chdir resumed>) = 0 [pid 5685] <... close resumed>) = 0 [pid 5683] <... close resumed>) = 0 [pid 5685] exit_group(0 [pid 5683] exit_group(0 [pid 5685] <... exit_group resumed>) = ? [pid 5683] <... exit_group resumed>) = ? [pid 5683] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5683, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", [pid 5687] <... ioctl resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5684] ioctl(4, LOOP_CLR_FD [pid 5688] <... ioctl resumed>) = 0 [pid 5687] close(3 [pid 5052] getdents64(3, [pid 5684] <... ioctl resumed>) = 0 [pid 5688] close(3 [pid 5687] <... close resumed>) = 0 [pid 5684] close(4 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5684] <... close resumed>) = 0 [pid 5685] +++ exited with 0 +++ [pid 5688] <... close resumed>) = 0 [pid 5684] exit_group(0 [pid 5687] mkdir("./file0", 0777 [pid 5688] mkdir("./file0", 0777 [pid 5684] <... exit_group resumed>) = ? [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5685, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5052] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./101/binderfs" [pid 5684] +++ exited with 0 +++ [pid 5052] <... unlink resumed>) = 0 [pid 5052] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5688] <... mkdir resumed>) = 0 [pid 5687] <... mkdir resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5684, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5051] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5049] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5687] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5688] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] umount2("./101", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] <... openat resumed>) = 3 [ 117.785899][ T5688] loop3: detected capacity change from 0 to 4096 [ 117.793333][ T5687] loop1: detected capacity change from 0 to 4096 [ 117.804314][ T5686] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5051] newfstatat(3, "", [pid 5049] newfstatat(3, "", [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./101/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./101/binderfs") = 0 [pid 5051] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./105/binderfs", [pid 5052] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] unlink("./105/binderfs" [pid 5052] newfstatat(AT_FDCWD, "./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5052] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5686] <... mount resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5049] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./105/file0", [pid 5686] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] getdents64(4, [pid 5051] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5686] <... openat resumed>) = 3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5686] chdir("./file0" [pid 5052] getdents64(4, [pid 5049] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5686] <... chdir resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./101/file0", [pid 5686] ioctl(4, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5686] <... ioctl resumed>) = 0 [ 117.838882][ T5688] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 117.848439][ T5687] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5052] close(4 [pid 5051] umount2("./101/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5686] close(4) = 0 [pid 5686] exit_group(0) = ? [pid 5686] +++ exited with 0 +++ [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./101/file0" [pid 5049] <... openat resumed>) = 4 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5686, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] <... rmdir resumed>) = 0 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... close resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] rmdir("./101" [pid 5047] <... openat resumed>) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] getdents64(4, [pid 5047] newfstatat(3, "", [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] mkdir("./102", 0777 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5051] getdents64(4, [pid 5049] getdents64(4, [pid 5047] getdents64(3, [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5049] close(4 [pid 5047] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] rmdir("./101/file0" [pid 5052] <... openat resumed>) = 3 [pid 5051] <... rmdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(3, [pid 5049] rmdir("./105/file0" [pid 5047] newfstatat(AT_FDCWD, "./105/binderfs", [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5687] <... mount resumed>) = 0 [pid 5049] getdents64(3, [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] unlink("./105/binderfs" [pid 5049] close(3) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 5688] <... mount resumed>) = 0 [pid 5049] rmdir("./105" [pid 5047] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5688] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5687] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5688] <... openat resumed>) = 3 [pid 5052] close(3 [pid 5051] <... close resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5688] chdir("./file0" [pid 5052] <... close resumed>) = 0 [pid 5051] rmdir("./101" [pid 5688] <... chdir resumed>) = 0 [pid 5687] <... openat resumed>) = 3 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... rmdir resumed>) = 0 [pid 5688] ioctl(4, LOOP_CLR_FD [pid 5687] chdir("./file0" [pid 5051] mkdir("./102", 0777 [pid 5049] mkdir("./106", 0777./strace-static-x86_64: Process 5689 attached [pid 5688] <... ioctl resumed>) = 0 [pid 5687] <... chdir resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5689 [pid 5051] <... mkdir resumed>) = 0 [pid 5689] set_robust_list(0x555556629660, 24 [pid 5688] close(4 [pid 5687] ioctl(4, LOOP_CLR_FD [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... mkdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5689] <... set_robust_list resumed>) = 0 [pid 5688] <... close resumed>) = 0 [pid 5687] <... ioctl resumed>) = 0 [pid 5688] exit_group(0 [pid 5687] close(4 [pid 5051] <... openat resumed>) = 3 [pid 5688] <... exit_group resumed>) = ? [pid 5689] chdir("./102" [pid 5687] <... close resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5687] exit_group(0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 5687] <... exit_group resumed>) = ? [pid 5051] <... close resumed>) = 0 [pid 5689] <... chdir resumed>) = 0 [pid 5688] +++ exited with 0 +++ [pid 5687] +++ exited with 0 +++ [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5689] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5688, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5049] <... openat resumed>) = 3 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5687, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- ./strace-static-x86_64: Process 5690 attached [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5690] set_robust_list(0x555556629660, 24 [pid 5689] <... prctl resumed>) = 0 [pid 5050] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] close(3 [pid 5048] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5690] <... set_robust_list resumed>) = 0 [pid 5689] setpgid(0, 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5690] chdir("./102" [pid 5689] <... setpgid resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5690 [pid 5050] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5690] <... chdir resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5690] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5689] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] newfstatat(3, "", [pid 5048] getdents64(3, ./strace-static-x86_64: Process 5691 attached [pid 5690] <... prctl resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5691 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5691] set_robust_list(0x555556629660, 24 [pid 5690] setpgid(0, 0 [pid 5689] <... openat resumed>) = 3 [pid 5050] getdents64(3, [pid 5048] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5691] <... set_robust_list resumed>) = 0 [pid 5690] <... setpgid resumed>) = 0 [pid 5689] write(3, "1000", 4 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5691] chdir("./106" [pid 5690] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5689] <... write resumed>) = 4 [pid 5050] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(AT_FDCWD, "./103/binderfs", [pid 5047] newfstatat(AT_FDCWD, "./105/file0", [pid 5691] <... chdir resumed>) = 0 [pid 5690] <... openat resumed>) = 3 [pid 5689] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5691] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] unlink("./103/binderfs" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5691] <... prctl resumed>) = 0 [pid 5690] write(3, "1000", 4 [pid 5689] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5048] <... unlink resumed>) = 0 [pid 5691] setpgid(0, 0 [pid 5690] <... write resumed>) = 4 [pid 5689] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5691] <... setpgid resumed>) = 0 [pid 5690] close(3 [pid 5689] <... symlink resumed>) = 0 [pid 5050] unlink("./102/binderfs") = 0 [pid 5691] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5690] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5690] symlink("/dev/binderfs", "./binderfs" [pid 5050] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", [pid 5690] <... symlink resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5691] <... openat resumed>) = 3 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5691] write(3, "1000", 4) = 4 [pid 5689] memfd_create("syzkaller", 0 [pid 5691] close(3) = 0 [pid 5047] getdents64(4, [pid 5691] symlink("/dev/binderfs", "./binderfs" [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5691] <... symlink resumed>) = 0 [pid 5047] close(4 [pid 5690] memfd_create("syzkaller", 0 [pid 5047] <... close resumed>) = 0 [pid 5691] memfd_create("syzkaller", 0 [pid 5690] <... memfd_create resumed>) = 3 [pid 5689] <... memfd_create resumed>) = 3 [pid 5690] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5689] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5691] <... memfd_create resumed>) = 3 [pid 5691] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] rmdir("./105/file0") = 0 [pid 5691] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] getdents64(3, [pid 5690] <... mmap resumed>) = 0x7f3b887a1000 [pid 5689] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... umount2 resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./105") = 0 [pid 5047] mkdir("./106", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5692 ./strace-static-x86_64: Process 5692 attached [pid 5692] set_robust_list(0x555556629660, 24) = 0 [pid 5692] chdir("./106") = 0 [pid 5692] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5692] setpgid(0, 0) = 0 [pid 5692] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5692] write(3, "1000", 4) = 4 [pid 5692] close(3) = 0 [pid 5692] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... umount2 resumed>) = 0 [pid 5692] <... symlink resumed>) = 0 [pid 5048] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5692] memfd_create("syzkaller", 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./103/file0", [pid 5050] newfstatat(AT_FDCWD, "./102/file0", [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5692] <... memfd_create resumed>) = 3 [pid 5050] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5692] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5692] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] <... openat resumed>) = 4 [pid 5050] newfstatat(4, "", [pid 5048] newfstatat(4, "", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5048] getdents64(4, [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(4, [pid 5048] close(4 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... close resumed>) = 0 [pid 5050] close(4 [pid 5048] rmdir("./103/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./102/file0" [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./103" [pid 5050] <... rmdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5048] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] mkdir("./104", 0777 [pid 5050] close(3 [pid 5048] <... mkdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] rmdir("./102" [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5693 attached [pid 5691] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5690] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] mkdir("./103", 0777 [pid 5693] set_robust_list(0x555556629660, 24 [pid 5689] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5693 [pid 5693] <... set_robust_list resumed>) = 0 [pid 5693] chdir("./104" [pid 5050] <... mkdir resumed>) = 0 [pid 5693] <... chdir resumed>) = 0 [pid 5692] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5693] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5693] setpgid(0, 0) = 0 [pid 5693] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5693] write(3, "1000", 4) = 4 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5693] close(3) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5693] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5693] memfd_create("syzkaller", 0 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5693] <... memfd_create resumed>) = 3 [pid 5050] close(3 [pid 5693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... close resumed>) = 0 [pid 5693] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5694 attached [pid 5689] <... write resumed>) = 2097152 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5694 [pid 5694] set_robust_list(0x555556629660, 24 [pid 5690] <... write resumed>) = 2097152 [pid 5694] <... set_robust_list resumed>) = 0 [pid 5694] chdir("./103") = 0 [pid 5694] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5691] <... write resumed>) = 2097152 [pid 5690] munmap(0x7f3b887a1000, 138412032 [pid 5689] munmap(0x7f3b887a1000, 138412032 [pid 5690] <... munmap resumed>) = 0 [pid 5694] <... prctl resumed>) = 0 [pid 5691] munmap(0x7f3b887a1000, 138412032 [pid 5690] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5689] <... munmap resumed>) = 0 [pid 5694] setpgid(0, 0) = 0 [pid 5694] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5692] <... write resumed>) = 2097152 [pid 5691] <... munmap resumed>) = 0 [pid 5690] <... openat resumed>) = 4 [pid 5689] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5694] write(3, "1000", 4 [pid 5692] munmap(0x7f3b887a1000, 138412032 [pid 5691] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5690] ioctl(4, LOOP_SET_FD, 3 [pid 5689] <... openat resumed>) = 4 [pid 5694] <... write resumed>) = 4 [pid 5693] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5689] ioctl(4, LOOP_SET_FD, 3 [pid 5694] close(3) = 0 [pid 5689] <... ioctl resumed>) = 0 [pid 5694] symlink("/dev/binderfs", "./binderfs" [pid 5690] <... ioctl resumed>) = 0 [pid 5689] close(3 [pid 5691] <... openat resumed>) = 4 [pid 5689] <... close resumed>) = 0 [pid 5694] <... symlink resumed>) = 0 [pid 5693] <... write resumed>) = 2097152 [pid 5692] <... munmap resumed>) = 0 [pid 5691] ioctl(4, LOOP_SET_FD, 3 [pid 5690] close(3 [pid 5689] mkdir("./file0", 0777 [pid 5692] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5690] <... close resumed>) = 0 [pid 5692] <... openat resumed>) = 4 [pid 5693] munmap(0x7f3b887a1000, 138412032 [pid 5692] ioctl(4, LOOP_SET_FD, 3 [pid 5690] mkdir("./file0", 0777 [pid 5689] <... mkdir resumed>) = 0 [pid 5694] memfd_create("syzkaller", 0 [pid 5692] <... ioctl resumed>) = 0 [pid 5694] <... memfd_create resumed>) = 3 [pid 5693] <... munmap resumed>) = 0 [pid 5691] <... ioctl resumed>) = 0 [pid 5690] <... mkdir resumed>) = 0 [pid 5689] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5694] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5693] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5692] close(3 [pid 5691] close(3 [pid 5694] <... mmap resumed>) = 0x7f3b887a1000 [pid 5693] <... openat resumed>) = 4 [pid 5692] <... close resumed>) = 0 [pid 5691] <... close resumed>) = 0 [ 118.249599][ T5690] loop4: detected capacity change from 0 to 4096 [ 118.256762][ T5689] loop5: detected capacity change from 0 to 4096 [ 118.277435][ T5691] loop2: detected capacity change from 0 to 4096 [ 118.277869][ T5692] loop0: detected capacity change from 0 to 4096 [pid 5692] mkdir("./file0", 0777 [pid 5691] mkdir("./file0", 0777 [pid 5693] ioctl(4, LOOP_SET_FD, 3 [pid 5692] <... mkdir resumed>) = 0 [pid 5691] <... mkdir resumed>) = 0 [pid 5690] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5692] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5691] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5693] <... ioctl resumed>) = 0 [pid 5693] close(3) = 0 [pid 5693] mkdir("./file0", 0777) = 0 [ 118.304040][ T5689] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 118.308553][ T5693] loop1: detected capacity change from 0 to 4096 [ 118.323354][ T5690] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 118.324021][ T5692] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 118.341882][ T5691] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5693] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5694] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5690] <... mount resumed>) = 0 [pid 5690] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5690] chdir("./file0") = 0 [pid 5690] ioctl(4, LOOP_CLR_FD) = 0 [pid 5690] close(4 [pid 5692] <... mount resumed>) = 0 [pid 5691] <... mount resumed>) = 0 [pid 5690] <... close resumed>) = 0 [pid 5689] <... mount resumed>) = 0 [pid 5690] exit_group(0 [pid 5692] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5690] <... exit_group resumed>) = ? [pid 5691] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5689] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5691] <... openat resumed>) = 3 [pid 5689] <... openat resumed>) = 3 [pid 5692] <... openat resumed>) = 3 [pid 5691] chdir("./file0" [pid 5690] +++ exited with 0 +++ [pid 5692] chdir("./file0") = 0 [pid 5692] ioctl(4, LOOP_CLR_FD) = 0 [pid 5693] <... mount resumed>) = 0 [pid 5692] close(4 [pid 5693] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5692] <... close resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5690, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [ 118.356949][ T5693] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5694] <... write resumed>) = 2097152 [pid 5693] <... openat resumed>) = 3 [pid 5692] exit_group(0 [pid 5691] <... chdir resumed>) = 0 [pid 5689] chdir("./file0" [pid 5051] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5694] munmap(0x7f3b887a1000, 138412032 [pid 5691] ioctl(4, LOOP_CLR_FD [pid 5689] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5693] chdir("./file0" [pid 5692] <... exit_group resumed>) = ? [pid 5691] <... ioctl resumed>) = 0 [pid 5689] ioctl(4, LOOP_CLR_FD [pid 5051] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5694] <... munmap resumed>) = 0 [pid 5693] <... chdir resumed>) = 0 [pid 5691] close(4 [pid 5689] <... ioctl resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5693] ioctl(4, LOOP_CLR_FD [pid 5691] <... close resumed>) = 0 [pid 5689] close(4 [pid 5051] newfstatat(3, "", [pid 5693] <... ioctl resumed>) = 0 [pid 5691] exit_group(0 [pid 5689] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5693] close(4 [pid 5692] +++ exited with 0 +++ [pid 5691] <... exit_group resumed>) = ? [pid 5689] exit_group(0 [pid 5051] getdents64(3, [pid 5693] <... close resumed>) = 0 [pid 5691] +++ exited with 0 +++ [pid 5689] <... exit_group resumed>) = ? [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5693] exit_group(0 [pid 5689] +++ exited with 0 +++ [pid 5051] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5692, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5694] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5693] <... exit_group resumed>) = ? [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5689, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5691, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5694] <... openat resumed>) = 4 [pid 5051] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5047] <... restart_syscall resumed>) = 0 [pid 5694] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5693] +++ exited with 0 +++ [pid 5052] umount2("./102", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] unlink("./102/binderfs" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... unlink resumed>) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5693, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5052] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... openat resumed>) = 3 [pid 5048] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(3, "", [pid 5049] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", [pid 5047] newfstatat(3, "", [pid 5052] getdents64(3, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] getdents64(3, [pid 5052] umount2("./102/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5051] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5047] newfstatat(AT_FDCWD, "./106/binderfs", [pid 5694] <... ioctl resumed>) = 0 [pid 5052] unlink("./102/binderfs" [pid 5051] newfstatat(AT_FDCWD, "./102/file0", [pid 5049] newfstatat(3, "", [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5694] close(3 [pid 5052] <... unlink resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] unlink("./104/binderfs" [pid 5047] unlink("./106/binderfs" [pid 5694] <... close resumed>) = 0 [pid 5052] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5694] mkdir("./file0", 0777 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5694] <... mkdir resumed>) = 0 [pid 5047] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = 0 [pid 5694] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(4, [pid 5049] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(AT_FDCWD, "./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(4, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] close(4 [pid 5047] <... openat resumed>) = 4 [pid 5051] <... close resumed>) = 0 [pid 5047] newfstatat(4, "", [pid 5051] rmdir("./102/file0" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5047] getdents64(4, [pid 5051] getdents64(3, [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] getdents64(4, [pid 5049] newfstatat(AT_FDCWD, "./106/binderfs", [pid 5051] close(3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... close resumed>) = 0 [pid 5047] close(4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... close resumed>) = 0 [pid 5049] unlink("./106/binderfs" [pid 5047] rmdir("./106/file0" [pid 5049] <... unlink resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5051] rmdir("./102" [pid 5049] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(3, [pid 5051] <... rmdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5051] mkdir("./103", 0777 [pid 5047] rmdir("./106" [pid 5051] <... mkdir resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] mkdir("./107", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] ioctl(3, LOOP_CLR_FD) = 0 [ 118.455432][ T5694] loop3: detected capacity change from 0 to 4096 [ 118.489362][ T5694] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5047] close(3 [pid 5048] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5695 attached [pid 5052] <... umount2 resumed>) = 0 [pid 5695] set_robust_list(0x555556629660, 24 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5695 [pid 5048] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... close resumed>) = 0 [pid 5695] <... set_robust_list resumed>) = 0 [pid 5052] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5695] chdir("./103" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5695] <... chdir resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./102/file0", [pid 5049] <... umount2 resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./104/file0", [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5695] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5695] <... prctl resumed>) = 0 [pid 5052] umount2("./102/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5696 attached [pid 5695] setpgid(0, 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5696] set_robust_list(0x555556629660, 24 [pid 5695] <... setpgid resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] newfstatat(AT_FDCWD, "./106/file0", [pid 5048] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5696 [pid 5696] <... set_robust_list resumed>) = 0 [pid 5695] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... openat resumed>) = 4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5696] chdir("./107" [pid 5695] <... openat resumed>) = 3 [pid 5052] newfstatat(4, "", [pid 5049] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(4, "", [pid 5696] <... chdir resumed>) = 0 [pid 5695] write(3, "1000", 4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5696] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5695] <... write resumed>) = 4 [pid 5694] <... mount resumed>) = 0 [pid 5052] getdents64(4, [pid 5049] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] getdents64(4, [pid 5695] close(3 [pid 5694] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... openat resumed>) = 4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5696] <... prctl resumed>) = 0 [pid 5695] <... close resumed>) = 0 [pid 5694] <... openat resumed>) = 3 [pid 5052] getdents64(4, [pid 5049] newfstatat(4, "", [pid 5048] getdents64(4, [pid 5696] setpgid(0, 0 [pid 5695] symlink("/dev/binderfs", "./binderfs" [pid 5694] chdir("./file0" [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5695] <... symlink resumed>) = 0 [pid 5694] <... chdir resumed>) = 0 [pid 5052] close(4 [pid 5049] getdents64(4, [pid 5048] close(4 [pid 5696] <... setpgid resumed>) = 0 [pid 5695] memfd_create("syzkaller", 0 [pid 5694] ioctl(4, LOOP_CLR_FD [pid 5052] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... close resumed>) = 0 [pid 5696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] rmdir("./102/file0" [pid 5049] getdents64(4, [pid 5048] rmdir("./104/file0" [pid 5696] <... openat resumed>) = 3 [pid 5694] <... ioctl resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5696] write(3, "1000", 4 [pid 5694] close(4 [pid 5052] getdents64(3, [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(3, [pid 5696] <... write resumed>) = 4 [pid 5695] <... memfd_create resumed>) = 3 [pid 5694] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5696] close(3 [pid 5695] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5694] exit_group(0 [pid 5052] close(3 [pid 5049] close(4 [pid 5048] close(3 [pid 5696] <... close resumed>) = 0 [pid 5695] <... mmap resumed>) = 0x7f3b887a1000 [pid 5694] <... exit_group resumed>) = ? [pid 5052] <... close resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5696] symlink("/dev/binderfs", "./binderfs" [pid 5694] +++ exited with 0 +++ [pid 5052] rmdir("./102" [pid 5049] rmdir("./106/file0" [pid 5048] rmdir("./104" [pid 5696] <... symlink resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5696] memfd_create("syzkaller", 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5694, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5049] getdents64(3, [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5696] <... memfd_create resumed>) = 3 [pid 5052] mkdir("./103", 0777 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3 [pid 5696] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./106" [pid 5050] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5696] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] mkdir("./105", 0777 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] mkdir("./107", 0777 [pid 5052] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 3 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] newfstatat(3, "", [pid 5049] <... mkdir resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] getdents64(3, [pid 5049] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5050] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5052] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] close(3 [pid 5048] <... close resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] newfstatat(AT_FDCWD, "./103/binderfs", [pid 5049] <... close resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5697 attached [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5697 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5698 [pid 5697] set_robust_list(0x555556629660, 24 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5699 [pid 5050] unlink("./103/binderfs"./strace-static-x86_64: Process 5699 attached ./strace-static-x86_64: Process 5698 attached [pid 5697] <... set_robust_list resumed>) = 0 [pid 5699] set_robust_list(0x555556629660, 24 [pid 5698] set_robust_list(0x555556629660, 24 [pid 5697] chdir("./103" [pid 5050] <... unlink resumed>) = 0 [pid 5699] <... set_robust_list resumed>) = 0 [pid 5697] <... chdir resumed>) = 0 [pid 5050] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5698] <... set_robust_list resumed>) = 0 [pid 5697] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5699] chdir("./107" [pid 5698] chdir("./105" [pid 5697] <... prctl resumed>) = 0 [pid 5698] <... chdir resumed>) = 0 [pid 5697] setpgid(0, 0) = 0 [pid 5697] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5697] write(3, "1000", 4) = 4 [pid 5697] close(3) = 0 [pid 5697] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5699] <... chdir resumed>) = 0 [pid 5698] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5699] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5698] <... prctl resumed>) = 0 [pid 5697] memfd_create("syzkaller", 0 [pid 5699] <... prctl resumed>) = 0 [pid 5698] setpgid(0, 0 [pid 5699] setpgid(0, 0 [pid 5698] <... setpgid resumed>) = 0 [pid 5698] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5699] <... setpgid resumed>) = 0 [pid 5698] <... openat resumed>) = 3 [pid 5699] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5697] <... memfd_create resumed>) = 3 [pid 5698] write(3, "1000", 4 [pid 5697] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5698] <... write resumed>) = 4 [pid 5699] <... openat resumed>) = 3 [pid 5698] close(3 [pid 5697] <... mmap resumed>) = 0x7f3b887a1000 [pid 5698] <... close resumed>) = 0 [pid 5698] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5698] memfd_create("syzkaller", 0) = 3 [pid 5699] write(3, "1000", 4 [pid 5698] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5699] <... write resumed>) = 4 [pid 5699] close(3 [pid 5698] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5699] <... close resumed>) = 0 [pid 5699] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./103/file0", [pid 5699] <... symlink resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5699] memfd_create("syzkaller", 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5699] <... memfd_create resumed>) = 3 [pid 5050] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5699] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... openat resumed>) = 4 [pid 5699] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, [pid 5695] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./103/file0") = 0 [pid 5050] getdents64(3, [pid 5696] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5695] <... write resumed>) = 2097152 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./103") = 0 [pid 5050] mkdir("./104", 0777) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5697] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5700 ./strace-static-x86_64: Process 5700 attached [pid 5695] munmap(0x7f3b887a1000, 138412032 [pid 5700] set_robust_list(0x555556629660, 24 [pid 5695] <... munmap resumed>) = 0 [pid 5700] <... set_robust_list resumed>) = 0 [pid 5700] chdir("./104") = 0 [pid 5700] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5700] setpgid(0, 0) = 0 [pid 5700] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5700] write(3, "1000", 4) = 4 [pid 5700] close(3 [pid 5698] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5696] <... write resumed>) = 2097152 [pid 5695] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5695] ioctl(4, LOOP_SET_FD, 3 [pid 5700] <... close resumed>) = 0 [pid 5700] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5700] memfd_create("syzkaller", 0 [pid 5699] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5700] <... memfd_create resumed>) = 3 [pid 5696] munmap(0x7f3b887a1000, 138412032 [pid 5695] <... ioctl resumed>) = 0 [pid 5695] close(3) = 0 [pid 5695] mkdir("./file0", 0777) = 0 [pid 5695] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5700] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5696] <... munmap resumed>) = 0 [pid 5700] <... mmap resumed>) = 0x7f3b887a1000 [ 118.828817][ T5695] loop4: detected capacity change from 0 to 4096 [ 118.859289][ T5695] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5697] <... write resumed>) = 2097152 [pid 5696] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5697] munmap(0x7f3b887a1000, 138412032 [pid 5696] <... openat resumed>) = 4 [pid 5696] ioctl(4, LOOP_SET_FD, 3 [pid 5697] <... munmap resumed>) = 0 [pid 5699] <... write resumed>) = 2097152 [pid 5698] <... write resumed>) = 2097152 [pid 5697] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5699] munmap(0x7f3b887a1000, 138412032 [pid 5697] <... openat resumed>) = 4 [pid 5696] <... ioctl resumed>) = 0 [pid 5697] ioctl(4, LOOP_SET_FD, 3 [pid 5699] <... munmap resumed>) = 0 [pid 5696] close(3) = 0 [pid 5696] mkdir("./file0", 0777 [pid 5698] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5699] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5697] <... ioctl resumed>) = 0 [pid 5699] <... openat resumed>) = 4 [pid 5698] openat(AT_FDCWD, "/dev/loop1", O_RDWR [ 118.885744][ T5696] loop0: detected capacity change from 0 to 4096 [ 118.910152][ T5697] loop5: detected capacity change from 0 to 4096 [pid 5699] ioctl(4, LOOP_SET_FD, 3 [pid 5698] <... openat resumed>) = 4 [pid 5697] close(3 [pid 5696] <... mkdir resumed>) = 0 [pid 5700] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5697] <... close resumed>) = 0 [pid 5697] mkdir("./file0", 0777 [pid 5696] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5697] <... mkdir resumed>) = 0 [pid 5698] ioctl(4, LOOP_SET_FD, 3 [pid 5697] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5699] <... ioctl resumed>) = 0 [pid 5699] close(3) = 0 [pid 5699] mkdir("./file0", 0777) = 0 [ 118.948698][ T5699] loop2: detected capacity change from 0 to 4096 [ 118.961530][ T5696] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 118.966848][ T5698] loop1: detected capacity change from 0 to 4096 [ 118.978718][ T5697] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5699] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5698] <... ioctl resumed>) = 0 [pid 5698] close(3) = 0 [pid 5698] mkdir("./file0", 0777) = 0 [pid 5695] <... mount resumed>) = 0 [pid 5695] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5700] <... write resumed>) = 2097152 [pid 5695] chdir("./file0" [pid 5698] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5695] <... chdir resumed>) = 0 [pid 5695] ioctl(4, LOOP_CLR_FD) = 0 [pid 5700] munmap(0x7f3b887a1000, 138412032 [pid 5695] close(4) = 0 [pid 5695] exit_group(0) = ? [pid 5695] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5695, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./103/binderfs") = 0 [pid 5696] <... mount resumed>) = 0 [pid 5051] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5696] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5700] <... munmap resumed>) = 0 [pid 5696] <... openat resumed>) = 3 [pid 5696] chdir("./file0" [pid 5700] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5696] <... chdir resumed>) = 0 [pid 5700] <... openat resumed>) = 4 [pid 5696] ioctl(4, LOOP_CLR_FD) = 0 [ 119.000628][ T5699] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 119.033095][ T5698] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5700] ioctl(4, LOOP_SET_FD, 3 [pid 5696] close(4) = 0 [pid 5696] exit_group(0) = ? [pid 5051] <... umount2 resumed>) = 0 [pid 5700] <... ioctl resumed>) = 0 [pid 5697] <... mount resumed>) = 0 [pid 5696] +++ exited with 0 +++ [pid 5697] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5696, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5697] <... openat resumed>) = 3 [pid 5700] close(3 [pid 5697] chdir("./file0" [pid 5051] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5700] <... close resumed>) = 0 [pid 5697] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5700] mkdir("./file0", 0777 [pid 5697] ioctl(4, LOOP_CLR_FD [pid 5051] newfstatat(AT_FDCWD, "./103/file0", [pid 5700] <... mkdir resumed>) = 0 [pid 5697] <... ioctl resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5698] <... mount resumed>) = 0 [pid 5697] close(4 [pid 5051] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5698] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5697] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5700] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5698] <... openat resumed>) = 3 [pid 5697] exit_group(0 [pid 5051] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... openat resumed>) = 3 [pid 5699] <... mount resumed>) = 0 [pid 5698] chdir("./file0" [pid 5697] <... exit_group resumed>) = ? [pid 5051] <... openat resumed>) = 4 [pid 5698] <... chdir resumed>) = 0 [pid 5697] +++ exited with 0 +++ [pid 5051] newfstatat(4, "", [pid 5047] newfstatat(3, "", [pid 5699] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5698] ioctl(4, LOOP_CLR_FD [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 119.074827][ T5700] loop3: detected capacity change from 0 to 4096 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5699] <... openat resumed>) = 3 [pid 5698] <... ioctl resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5697, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] getdents64(4, [pid 5047] getdents64(3, [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5698] close(4 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./103", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5698] <... close resumed>) = 0 [pid 5699] chdir("./file0") = 0 [pid 5699] ioctl(4, LOOP_CLR_FD [pid 5051] getdents64(4, [pid 5047] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] newfstatat(3, "", [pid 5699] <... ioctl resumed>) = 0 [pid 5698] exit_group(0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] getdents64(3, [pid 5699] close(4 [pid 5698] <... exit_group resumed>) = ? [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] close(4 [pid 5047] newfstatat(AT_FDCWD, "./107/binderfs", [pid 5698] +++ exited with 0 +++ [pid 5051] <... close resumed>) = 0 [pid 5052] umount2("./103/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] rmdir("./103/file0" [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... rmdir resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./103/binderfs", [pid 5051] getdents64(3, [pid 5047] unlink("./107/binderfs" [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5698, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5699] <... close resumed>) = 0 [pid 5052] unlink("./103/binderfs" [pid 5051] close(3 [pid 5047] <... unlink resumed>) = 0 [pid 5699] exit_group(0 [pid 5051] <... close resumed>) = 0 [pid 5048] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... unlink resumed>) = 0 [pid 5051] rmdir("./103" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5699] <... exit_group resumed>) = ? [pid 5051] <... rmdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] mkdir("./104", 0777 [pid 5047] <... umount2 resumed>) = 0 [pid 5699] +++ exited with 0 +++ [pid 5051] <... mkdir resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5047] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(3, "", [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] newfstatat(AT_FDCWD, "./107/file0", [pid 5048] getdents64(3, [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5699, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5048] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... openat resumed>) = 3 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5048] newfstatat(AT_FDCWD, "./105/binderfs", [pid 5047] <... openat resumed>) = 4 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] newfstatat(4, "", [pid 5051] close(3 [pid 5049] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] unlink("./105/binderfs" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... unlink resumed>) = 0 [pid 5047] getdents64(4, [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... openat resumed>) = 3 [pid 5047] getdents64(4, ./strace-static-x86_64: Process 5701 attached [pid 5049] newfstatat(3, "", [pid 5701] set_robust_list(0x555556629660, 24 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5701] <... set_robust_list resumed>) = 0 [pid 5049] getdents64(3, [pid 5701] chdir("./104" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5701] <... chdir resumed>) = 0 [pid 5049] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5701] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(4 [pid 5701] <... prctl resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./107/binderfs", [pid 5047] <... close resumed>) = 0 [pid 5701] setpgid(0, 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] rmdir("./107/file0" [pid 5701] <... setpgid resumed>) = 0 [pid 5049] unlink("./107/binderfs" [pid 5047] <... rmdir resumed>) = 0 [pid 5701] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... unlink resumed>) = 0 [ 119.128240][ T5700] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5047] getdents64(3, [pid 5701] <... openat resumed>) = 3 [pid 5049] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5701 [pid 5047] close(3) = 0 [pid 5047] rmdir("./107" [pid 5052] <... umount2 resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5701] write(3, "1000", 4) = 4 [pid 5701] close(3) = 0 [pid 5701] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] mkdir("./108", 0777) = 0 [pid 5701] memfd_create("syzkaller", 0 [pid 5052] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5702 [pid 5701] <... memfd_create resumed>) = 3 [pid 5701] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./103/file0", ./strace-static-x86_64: Process 5702 attached [pid 5702] set_robust_list(0x555556629660, 24 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5702] <... set_robust_list resumed>) = 0 [pid 5702] chdir("./108" [pid 5052] umount2("./103/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5702] <... chdir resumed>) = 0 [pid 5048] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5702] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5702] <... prctl resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./105/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5702] setpgid(0, 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5702] <... setpgid resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... openat resumed>) = 4 [pid 5702] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... openat resumed>) = 4 [pid 5052] newfstatat(4, "", [pid 5702] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] newfstatat(4, "", [pid 5052] getdents64(4, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5702] write(3, "1000", 4 [pid 5048] getdents64(4, [pid 5702] <... write resumed>) = 4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5702] close(3 [pid 5048] close(4 [pid 5702] <... close resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5702] symlink("/dev/binderfs", "./binderfs" [pid 5048] rmdir("./105/file0" [pid 5702] <... symlink resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5702] memfd_create("syzkaller", 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5700] <... mount resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5700] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] getdents64(4, [pid 5700] <... openat resumed>) = 3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5702] <... memfd_create resumed>) = 3 [pid 5048] close(3) = 0 [pid 5048] rmdir("./105") = 0 [pid 5052] close(4) = 0 [pid 5702] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5700] chdir("./file0" [pid 5052] rmdir("./103/file0" [pid 5048] mkdir("./106", 0777 [pid 5700] <... chdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5700] ioctl(4, LOOP_CLR_FD [pid 5052] getdents64(3, [pid 5702] <... mmap resumed>) = 0x7f3b887a1000 [pid 5700] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5700] close(4 [pid 5052] close(3 [pid 5700] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5700] exit_group(0 [pid 5052] rmdir("./103" [pid 5049] <... umount2 resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5049] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] close(3 [pid 5049] newfstatat(AT_FDCWD, "./107/file0", [pid 5048] <... close resumed>) = 0 [pid 5700] <... exit_group resumed>) = ? [pid 5052] mkdir("./104", 0777 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5703 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5703 attached [pid 5049] getdents64(4, [pid 5703] set_robust_list(0x555556629660, 24 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./107/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./107" [pid 5700] +++ exited with 0 +++ [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] <... rmdir resumed>) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5700, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5049] mkdir("./108", 0777 [pid 5703] <... set_robust_list resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] <... mkdir resumed>) = 0 [pid 5703] chdir("./106" [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5703] <... chdir resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5704 [pid 5052] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5703] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5703] <... prctl resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5703] setpgid(0, 0 [pid 5050] <... openat resumed>) = 3 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5705 attached ./strace-static-x86_64: Process 5704 attached [pid 5703] <... setpgid resumed>) = 0 [pid 5701] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] newfstatat(3, "", [pid 5705] set_robust_list(0x555556629660, 24 [pid 5704] set_robust_list(0x555556629660, 24 [pid 5703] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5705 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5704] <... set_robust_list resumed>) = 0 [pid 5703] <... openat resumed>) = 3 [pid 5050] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5705] <... set_robust_list resumed>) = 0 [pid 5704] chdir("./108" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5705] chdir("./104" [pid 5704] <... chdir resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5705] <... chdir resumed>) = 0 [pid 5704] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5703] write(3, "1000", 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5705] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5704] <... prctl resumed>) = 0 [pid 5050] unlink("./104/binderfs" [pid 5705] <... prctl resumed>) = 0 [pid 5703] <... write resumed>) = 4 [pid 5704] setpgid(0, 0 [pid 5705] setpgid(0, 0 [pid 5050] <... unlink resumed>) = 0 [pid 5703] close(3 [pid 5050] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5705] <... setpgid resumed>) = 0 [pid 5703] <... close resumed>) = 0 [pid 5705] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5704] <... setpgid resumed>) = 0 [pid 5703] symlink("/dev/binderfs", "./binderfs" [pid 5704] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5704] write(3, "1000", 4) = 4 [pid 5704] close(3) = 0 [pid 5704] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5705] <... openat resumed>) = 3 [pid 5704] memfd_create("syzkaller", 0 [pid 5703] <... symlink resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5705] write(3, "1000", 4 [pid 5703] memfd_create("syzkaller", 0 [pid 5705] <... write resumed>) = 4 [pid 5703] <... memfd_create resumed>) = 3 [pid 5050] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5705] close(3 [pid 5703] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5705] <... close resumed>) = 0 [pid 5705] symlink("/dev/binderfs", "./binderfs" [pid 5704] <... memfd_create resumed>) = 3 [pid 5703] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] newfstatat(AT_FDCWD, "./104/file0", [pid 5704] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5704] <... mmap resumed>) = 0x7f3b887a1000 [pid 5705] <... symlink resumed>) = 0 [pid 5050] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5702] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5705] memfd_create("syzkaller", 0 [pid 5050] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5705] <... memfd_create resumed>) = 3 [pid 5050] getdents64(4, [pid 5705] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5705] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./104/file0" [pid 5701] <... write resumed>) = 2097152 [pid 5050] <... rmdir resumed>) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5701] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... close resumed>) = 0 [pid 5701] <... munmap resumed>) = 0 [pid 5050] rmdir("./104") = 0 [pid 5050] mkdir("./105", 0777) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5701] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... openat resumed>) = 3 [pid 5701] <... openat resumed>) = 4 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5701] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5706 attached [pid 5706] set_robust_list(0x555556629660, 24 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5706 [pid 5706] <... set_robust_list resumed>) = 0 [pid 5703] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5702] <... write resumed>) = 2097152 [pid 5706] chdir("./105") = 0 [pid 5706] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5706] setpgid(0, 0) = 0 [pid 5706] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5706] write(3, "1000", 4 [pid 5702] munmap(0x7f3b887a1000, 138412032 [pid 5706] <... write resumed>) = 4 [pid 5706] close(3) = 0 [pid 5706] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5702] <... munmap resumed>) = 0 [pid 5701] <... ioctl resumed>) = 0 [pid 5701] close(3 [pid 5706] memfd_create("syzkaller", 0 [pid 5704] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5701] <... close resumed>) = 0 [pid 5701] mkdir("./file0", 0777) = 0 [pid 5706] <... memfd_create resumed>) = 3 [pid 5702] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5706] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5702] <... openat resumed>) = 4 [pid 5701] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 119.460936][ T5701] loop4: detected capacity change from 0 to 4096 [pid 5702] ioctl(4, LOOP_SET_FD, 3 [pid 5705] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5702] <... ioctl resumed>) = 0 [pid 5702] close(3) = 0 [pid 5702] mkdir("./file0", 0777) = 0 [pid 5702] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5704] <... write resumed>) = 2097152 [pid 5703] <... write resumed>) = 2097152 [pid 5705] <... write resumed>) = 2097152 [pid 5703] munmap(0x7f3b887a1000, 138412032 [pid 5706] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5704] munmap(0x7f3b887a1000, 138412032) = 0 [ 119.517731][ T5702] loop0: detected capacity change from 0 to 4096 [ 119.523754][ T5701] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 119.549712][ T5702] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5704] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5705] munmap(0x7f3b887a1000, 138412032 [pid 5704] ioctl(4, LOOP_SET_FD, 3 [pid 5705] <... munmap resumed>) = 0 [pid 5703] <... munmap resumed>) = 0 [pid 5701] <... mount resumed>) = 0 [pid 5703] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5703] ioctl(4, LOOP_SET_FD, 3 [pid 5701] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5701] chdir("./file0") = 0 [pid 5701] ioctl(4, LOOP_CLR_FD) = 0 [pid 5701] close(4) = 0 [pid 5701] exit_group(0) = ? [pid 5701] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5701, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./104/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./104/binderfs") = 0 [pid 5705] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5704] <... ioctl resumed>) = 0 [pid 5051] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5706] <... write resumed>) = 2097152 [pid 5705] <... openat resumed>) = 4 [pid 5703] <... ioctl resumed>) = 0 [pid 5702] <... mount resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [ 119.600742][ T5704] loop2: detected capacity change from 0 to 4096 [ 119.612682][ T5703] loop1: detected capacity change from 0 to 4096 [pid 5705] ioctl(4, LOOP_SET_FD, 3 [pid 5704] close(3 [pid 5702] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5703] close(3 [pid 5702] <... openat resumed>) = 3 [pid 5051] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5706] munmap(0x7f3b887a1000, 138412032 [pid 5704] <... close resumed>) = 0 [pid 5703] <... close resumed>) = 0 [pid 5702] chdir("./file0" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5706] <... munmap resumed>) = 0 [pid 5704] mkdir("./file0", 0777 [pid 5703] mkdir("./file0", 0777 [pid 5702] <... chdir resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./104/file0", [pid 5705] <... ioctl resumed>) = 0 [pid 5703] <... mkdir resumed>) = 0 [pid 5702] ioctl(4, LOOP_CLR_FD [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5704] <... mkdir resumed>) = 0 [pid 5702] <... ioctl resumed>) = 0 [pid 5051] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5703] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5702] close(4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5706] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5705] close(3 [pid 5704] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5702] <... close resumed>) = 0 [pid 5706] <... openat resumed>) = 4 [pid 5705] <... close resumed>) = 0 [pid 5706] ioctl(4, LOOP_SET_FD, 3 [pid 5705] mkdir("./file0", 0777 [pid 5702] exit_group(0) = ? [pid 5051] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5706] <... ioctl resumed>) = 0 [pid 5705] <... mkdir resumed>) = 0 [pid 5702] +++ exited with 0 +++ [pid 5051] <... openat resumed>) = 4 [pid 5706] close(3 [pid 5705] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5706] <... close resumed>) = 0 [pid 5706] mkdir("./file0", 0777) = 0 [pid 5051] newfstatat(4, "", [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5702, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5706] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] close(4) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] rmdir("./104/file0" [pid 5047] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... rmdir resumed>) = 0 [ 119.643148][ T5705] loop5: detected capacity change from 0 to 4096 [ 119.654065][ T5703] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 119.664354][ T5706] loop3: detected capacity change from 0 to 4096 [ 119.666683][ T5704] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 119.682530][ T5705] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", [pid 5051] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5704] <... mount resumed>) = 0 [pid 5704] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5704] chdir("./file0") = 0 [pid 5704] ioctl(4, LOOP_CLR_FD) = 0 [pid 5047] getdents64(3, [pid 5703] <... mount resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5703] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] rmdir("./104" [pid 5047] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5703] <... openat resumed>) = 3 [pid 5703] chdir("./file0") = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5704] close(4 [pid 5047] newfstatat(AT_FDCWD, "./108/binderfs", [pid 5704] <... close resumed>) = 0 [pid 5703] ioctl(4, LOOP_CLR_FD [pid 5051] mkdir("./105", 0777 [pid 5704] exit_group(0 [pid 5703] <... ioctl resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5703] close(4 [pid 5047] unlink("./108/binderfs" [pid 5704] <... exit_group resumed>) = ? [pid 5703] <... close resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5705] <... mount resumed>) = 0 [pid 5704] +++ exited with 0 +++ [pid 5703] exit_group(0 [pid 5047] <... unlink resumed>) = 0 [pid 5706] <... mount resumed>) = 0 [pid 5705] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5703] <... exit_group resumed>) = ? [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5704, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5047] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5706] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5705] <... openat resumed>) = 3 [pid 5051] <... openat resumed>) = 3 [pid 5706] <... openat resumed>) = 3 [pid 5705] chdir("./file0" [pid 5706] chdir("./file0" [pid 5705] <... chdir resumed>) = 0 [pid 5706] <... chdir resumed>) = 0 [pid 5705] ioctl(4, LOOP_CLR_FD [pid 5706] ioctl(4, LOOP_CLR_FD [pid 5705] <... ioctl resumed>) = 0 [pid 5706] <... ioctl resumed>) = 0 [pid 5705] close(4) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5706] close(4) = 0 [pid 5705] exit_group(0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5706] exit_group(0 [pid 5705] <... exit_group resumed>) = ? [pid 5051] close(3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5706] <... exit_group resumed>) = ? [pid 5049] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5707 attached [pid 5705] +++ exited with 0 +++ [pid 5049] newfstatat(3, "", [pid 5707] set_robust_list(0x555556629660, 24 [pid 5703] +++ exited with 0 +++ [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5707 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5707] <... set_robust_list resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5705, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5049] getdents64(3, [pid 5707] chdir("./105" [pid 5706] +++ exited with 0 +++ [pid 5052] umount2("./104", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5703, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW [ 119.727075][ T5706] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5052] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5706, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5049] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5707] <... chdir resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5049] newfstatat(AT_FDCWD, "./108/binderfs", [pid 5048] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] getdents64(3, [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(AT_FDCWD, "./106/binderfs", [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5052] umount2("./104/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] unlink("./108/binderfs" [pid 5048] unlink("./106/binderfs" [pid 5707] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... unlink resumed>) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5048] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5707] setpgid(0, 0 [pid 5050] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] unlink("./104/binderfs" [pid 5707] <... setpgid resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5707] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... unlink resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5707] <... openat resumed>) = 3 [pid 5052] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 3 [pid 5707] write(3, "1000", 4 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5707] <... write resumed>) = 4 [pid 5050] getdents64(3, [pid 5707] close(3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5707] <... close resumed>) = 0 [pid 5050] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5707] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5707] <... symlink resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./105/binderfs", [pid 5707] memfd_create("syzkaller", 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5050] unlink("./105/binderfs" [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5707] <... memfd_create resumed>) = 3 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5707] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./108/file0" [pid 5707] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./108") = 0 [pid 5047] mkdir("./109", 0777) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] <... umount2 resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5049] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./108/file0", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] newfstatat(AT_FDCWD, "./105/file0", [pid 5049] getdents64(4, ./strace-static-x86_64: Process 5708 attached 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5708] set_robust_list(0x555556629660, 24 [pid 5049] getdents64(4, [pid 5708] <... set_robust_list resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5708 [pid 5708] chdir("./109" [pid 5049] close(4 [pid 5708] <... chdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5708] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] rmdir("./108/file0" [pid 5048] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5708] <... prctl resumed>) = 0 [pid 5050] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5708] setpgid(0, 0 [pid 5048] newfstatat(AT_FDCWD, "./106/file0", [pid 5708] <... setpgid resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... umount2 resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 4 [pid 5052] newfstatat(AT_FDCWD, "./104/file0", [pid 5050] newfstatat(4, "", [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] umount2("./104/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(4, [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5052] <... openat resumed>) = 4 [pid 5050] <... close resumed>) = 0 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5708] <... openat resumed>) = 3 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5708] write(3, "1000", 4 [pid 5052] getdents64(4, [pid 5049] close(3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5708] <... write resumed>) = 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] rmdir("./108" [pid 5048] <... openat resumed>) = 4 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5708] close(3 [pid 5050] rmdir("./105/file0" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5708] <... close resumed>) = 0 [pid 5052] close(4 [pid 5048] getdents64(4, [pid 5052] <... close resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] mkdir("./109", 0777 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5708] symlink("/dev/binderfs", "./binderfs" [pid 5052] rmdir("./104/file0" [pid 5049] <... mkdir resumed>) = 0 [pid 5048] getdents64(4, [pid 5708] <... symlink resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5050] getdents64(3, [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5708] memfd_create("syzkaller", 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5052] close(3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] rmdir("./106/file0" [pid 5708] <... memfd_create resumed>) = 3 [pid 5052] rmdir("./104" [pid 5050] close(3 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... rmdir resumed>) = 0 [pid 5708] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5050] <... close resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5708] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] mkdir("./105", 0777 [pid 5049] close(3 [pid 5050] rmdir("./105" [pid 5052] <... mkdir resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5048] getdents64(3, [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] mkdir("./106", 0777 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] <... mkdir resumed>) = 0 [pid 5048] close(3 [pid 5052] <... openat resumed>) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5709 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5710 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./106") = 0 ./strace-static-x86_64: Process 5709 attached ./strace-static-x86_64: Process 5710 attached [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] mkdir("./107", 0777 [pid 5710] set_robust_list(0x555556629660, 24 [pid 5048] <... mkdir resumed>) = 0 [pid 5710] <... set_robust_list resumed>) = 0 [pid 5710] chdir("./105") = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5709] set_robust_list(0x555556629660, 24 [pid 5710] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5710] <... prctl resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5710] setpgid(0, 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5710] <... setpgid resumed>) = 0 [pid 5048] close(3 [pid 5710] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... close resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5709] <... set_robust_list resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5709] chdir("./109" [pid 5050] close(3) = 0 [pid 5709] <... chdir resumed>) = 0 [pid 5710] <... openat resumed>) = 3 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5711 attached [pid 5710] write(3, "1000", 4 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5711 [pid 5711] set_robust_list(0x555556629660, 24 [pid 5710] <... write resumed>) = 4 [pid 5711] <... set_robust_list resumed>) = 0 [pid 5710] close(3 [pid 5711] chdir("./107" [pid 5710] <... close resumed>) = 0 [pid 5711] <... chdir resumed>) = 0 [pid 5710] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5712 attached [pid 5711] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5709] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5710] <... symlink resumed>) = 0 [pid 5711] <... prctl resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5712 [pid 5712] set_robust_list(0x555556629660, 24 [pid 5711] setpgid(0, 0 [pid 5709] <... prctl resumed>) = 0 [pid 5712] <... set_robust_list resumed>) = 0 [pid 5711] <... setpgid resumed>) = 0 [pid 5709] setpgid(0, 0 [pid 5712] chdir("./106" [pid 5711] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5710] memfd_create("syzkaller", 0 [pid 5712] <... chdir resumed>) = 0 [pid 5711] <... openat resumed>) = 3 [pid 5709] <... setpgid resumed>) = 0 [pid 5711] write(3, "1000", 4 [pid 5712] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5711] <... write resumed>) = 4 [pid 5709] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5710] <... memfd_create resumed>) = 3 [pid 5712] <... prctl resumed>) = 0 [pid 5711] close(3 [pid 5710] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5707] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5712] setpgid(0, 0 [pid 5711] <... close resumed>) = 0 [pid 5709] <... openat resumed>) = 3 [pid 5712] <... setpgid resumed>) = 0 [pid 5711] symlink("/dev/binderfs", "./binderfs" [pid 5710] <... mmap resumed>) = 0x7f3b887a1000 [pid 5712] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5711] <... symlink resumed>) = 0 [pid 5709] write(3, "1000", 4 [pid 5712] write(3, "1000", 4 [pid 5709] <... write resumed>) = 4 [pid 5712] <... write resumed>) = 4 [pid 5709] close(3 [pid 5712] close(3 [pid 5709] <... close resumed>) = 0 [pid 5712] <... close resumed>) = 0 [pid 5711] memfd_create("syzkaller", 0 [pid 5709] symlink("/dev/binderfs", "./binderfs" [pid 5712] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5711] <... memfd_create resumed>) = 3 [pid 5709] <... symlink resumed>) = 0 [pid 5711] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5709] memfd_create("syzkaller", 0 [pid 5712] memfd_create("syzkaller", 0 [pid 5709] <... memfd_create resumed>) = 3 [pid 5708] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5709] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5712] <... memfd_create resumed>) = 3 [pid 5712] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5707] <... write resumed>) = 2097152 [pid 5711] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5707] munmap(0x7f3b887a1000, 138412032 [pid 5710] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5707] <... munmap resumed>) = 0 [pid 5707] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5707] ioctl(4, LOOP_SET_FD, 3 [pid 5708] <... write resumed>) = 2097152 [pid 5708] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5712] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5709] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5707] <... ioctl resumed>) = 0 [pid 5708] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5708] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5707] close(3) = 0 [ 120.106201][ T5707] loop4: detected capacity change from 0 to 4096 [ 120.132568][ T5708] loop0: detected capacity change from 0 to 4096 [ 120.147690][ T5707] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5707] mkdir("./file0", 0777) = 0 [pid 5707] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5711] <... write resumed>) = 2097152 [pid 5708] close(3) = 0 [pid 5708] mkdir("./file0", 0777) = 0 [pid 5708] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5710] <... write resumed>) = 2097152 [pid 5710] munmap(0x7f3b887a1000, 138412032 [pid 5711] munmap(0x7f3b887a1000, 138412032 [pid 5710] <... munmap resumed>) = 0 [pid 5710] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5707] <... mount resumed>) = 0 [pid 5712] <... write resumed>) = 2097152 [pid 5711] <... munmap resumed>) = 0 [pid 5710] <... openat resumed>) = 4 [pid 5707] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5712] munmap(0x7f3b887a1000, 138412032 [pid 5710] ioctl(4, LOOP_SET_FD, 3 [pid 5711] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5711] ioctl(4, LOOP_SET_FD, 3 [pid 5712] <... munmap resumed>) = 0 [pid 5710] <... ioctl resumed>) = 0 [pid 5707] chdir("./file0" [pid 5712] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5710] close(3 [pid 5707] <... chdir resumed>) = 0 [pid 5707] ioctl(4, LOOP_CLR_FD [pid 5710] <... close resumed>) = 0 [pid 5707] <... ioctl resumed>) = 0 [pid 5712] <... openat resumed>) = 4 [pid 5710] mkdir("./file0", 0777 [pid 5707] close(4) = 0 [pid 5711] <... ioctl resumed>) = 0 [pid 5712] ioctl(4, LOOP_SET_FD, 3 [pid 5709] <... write resumed>) = 2097152 [pid 5710] <... mkdir resumed>) = 0 [pid 5707] exit_group(0) = ? [pid 5711] close(3) = 0 [ 120.178505][ T5708] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 120.207841][ T5710] loop5: detected capacity change from 0 to 4096 [ 120.208707][ T5711] loop1: detected capacity change from 0 to 4096 [pid 5710] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5707] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5707, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5711] mkdir("./file0", 0777 [pid 5709] munmap(0x7f3b887a1000, 138412032 [pid 5051] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5711] <... mkdir resumed>) = 0 [pid 5711] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5708] <... mount resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5712] <... ioctl resumed>) = 0 [pid 5709] <... munmap resumed>) = 0 [pid 5708] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] newfstatat(3, "", [pid 5712] close(3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5712] <... close resumed>) = 0 [pid 5051] getdents64(3, [pid 5712] mkdir("./file0", 0777 [pid 5708] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5708] chdir("./file0" [pid 5051] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5712] <... mkdir resumed>) = 0 [pid 5708] <... chdir resumed>) = 0 [pid 5712] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5708] ioctl(4, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5709] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5708] <... ioctl resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./105/binderfs", [pid 5709] <... openat resumed>) = 4 [pid 5708] close(4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 120.237132][ T5712] loop3: detected capacity change from 0 to 4096 [ 120.246059][ T5710] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 120.257202][ T5711] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 120.272545][ T5712] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5709] ioctl(4, LOOP_SET_FD, 3 [pid 5051] unlink("./105/binderfs" [pid 5709] <... ioctl resumed>) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5708] <... close resumed>) = 0 [pid 5051] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5708] exit_group(0) = ? [pid 5709] close(3) = 0 [pid 5711] <... mount resumed>) = 0 [pid 5709] mkdir("./file0", 0777 [pid 5711] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5709] <... mkdir resumed>) = 0 [pid 5711] <... openat resumed>) = 3 [pid 5709] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [ 120.285347][ T5709] loop2: detected capacity change from 0 to 4096 [pid 5711] chdir("./file0") = 0 [pid 5708] +++ exited with 0 +++ [pid 5711] ioctl(4, LOOP_CLR_FD) = 0 [pid 5711] close(4 [pid 5051] <... umount2 resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5708, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5711] <... close resumed>) = 0 [pid 5047] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5047] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5711] exit_group(0 [pid 5051] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 3 [pid 5711] <... exit_group resumed>) = ? [pid 5710] <... mount resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(3, "", [pid 5710] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] newfstatat(AT_FDCWD, "./105/file0", [pid 5709] <... mount resumed>) = 0 [pid 5710] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5712] <... mount resumed>) = 0 [pid 5709] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5710] chdir("./file0" [pid 5047] getdents64(3, [pid 5712] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5709] <... openat resumed>) = 3 [pid 5710] <... chdir resumed>) = 0 [pid 5051] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5712] <... openat resumed>) = 3 [pid 5709] chdir("./file0" [pid 5710] ioctl(4, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5712] chdir("./file0" [pid 5711] +++ exited with 0 +++ [pid 5709] <... chdir resumed>) = 0 [pid 5710] <... ioctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5712] <... chdir resumed>) = 0 [pid 5709] ioctl(4, LOOP_CLR_FD [pid 5710] close(4 [pid 5051] <... openat resumed>) = 4 [pid 5712] ioctl(4, LOOP_CLR_FD [pid 5709] <... ioctl resumed>) = 0 [pid 5710] <... close resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5047] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5712] <... ioctl resumed>) = 0 [pid 5709] close(4 [pid 5710] exit_group(0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5711, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5712] close(4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5712] <... close resumed>) = 0 [pid 5710] <... exit_group resumed>) = ? [ 120.314901][ T5709] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5051] getdents64(4, [pid 5712] exit_group(0 [pid 5710] +++ exited with 0 +++ [pid 5048] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] unlink("./109/binderfs" [pid 5712] <... exit_group resumed>) = ? [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... unlink resumed>) = 0 [pid 5709] <... close resumed>) = 0 [pid 5047] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5710, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5709] exit_group(0) = ? [pid 5051] getdents64(4, [pid 5048] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5048] <... openat resumed>) = 3 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./105/file0") = 0 [pid 5051] getdents64(3, [pid 5048] newfstatat(3, "", [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./105" [pid 5052] umount2("./105", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5712] +++ exited with 0 +++ [pid 5709] +++ exited with 0 +++ [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(3, [pid 5052] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... rmdir resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5709, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5052] <... openat resumed>) = 3 [pid 5051] mkdir("./106", 0777 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5712, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] newfstatat(3, "", [pid 5050] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] getdents64(3, [pid 5050] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... openat resumed>) = 3 [pid 5048] newfstatat(AT_FDCWD, "./107/binderfs", [pid 5052] umount2("./105/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(3, "", [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] newfstatat(AT_FDCWD, "./105/binderfs", [pid 5051] <... openat resumed>) = 3 [pid 5050] getdents64(3, [pid 5048] unlink("./107/binderfs" [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] unlink("./105/binderfs" [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... unlink resumed>) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5051] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./106/binderfs", [pid 5049] <... openat resumed>) = 3 [pid 5048] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] newfstatat(3, "", [pid 5050] unlink("./106/binderfs") = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, ./strace-static-x86_64: Process 5713 attached 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5713] set_robust_list(0x555556629660, 24 [pid 5049] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5713] <... set_robust_list resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5713] chdir("./106" [pid 5049] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5713] <... chdir resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5713 [pid 5048] <... umount2 resumed>) = 0 [pid 5713] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5713] setpgid(0, 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5713] <... setpgid resumed>) = 0 [pid 5049] unlink("./109/binderfs" [pid 5713] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5049] <... unlink resumed>) = 0 [pid 5048] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5713] write(3, "1000", 4) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./107/file0", [pid 5713] close(3) = 0 [pid 5713] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5713] memfd_create("syzkaller", 0) = 3 [pid 5713] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5048] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./106/file0", [pid 5048] newfstatat(4, "", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] newfstatat(AT_FDCWD, "./109/file0", [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(4, [pid 5047] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] getdents64(4, [pid 5047] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] newfstatat(AT_FDCWD, "./105/file0", [pid 5050] <... openat resumed>) = 4 [pid 5049] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] newfstatat(4, "", [pid 5048] close(4 [pid 5047] newfstatat(4, "", [pid 5052] umount2("./105/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] getdents64(4, [pid 5049] newfstatat(AT_FDCWD, "./109/file0", [pid 5048] <... close resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] getdents64(4, [pid 5052] <... openat resumed>) = 4 [pid 5050] getdents64(4, [pid 5048] rmdir("./107/file0" [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] newfstatat(4, "", [pid 5050] close(4 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... close resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] getdents64(4, [pid 5052] getdents64(4, [pid 5050] rmdir("./106/file0" [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(3, [pid 5052] getdents64(4, [pid 5050] <... rmdir resumed>) = 0 [pid 5047] close(4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(3, [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(4 [pid 5048] close(3 [pid 5052] <... close resumed>) = 0 [pid 5050] close(3 [pid 5049] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... close resumed>) = 0 [pid 5047] rmdir("./109/file0" [pid 5052] rmdir("./105/file0" [pid 5050] <... close resumed>) = 0 [pid 5048] rmdir("./107" [pid 5047] <... rmdir resumed>) = 0 [pid 5050] rmdir("./106" [pid 5048] <... rmdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5048] mkdir("./108", 0777 [pid 5050] mkdir("./107", 0777 [pid 5047] getdents64(3, [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3 [pid 5050] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... mkdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] close(3 [pid 5052] rmdir("./105" [pid 5048] <... openat resumed>) = 3 [pid 5047] <... close resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5047] rmdir("./109" [pid 5050] <... openat resumed>) = 3 [pid 5052] mkdir("./106", 0777 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5049] <... openat resumed>) = 4 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5047] <... rmdir resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] newfstatat(4, "", [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] close(3 [pid 5047] mkdir("./110", 0777 [pid 5052] <... openat resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] close(3 [pid 5713] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... mkdir resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] getdents64(4, [pid 5048] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] close(3 [pid 5049] getdents64(4, [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5714 attached [pid 5714] set_robust_list(0x555556629660, 24 [pid 5047] <... openat resumed>) = 3 [pid 5714] <... set_robust_list resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5715 attached [pid 5714] chdir("./107" [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5714 [pid 5049] close(4 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5715 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5715] set_robust_list(0x555556629660, 24 [pid 5714] <... chdir resumed>) = 0 [pid 5714] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5715] <... set_robust_list resumed>) = 0 [pid 5714] <... prctl resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5047] close(3./strace-static-x86_64: Process 5716 attached [pid 5715] chdir("./108" [pid 5714] setpgid(0, 0 [pid 5049] rmdir("./109/file0" [pid 5047] <... close resumed>) = 0 [pid 5716] set_robust_list(0x555556629660, 24 [pid 5714] <... setpgid resumed>) = 0 [pid 5716] <... set_robust_list resumed>) = 0 [pid 5714] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... rmdir resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5716] chdir("./106" [pid 5715] <... chdir resumed>) = 0 [pid 5714] <... openat resumed>) = 3 [pid 5716] <... chdir resumed>) = 0 [pid 5714] write(3, "1000", 4 [pid 5715] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5716] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5714] <... write resumed>) = 4 [pid 5716] <... prctl resumed>) = 0 [pid 5714] close(3 [pid 5716] setpgid(0, 0 [pid 5714] <... close resumed>) = 0 [pid 5716] <... setpgid resumed>) = 0 [pid 5714] symlink("/dev/binderfs", "./binderfs" [pid 5716] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5714] <... symlink resumed>) = 0 [pid 5716] <... openat resumed>) = 3 [pid 5715] <... prctl resumed>) = 0 [pid 5714] memfd_create("syzkaller", 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5716 [pid 5049] getdents64(3, ./strace-static-x86_64: Process 5717 attached [pid 5716] write(3, "1000", 4 [pid 5715] setpgid(0, 0 [pid 5714] <... memfd_create resumed>) = 3 [pid 5713] <... write resumed>) = 2097152 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5717 [pid 5717] set_robust_list(0x555556629660, 24 [pid 5716] <... write resumed>) = 4 [pid 5715] <... setpgid resumed>) = 0 [pid 5714] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] close(3 [pid 5717] <... set_robust_list resumed>) = 0 [pid 5716] close(3 [pid 5715] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5714] <... mmap resumed>) = 0x7f3b887a1000 [pid 5713] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... close resumed>) = 0 [pid 5717] chdir("./110" [pid 5716] <... close resumed>) = 0 [pid 5717] <... chdir resumed>) = 0 [pid 5716] symlink("/dev/binderfs", "./binderfs" [pid 5715] <... openat resumed>) = 3 [pid 5049] rmdir("./109" [pid 5717] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5715] write(3, "1000", 4 [pid 5717] <... prctl resumed>) = 0 [pid 5716] <... symlink resumed>) = 0 [pid 5715] <... write resumed>) = 4 [pid 5713] <... munmap resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5717] setpgid(0, 0 [pid 5716] memfd_create("syzkaller", 0 [pid 5715] close(3 [pid 5049] mkdir("./110", 0777 [pid 5717] <... setpgid resumed>) = 0 [pid 5715] <... close resumed>) = 0 [pid 5717] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5715] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5717] <... openat resumed>) = 3 [pid 5716] <... memfd_create resumed>) = 3 [pid 5716] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5717] write(3, "1000", 4 [pid 5716] <... mmap resumed>) = 0x7f3b887a1000 [pid 5717] <... write resumed>) = 4 [pid 5715] memfd_create("syzkaller", 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5717] close(3 [pid 5715] <... memfd_create resumed>) = 3 [pid 5717] <... close resumed>) = 0 [pid 5715] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5717] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5713] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... openat resumed>) = 3 [pid 5713] <... openat resumed>) = 4 [pid 5713] ioctl(4, LOOP_SET_FD, 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5717] memfd_create("syzkaller", 0 [pid 5715] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5714] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5717] <... memfd_create resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5713] <... ioctl resumed>) = 0 [pid 5713] close(3) = 0 ./strace-static-x86_64: Process 5718 attached [pid 5718] set_robust_list(0x555556629660, 24 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5718 [pid 5718] <... set_robust_list resumed>) = 0 [pid 5718] chdir("./110" [pid 5717] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5718] <... chdir resumed>) = 0 [pid 5718] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5717] <... mmap resumed>) = 0x7f3b887a1000 [pid 5713] mkdir("./file0", 0777 [pid 5718] setpgid(0, 0 [pid 5713] <... mkdir resumed>) = 0 [pid 5718] <... setpgid resumed>) = 0 [pid 5718] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5713] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5718] <... openat resumed>) = 3 [pid 5718] write(3, "1000", 4) = 4 [pid 5718] close(3) = 0 [pid 5718] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5718] memfd_create("syzkaller", 0) = 3 [pid 5716] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [ 120.638032][ T5713] loop4: detected capacity change from 0 to 4096 [ 120.674533][ T5713] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5715] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5714] <... write resumed>) = 2097152 [pid 5714] munmap(0x7f3b887a1000, 138412032 [pid 5717] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5714] <... munmap resumed>) = 0 [pid 5713] <... mount resumed>) = 0 [pid 5714] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5718] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5714] ioctl(4, LOOP_SET_FD, 3 [pid 5713] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5713] chdir("./file0") = 0 [pid 5713] ioctl(4, LOOP_CLR_FD [pid 5715] <... write resumed>) = 2097152 [pid 5715] munmap(0x7f3b887a1000, 138412032 [pid 5713] <... ioctl resumed>) = 0 [pid 5713] close(4) = 0 [pid 5713] exit_group(0) = ? [pid 5713] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5713, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5715] <... munmap resumed>) = 0 [pid 5714] <... ioctl resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5717] <... write resumed>) = 2097152 [pid 5716] <... write resumed>) = 2097152 [pid 5715] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5714] close(3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5716] munmap(0x7f3b887a1000, 138412032 [pid 5051] getdents64(3, [pid 5716] <... munmap resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5715] <... openat resumed>) = 4 [pid 5714] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./106/binderfs", [pid 5714] mkdir("./file0", 0777 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./106/binderfs") = 0 [pid 5051] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5714] <... mkdir resumed>) = 0 [pid 5717] munmap(0x7f3b887a1000, 138412032 [pid 5716] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5715] ioctl(4, LOOP_SET_FD, 3 [ 120.773318][ T5714] loop3: detected capacity change from 0 to 4096 [pid 5714] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] <... umount2 resumed>) = 0 [pid 5717] <... munmap resumed>) = 0 [pid 5716] <... openat resumed>) = 4 [pid 5715] <... ioctl resumed>) = 0 [pid 5717] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5716] ioctl(4, LOOP_SET_FD, 3 [pid 5715] close(3 [pid 5051] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5718] <... write resumed>) = 2097152 [pid 5717] <... openat resumed>) = 4 [pid 5715] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5718] munmap(0x7f3b887a1000, 138412032 [pid 5717] ioctl(4, LOOP_SET_FD, 3 [pid 5715] mkdir("./file0", 0777 [pid 5051] newfstatat(AT_FDCWD, "./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./106/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3 [pid 5715] <... mkdir resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5715] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] rmdir("./106") = 0 [pid 5051] mkdir("./107", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 120.817519][ T5715] loop1: detected capacity change from 0 to 4096 [ 120.834098][ T5714] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 120.834765][ T5716] loop5: detected capacity change from 0 to 4096 [ 120.850449][ T5717] loop0: detected capacity change from 0 to 4096 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5718] <... munmap resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5719 [pid 5717] <... ioctl resumed>) = 0 [pid 5717] close(3 [pid 5718] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5717] <... close resumed>) = 0 [pid 5717] mkdir("./file0", 0777./strace-static-x86_64: Process 5719 attached [pid 5718] <... openat resumed>) = 4 [pid 5716] <... ioctl resumed>) = 0 [pid 5719] set_robust_list(0x555556629660, 24 [pid 5718] ioctl(4, LOOP_SET_FD, 3 [pid 5717] <... mkdir resumed>) = 0 [pid 5716] close(3 [pid 5719] <... set_robust_list resumed>) = 0 [pid 5716] <... close resumed>) = 0 [pid 5719] chdir("./107" [pid 5716] mkdir("./file0", 0777 [pid 5719] <... chdir resumed>) = 0 [pid 5716] <... mkdir resumed>) = 0 [pid 5719] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5719] setpgid(0, 0 [pid 5716] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5719] <... setpgid resumed>) = 0 [pid 5719] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5717] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5719] write(3, "1000", 4) = 4 [pid 5719] close(3) = 0 [pid 5719] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5718] <... ioctl resumed>) = 0 [pid 5718] close(3) = 0 [pid 5719] memfd_create("syzkaller", 0 [pid 5718] mkdir("./file0", 0777 [pid 5719] <... memfd_create resumed>) = 3 [pid 5718] <... mkdir resumed>) = 0 [pid 5719] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5718] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5714] <... mount resumed>) = 0 [ 120.863411][ T5715] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 120.881181][ T5718] loop2: detected capacity change from 0 to 4096 [ 120.887641][ T5716] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 120.900568][ T5717] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5719] <... mmap resumed>) = 0x7f3b887a1000 [pid 5714] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5716] <... mount resumed>) = 0 [pid 5714] chdir("./file0") = 0 [pid 5714] ioctl(4, LOOP_CLR_FD) = 0 [pid 5714] close(4) = 0 [pid 5716] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5714] exit_group(0 [pid 5716] <... openat resumed>) = 3 [pid 5714] <... exit_group resumed>) = ? [pid 5714] +++ exited with 0 +++ [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5714, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5050] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5716] chdir("./file0" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5716] <... chdir resumed>) = 0 [pid 5716] ioctl(4, LOOP_CLR_FD [pid 5050] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", [pid 5716] <... ioctl resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5716] close(4 [pid 5050] getdents64(3, [pid 5716] <... close resumed>) = 0 [pid 5716] exit_group(0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5716] <... exit_group resumed>) = ? [pid 5050] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5716] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5716, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5050] unlink("./107/binderfs") = 0 [pid 5052] umount2("./106", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5717] <... mount resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./106/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5717] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./106/binderfs", [pid 5715] <... mount resumed>) = 0 [pid 5717] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./106/binderfs" [pid 5717] chdir("./file0" [pid 5052] <... unlink resumed>) = 0 [pid 5717] <... chdir resumed>) = 0 [pid 5715] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5717] ioctl(4, LOOP_CLR_FD [pid 5715] chdir("./file0" [ 120.946847][ T5718] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5718] <... mount resumed>) = 0 [pid 5717] <... ioctl resumed>) = 0 [pid 5715] <... chdir resumed>) = 0 [pid 5718] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5717] close(4 [pid 5715] ioctl(4, LOOP_CLR_FD [pid 5718] chdir("./file0") = 0 [pid 5718] ioctl(4, LOOP_CLR_FD) = 0 [pid 5718] close(4 [pid 5715] <... ioctl resumed>) = 0 [pid 5717] <... close resumed>) = 0 [pid 5718] <... close resumed>) = 0 [pid 5718] exit_group(0 [pid 5717] exit_group(0) = ? [pid 5718] <... exit_group resumed>) = ? [pid 5717] +++ exited with 0 +++ [pid 5715] close(4) = 0 [pid 5718] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5717, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5715] exit_group(0 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5718, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5715] <... exit_group resumed>) = ? [pid 5047] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5715] +++ exited with 0 +++ [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] newfstatat(AT_FDCWD, "./110/binderfs", [pid 5050] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5719] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] unlink("./110/binderfs" [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5715, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5047] newfstatat(3, "", [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./107/file0", [pid 5048] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] newfstatat(AT_FDCWD, "./106/file0", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(3, [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./106/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... unlink resumed>) = 0 [pid 5047] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./110/binderfs") = 0 [pid 5047] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] newfstatat(3, "", [pid 5052] <... openat resumed>) = 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] newfstatat(4, "", [pid 5048] getdents64(3, [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] getdents64(4, [pid 5048] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] getdents64(4, [pid 5050] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] newfstatat(AT_FDCWD, "./108/binderfs", [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] close(4 [pid 5050] newfstatat(4, "", [pid 5048] unlink("./108/binderfs" [pid 5052] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5052] rmdir("./106/file0" [pid 5050] getdents64(4, [pid 5048] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./106") = 0 [pid 5047] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] mkdir("./107", 0777 [pid 5047] newfstatat(AT_FDCWD, "./110/file0", [pid 5052] <... mkdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5050] rmdir("./107/file0" [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] <... rmdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] getdents64(3, [pid 5047] <... openat resumed>) = 4 [pid 5052] close(3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] newfstatat(4, "", [pid 5052] <... close resumed>) = 0 [pid 5050] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... close resumed>) = 0 [pid 5047] getdents64(4, [pid 5050] rmdir("./107" [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... rmdir resumed>) = 0 [pid 5047] getdents64(4, [pid 5050] mkdir("./108", 0777 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5047] close(4) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] rmdir("./110/file0" [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5720 [pid 5050] <... openat resumed>) = 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] close(3 [pid 5050] close(3 [pid 5047] <... close resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5047] rmdir("./110" [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... rmdir resumed>) = 0 [pid 5047] mkdir("./111", 0777) = 0 ./strace-static-x86_64: Process 5720 attached [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5720] set_robust_list(0x555556629660, 24 [pid 5047] <... openat resumed>) = 3 [pid 5720] <... set_robust_list resumed>) = 0 [pid 5720] chdir("./107" [pid 5047] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5721 attached ) = -1 ENXIO (No such device or address) [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5721 [pid 5047] close(3 [pid 5721] set_robust_list(0x555556629660, 24 [pid 5047] <... close resumed>) = 0 [pid 5721] <... set_robust_list resumed>) = 0 [pid 5720] <... chdir resumed>) = 0 [pid 5720] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5721] chdir("./108" [pid 5720] <... prctl resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5720] setpgid(0, 0 [pid 5721] <... chdir resumed>) = 0 [pid 5720] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5722 attached [pid 5721] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5720] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5722] set_robust_list(0x555556629660, 24 [pid 5721] <... prctl resumed>) = 0 [pid 5720] <... openat resumed>) = 3 [pid 5721] setpgid(0, 0) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5722 [pid 5722] <... set_robust_list resumed>) = 0 [pid 5721] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... umount2 resumed>) = 0 [pid 5722] chdir("./111" [pid 5720] write(3, "1000", 4 [pid 5721] <... openat resumed>) = 3 [pid 5720] <... write resumed>) = 4 [pid 5722] <... chdir resumed>) = 0 [pid 5721] write(3, "1000", 4 [pid 5720] close(3 [pid 5722] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5721] <... write resumed>) = 4 [pid 5720] <... close resumed>) = 0 [pid 5719] <... write resumed>) = 2097152 [pid 5722] <... prctl resumed>) = 0 [pid 5720] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... umount2 resumed>) = 0 [pid 5721] close(3) = 0 [pid 5720] <... symlink resumed>) = 0 [pid 5722] setpgid(0, 0 [pid 5721] symlink("/dev/binderfs", "./binderfs" [pid 5720] memfd_create("syzkaller", 0 [pid 5049] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5722] <... setpgid resumed>) = 0 [pid 5721] <... symlink resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./108/file0", [pid 5049] newfstatat(AT_FDCWD, "./110/file0", [pid 5722] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5721] memfd_create("syzkaller", 0 [pid 5719] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5722] <... openat resumed>) = 3 [pid 5720] <... memfd_create resumed>) = 3 [pid 5049] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5722] write(3, "1000", 4 [pid 5720] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... openat resumed>) = 4 [pid 5048] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5722] <... write resumed>) = 4 [pid 5720] <... mmap resumed>) = 0x7f3b887a1000 [pid 5722] close(3 [pid 5721] <... memfd_create resumed>) = 3 [pid 5049] newfstatat(4, "", [pid 5048] <... openat resumed>) = 4 [pid 5721] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5719] <... munmap resumed>) = 0 [pid 5721] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] newfstatat(4, "", [pid 5049] getdents64(4, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5722] <... close resumed>) = 0 [pid 5719] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, [pid 5722] symlink("/dev/binderfs", "./binderfs" [pid 5719] <... openat resumed>) = 4 [pid 5049] getdents64(4, [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5719] ioctl(4, LOOP_SET_FD, 3 [pid 5722] <... symlink resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(4, [pid 5722] memfd_create("syzkaller", 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5048] close(4 [pid 5722] <... memfd_create resumed>) = 3 [pid 5722] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5049] rmdir("./110/file0" [pid 5048] <... close resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] rmdir("./108/file0" [pid 5049] getdents64(3, [pid 5048] <... rmdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(3, [pid 5049] close(3) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] rmdir("./110" [pid 5048] close(3 [pid 5719] <... ioctl resumed>) = 0 [pid 5719] close(3 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5719] <... close resumed>) = 0 [pid 5048] rmdir("./108" [pid 5719] mkdir("./file0", 0777) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] mkdir("./109", 0777 [pid 5719] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5048] <... mkdir resumed>) = 0 [ 121.174766][ T5719] loop4: detected capacity change from 0 to 4096 [pid 5049] mkdir("./111", 0777 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5720] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... close resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5723 attached [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5723] set_robust_list(0x555556629660, 24) = 0 [pid 5049] <... close resumed>) = 0 [pid 5723] chdir("./109" [pid 5721] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5723] <... chdir resumed>) = 0 [pid 5723] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5723] setpgid(0, 0) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5723 [ 121.236112][ T5719] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 5724 attached [pid 5723] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5719] <... mount resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5724 [pid 5724] set_robust_list(0x555556629660, 24 [pid 5722] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5724] <... set_robust_list resumed>) = 0 [pid 5724] chdir("./111") = 0 [pid 5723] <... openat resumed>) = 3 [pid 5724] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5719] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5724] <... prctl resumed>) = 0 [pid 5724] setpgid(0, 0) = 0 [pid 5724] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5723] write(3, "1000", 4 [pid 5719] <... openat resumed>) = 3 [pid 5724] <... openat resumed>) = 3 [pid 5723] <... write resumed>) = 4 [pid 5719] chdir("./file0" [pid 5724] write(3, "1000", 4 [pid 5723] close(3 [pid 5719] <... chdir resumed>) = 0 [pid 5724] <... write resumed>) = 4 [pid 5723] <... close resumed>) = 0 [pid 5719] ioctl(4, LOOP_CLR_FD [pid 5724] close(3 [pid 5723] symlink("/dev/binderfs", "./binderfs" [pid 5719] <... ioctl resumed>) = 0 [pid 5724] <... close resumed>) = 0 [pid 5724] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5723] <... symlink resumed>) = 0 [pid 5719] close(4 [pid 5724] memfd_create("syzkaller", 0 [pid 5719] <... close resumed>) = 0 [pid 5719] exit_group(0) = ? [pid 5724] <... memfd_create resumed>) = 3 [pid 5724] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5723] memfd_create("syzkaller", 0 [pid 5719] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5719, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5051] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5723] <... memfd_create resumed>) = 3 [pid 5051] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5723] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5051] <... openat resumed>) = 3 [pid 5721] <... write resumed>) = 2097152 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5720] <... write resumed>) = 2097152 [pid 5051] getdents64(3, [pid 5721] munmap(0x7f3b887a1000, 138412032 [pid 5720] munmap(0x7f3b887a1000, 138412032 [pid 5721] <... munmap resumed>) = 0 [pid 5720] <... munmap resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5721] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5051] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5722] <... write resumed>) = 2097152 [pid 5721] <... openat resumed>) = 4 [pid 5720] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5721] ioctl(4, LOOP_SET_FD, 3 [pid 5051] newfstatat(AT_FDCWD, "./107/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5720] <... openat resumed>) = 4 [pid 5720] ioctl(4, LOOP_SET_FD, 3 [pid 5721] <... ioctl resumed>) = 0 [pid 5051] unlink("./107/binderfs" [pid 5722] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5722] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5722] <... openat resumed>) = 4 [pid 5722] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5051] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5721] close(3) = 0 [pid 5721] mkdir("./file0", 0777) = 0 [ 121.373595][ T5721] loop3: detected capacity change from 0 to 4096 [ 121.374365][ T5720] loop5: detected capacity change from 0 to 4096 [ 121.404022][ T5722] loop0: detected capacity change from 0 to 4096 [pid 5051] newfstatat(AT_FDCWD, "./107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5721] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] <... openat resumed>) = 4 [pid 5724] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5722] <... ioctl resumed>) = 0 [pid 5722] close(3) = 0 [pid 5722] mkdir("./file0", 0777 [pid 5720] <... ioctl resumed>) = 0 [pid 5722] <... mkdir resumed>) = 0 [pid 5720] close(3) = 0 [pid 5722] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5720] mkdir("./file0", 0777) = 0 [pid 5723] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5724] <... write resumed>) = 2097152 [pid 5720] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./107/file0") = 0 [pid 5051] getdents64(3, [pid 5724] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./107") = 0 [pid 5051] mkdir("./108", 0777 [pid 5724] <... munmap resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5721] <... mount resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 5724] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... close resumed>) = 0 [pid 5724] <... openat resumed>) = 4 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5725 attached [pid 5724] ioctl(4, LOOP_SET_FD, 3 [ 121.418507][ T5721] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 121.438604][ T5722] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 121.462818][ T5720] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5721] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5725] set_robust_list(0x555556629660, 24 [pid 5721] <... openat resumed>) = 3 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5725 [pid 5725] <... set_robust_list resumed>) = 0 [pid 5725] chdir("./108") = 0 [pid 5725] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5721] chdir("./file0" [pid 5725] <... prctl resumed>) = 0 [pid 5724] <... ioctl resumed>) = 0 [pid 5721] <... chdir resumed>) = 0 [pid 5721] ioctl(4, LOOP_CLR_FD) = 0 [pid 5723] <... write resumed>) = 2097152 [pid 5721] close(4 [pid 5725] setpgid(0, 0 [pid 5724] close(3 [pid 5723] munmap(0x7f3b887a1000, 138412032 [pid 5722] <... mount resumed>) = 0 [pid 5721] <... close resumed>) = 0 [pid 5720] <... mount resumed>) = 0 [pid 5725] <... setpgid resumed>) = 0 [pid 5724] <... close resumed>) = 0 [pid 5722] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5725] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5724] mkdir("./file0", 0777 [pid 5722] <... openat resumed>) = 3 [pid 5725] <... openat resumed>) = 3 [pid 5724] <... mkdir resumed>) = 0 [pid 5722] chdir("./file0" [pid 5721] exit_group(0 [pid 5720] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5722] <... chdir resumed>) = 0 [pid 5722] ioctl(4, LOOP_CLR_FD) = 0 [pid 5722] close(4 [pid 5725] write(3, "1000", 4 [pid 5722] <... close resumed>) = 0 [pid 5725] <... write resumed>) = 4 [pid 5722] exit_group(0 [pid 5721] <... exit_group resumed>) = ? [pid 5720] <... openat resumed>) = 3 [pid 5725] close(3 [pid 5724] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5722] <... exit_group resumed>) = ? [pid 5720] chdir("./file0" [pid 5725] <... close resumed>) = 0 [pid 5722] +++ exited with 0 +++ [pid 5721] +++ exited with 0 +++ [pid 5720] <... chdir resumed>) = 0 [pid 5725] symlink("/dev/binderfs", "./binderfs" [pid 5723] <... munmap resumed>) = 0 [pid 5720] ioctl(4, LOOP_CLR_FD [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5721, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5722, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5725] <... symlink resumed>) = 0 [pid 5723] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5720] <... ioctl resumed>) = 0 [pid 5725] memfd_create("syzkaller", 0 [pid 5723] <... openat resumed>) = 4 [ 121.492801][ T5724] loop2: detected capacity change from 0 to 4096 [ 121.525431][ T5724] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5720] close(4 [pid 5723] ioctl(4, LOOP_SET_FD, 3 [pid 5720] <... close resumed>) = 0 [pid 5720] exit_group(0 [pid 5050] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 3 [pid 5047] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5725] <... memfd_create resumed>) = 3 [pid 5050] newfstatat(3, "", [pid 5725] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] <... openat resumed>) = 3 [pid 5725] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5720] <... exit_group resumed>) = ? [pid 5050] getdents64(3, [pid 5047] newfstatat(3, "", [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(3, [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5720] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5720, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5050] newfstatat(AT_FDCWD, "./108/binderfs", [pid 5047] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] umount2("./107", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] unlink("./108/binderfs" [pid 5047] newfstatat(AT_FDCWD, "./111/binderfs", [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... unlink resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5047] unlink("./111/binderfs" [pid 5052] newfstatat(3, "", [pid 5047] <... unlink resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./107/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 121.539848][ T5723] loop1: detected capacity change from 0 to 4096 [pid 5052] newfstatat(AT_FDCWD, "./107/binderfs", [pid 5723] <... ioctl resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5723] close(3) = 0 [pid 5723] mkdir("./file0", 0777 [pid 5052] unlink("./107/binderfs") = 0 [pid 5052] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./108/file0", [pid 5723] <... mkdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, [pid 5723] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./108/file0") = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./108") = 0 [pid 5050] mkdir("./109", 0777) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] <... umount2 resumed>) = 0 [pid 5047] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] <... umount2 resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5047] newfstatat(4, "", [pid 5725] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./111/file0") = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] getdents64(3, [pid 5050] close(3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... close resumed>) = 0 [pid 5047] close(3 [pid 5052] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] rmdir("./111" [pid 5052] newfstatat(AT_FDCWD, "./107/file0", [pid 5047] <... rmdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] mkdir("./112", 0777 [pid 5052] umount2("./107/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... mkdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5726 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... openat resumed>) = 3 [pid 5052] <... openat resumed>) = 4 [pid 5052] newfstatat(4, "", [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] close(3 [pid 5052] getdents64(4, ./strace-static-x86_64: Process 5726 attached 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4 [pid 5047] <... close resumed>) = 0 [pid 5726] set_robust_list(0x555556629660, 24 [pid 5052] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5726] <... set_robust_list resumed>) = 0 [pid 5052] rmdir("./107/file0" [pid 5726] chdir("./109" [pid 5052] <... rmdir resumed>) = 0 [pid 5726] <... chdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5726] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5726] <... prctl resumed>) = 0 [pid 5052] close(3./strace-static-x86_64: Process 5727 attached [pid 5726] setpgid(0, 0 [pid 5052] <... close resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5727 [pid 5727] set_robust_list(0x555556629660, 24 [pid 5726] <... setpgid resumed>) = 0 [pid 5052] rmdir("./107" [pid 5727] <... set_robust_list resumed>) = 0 [pid 5726] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... rmdir resumed>) = 0 [pid 5727] chdir("./112" [pid 5726] <... openat resumed>) = 3 [pid 5052] mkdir("./108", 0777 [pid 5727] <... chdir resumed>) = 0 [pid 5726] write(3, "1000", 4 [pid 5052] <... mkdir resumed>) = 0 [pid 5727] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5726] <... write resumed>) = 4 [ 121.598638][ T5723] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5724] <... mount resumed>) = 0 [pid 5727] <... prctl resumed>) = 0 [pid 5726] close(3 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5727] setpgid(0, 0 [pid 5726] <... close resumed>) = 0 [pid 5727] <... setpgid resumed>) = 0 [pid 5726] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... openat resumed>) = 3 [pid 5727] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5726] <... symlink resumed>) = 0 [pid 5724] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5727] <... openat resumed>) = 3 [pid 5726] memfd_create("syzkaller", 0 [pid 5724] <... openat resumed>) = 3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5727] write(3, "1000", 4 [pid 5724] chdir("./file0" [pid 5052] <... close resumed>) = 0 [pid 5727] <... write resumed>) = 4 [pid 5724] <... chdir resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5724] ioctl(4, LOOP_CLR_FD [pid 5727] close(3 [pid 5724] <... ioctl resumed>) = 0 [pid 5727] <... close resumed>) = 0 [pid 5724] close(4 [pid 5727] symlink("/dev/binderfs", "./binderfs" [pid 5724] <... close resumed>) = 0 [pid 5727] <... symlink resumed>) = 0 [pid 5726] <... memfd_create resumed>) = 3 [pid 5724] exit_group(0./strace-static-x86_64: Process 5728 attached [pid 5727] memfd_create("syzkaller", 0 [pid 5726] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5724] <... exit_group resumed>) = ? [pid 5723] <... mount resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5728 [pid 5728] set_robust_list(0x555556629660, 24 [pid 5723] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5728] <... set_robust_list resumed>) = 0 [pid 5726] <... mmap resumed>) = 0x7f3b887a1000 [pid 5724] +++ exited with 0 +++ [pid 5728] chdir("./108" [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5724, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5049] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5728] <... chdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5728] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5723] <... openat resumed>) = 3 [pid 5049] <... openat resumed>) = 3 [pid 5728] <... prctl resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5728] setpgid(0, 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5728] <... setpgid resumed>) = 0 [pid 5049] getdents64(3, [pid 5728] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5727] <... memfd_create resumed>) = 3 [pid 5727] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5728] <... openat resumed>) = 3 [pid 5727] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5728] write(3, "1000", 4 [pid 5723] chdir("./file0" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5728] <... write resumed>) = 4 [pid 5728] close(3 [pid 5723] <... chdir resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./111/binderfs", [pid 5723] ioctl(4, LOOP_CLR_FD) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5725] <... write resumed>) = 2097152 [pid 5049] unlink("./111/binderfs" [pid 5728] <... close resumed>) = 0 [pid 5728] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5723] close(4 [pid 5049] <... unlink resumed>) = 0 [pid 5723] <... close resumed>) = 0 [pid 5728] memfd_create("syzkaller", 0 [pid 5049] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5723] exit_group(0 [pid 5049] <... umount2 resumed>) = 0 [pid 5728] <... memfd_create resumed>) = 3 [pid 5049] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5728] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5728] <... mmap resumed>) = 0x7f3b887a1000 [pid 5723] <... exit_group resumed>) = ? [pid 5049] newfstatat(AT_FDCWD, "./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5725] munmap(0x7f3b887a1000, 138412032 [pid 5723] +++ exited with 0 +++ [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5723, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5048] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, [pid 5049] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... openat resumed>) = 4 [pid 5048] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(4, "", [pid 5048] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] getdents64(4, [pid 5048] unlink("./109/binderfs" [pid 5725] <... munmap resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... unlink resumed>) = 0 [pid 5049] getdents64(4, [pid 5048] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./111/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./111") = 0 [pid 5049] mkdir("./112", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5725] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5725] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5048] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] newfstatat(AT_FDCWD, "./109/file0", [pid 5726] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] close(3 [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, [pid 5049] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] rmdir("./109/file0") = 0 [pid 5048] getdents64(3, [pid 5725] close(3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5725] <... close resumed>) = 0 [pid 5048] close(3 [pid 5725] mkdir("./file0", 0777 [pid 5048] <... close resumed>) = 0 ./strace-static-x86_64: Process 5729 attached [pid 5725] <... mkdir resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5729 [pid 5048] rmdir("./109" [pid 5729] set_robust_list(0x555556629660, 24 [ 121.794026][ T5725] loop4: detected capacity change from 0 to 4096 [pid 5725] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5048] <... rmdir resumed>) = 0 [pid 5729] <... set_robust_list resumed>) = 0 [pid 5727] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5729] chdir("./112" [pid 5048] mkdir("./110", 0777 [pid 5729] <... chdir resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5729] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5729] <... prctl resumed>) = 0 [pid 5728] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5729] setpgid(0, 0 [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5729] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5730 attached [pid 5729] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5730 [pid 5730] set_robust_list(0x555556629660, 24) = 0 [pid 5730] chdir("./110") = 0 [pid 5729] <... openat resumed>) = 3 [pid 5730] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5729] write(3, "1000", 4 [pid 5730] <... prctl resumed>) = 0 [pid 5729] <... write resumed>) = 4 [pid 5730] setpgid(0, 0 [ 121.840398][ T5725] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5729] close(3) = 0 [pid 5730] <... setpgid resumed>) = 0 [pid 5730] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5729] symlink("/dev/binderfs", "./binderfs" [pid 5726] <... write resumed>) = 2097152 [pid 5730] <... openat resumed>) = 3 [pid 5730] write(3, "1000", 4 [pid 5729] <... symlink resumed>) = 0 [pid 5730] <... write resumed>) = 4 [pid 5730] close(3 [pid 5726] munmap(0x7f3b887a1000, 138412032 [pid 5730] <... close resumed>) = 0 [pid 5729] memfd_create("syzkaller", 0 [pid 5730] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5727] <... write resumed>) = 2097152 [pid 5730] memfd_create("syzkaller", 0 [pid 5729] <... memfd_create resumed>) = 3 [pid 5726] <... munmap resumed>) = 0 [pid 5726] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5730] <... memfd_create resumed>) = 3 [pid 5729] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5726] <... openat resumed>) = 4 [pid 5727] munmap(0x7f3b887a1000, 138412032 [pid 5726] ioctl(4, LOOP_SET_FD, 3 [pid 5730] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5729] <... mmap resumed>) = 0x7f3b887a1000 [pid 5727] <... munmap resumed>) = 0 [pid 5730] <... mmap resumed>) = 0x7f3b887a1000 [pid 5727] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5727] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5728] <... write resumed>) = 2097152 [pid 5727] close(3 [pid 5726] <... ioctl resumed>) = 0 [pid 5727] <... close resumed>) = 0 [pid 5726] close(3) = 0 [pid 5727] mkdir("./file0", 0777 [pid 5726] mkdir("./file0", 0777 [pid 5727] <... mkdir resumed>) = 0 [pid 5727] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5726] <... mkdir resumed>) = 0 [pid 5728] munmap(0x7f3b887a1000, 138412032 [pid 5726] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5728] <... munmap resumed>) = 0 [ 121.932574][ T5726] loop3: detected capacity change from 0 to 4096 [ 121.945299][ T5727] loop0: detected capacity change from 0 to 4096 [ 121.968641][ T5727] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5728] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5728] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5730] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5729] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5725] <... mount resumed>) = 0 [pid 5725] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5725] chdir("./file0") = 0 [pid 5728] close(3 [pid 5725] ioctl(4, LOOP_CLR_FD [pid 5728] <... close resumed>) = 0 [pid 5725] <... ioctl resumed>) = 0 [pid 5728] mkdir("./file0", 0777 [pid 5725] close(4 [pid 5728] <... mkdir resumed>) = 0 [pid 5725] <... close resumed>) = 0 [pid 5728] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5725] exit_group(0) = ? [ 121.987584][ T5726] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 121.999262][ T5728] loop5: detected capacity change from 0 to 4096 [pid 5725] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5725, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5051] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5729] <... write resumed>) = 2097152 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./108/binderfs") = 0 [pid 5051] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5730] <... write resumed>) = 2097152 [pid 5730] munmap(0x7f3b887a1000, 138412032 [pid 5727] <... mount resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5727] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5051] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5727] chdir("./file0" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5727] <... chdir resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./108/file0", [pid 5727] ioctl(4, LOOP_CLR_FD [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5727] <... ioctl resumed>) = 0 [pid 5051] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5730] <... munmap resumed>) = 0 [pid 5727] close(4 [pid 5726] <... mount resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5729] munmap(0x7f3b887a1000, 138412032 [pid 5727] <... close resumed>) = 0 [pid 5726] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5730] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5729] <... munmap resumed>) = 0 [pid 5727] exit_group(0 [pid 5051] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5727] <... exit_group resumed>) = ? [ 122.040253][ T5728] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5730] <... openat resumed>) = 4 [pid 5729] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5730] ioctl(4, LOOP_SET_FD, 3 [pid 5729] <... openat resumed>) = 4 [pid 5726] <... openat resumed>) = 3 [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", [pid 5726] chdir("./file0" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5726] <... chdir resumed>) = 0 [pid 5051] getdents64(4, [pid 5726] ioctl(4, LOOP_CLR_FD [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5726] <... ioctl resumed>) = 0 [pid 5051] getdents64(4, [pid 5726] close(4 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5726] <... close resumed>) = 0 [pid 5051] close(4 [pid 5726] exit_group(0 [pid 5051] <... close resumed>) = 0 [pid 5726] <... exit_group resumed>) = ? [pid 5051] rmdir("./108/file0" [pid 5729] ioctl(4, LOOP_SET_FD, 3 [pid 5726] +++ exited with 0 +++ [pid 5051] <... rmdir resumed>) = 0 [pid 5727] +++ exited with 0 +++ [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5727, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5726, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5050] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5051] close(3) = 0 [pid 5050] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] rmdir("./108" [pid 5050] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... rmdir resumed>) = 0 [pid 5730] <... ioctl resumed>) = 0 [pid 5729] <... ioctl resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5729] close(3 [pid 5050] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5729] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5729] mkdir("./file0", 0777 [pid 5047] <... openat resumed>) = 3 [pid 5051] mkdir("./109", 0777 [pid 5050] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5729] <... mkdir resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] newfstatat(3, "", [pid 5050] unlink("./109/binderfs" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5730] close(3) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5047] getdents64(3, [pid 5730] mkdir("./file0", 0777 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5730] <... mkdir resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5047] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] close(3 [ 122.095395][ T5730] loop1: detected capacity change from 0 to 4096 [ 122.103533][ T5729] loop2: detected capacity change from 0 to 4096 [pid 5730] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5729] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5051] <... close resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./112/binderfs", [pid 5728] <... mount resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./112/binderfs" [pid 5728] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5728] chdir("./file0") = 0 [pid 5728] ioctl(4, LOOP_CLR_FD) = 0 [pid 5728] close(4) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5728] exit_group(0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5728] <... exit_group resumed>) = ? [pid 5050] newfstatat(AT_FDCWD, "./109/file0", [pid 5728] +++ exited with 0 +++ [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5731 attached [pid 5050] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5731] set_robust_list(0x555556629660, 24 [pid 5050] <... openat resumed>) = 4 [pid 5731] <... set_robust_list resumed>) = 0 [pid 5050] newfstatat(4, "", [pid 5731] chdir("./109" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5731 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5731] <... chdir resumed>) = 0 [pid 5050] rmdir("./109/file0" [pid 5047] <... unlink resumed>) = 0 [pid 5731] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5728, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5050] <... rmdir resumed>) = 0 [pid 5731] <... prctl resumed>) = 0 [pid 5731] setpgid(0, 0) = 0 [pid 5050] getdents64(3, [pid 5731] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] umount2("./108", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5731] <... openat resumed>) = 3 [pid 5050] close(3 [pid 5047] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5731] write(3, "1000", 4 [pid 5052] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5731] <... write resumed>) = 4 [pid 5731] close(3) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5731] symlink("/dev/binderfs", "./binderfs" [pid 5052] newfstatat(3, "", [pid 5050] rmdir("./109" [pid 5731] <... symlink resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5731] memfd_create("syzkaller", 0 [pid 5052] umount2("./108/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] mkdir("./110", 0777 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... mkdir resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./108/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./108/binderfs") = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 3 [pid 5731] <... memfd_create resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = 0 [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 122.161468][ T5729] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 122.172812][ T5730] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5731] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 5732 attached ) = 0x7f3b887a1000 [pid 5732] set_robust_list(0x555556629660, 24) = 0 [pid 5732] chdir("./110") = 0 [pid 5732] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5732] setpgid(0, 0) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5732 [pid 5732] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5732] write(3, "1000", 4) = 4 [pid 5732] close(3) = 0 [pid 5732] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5730] <... mount resumed>) = 0 [pid 5730] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5732] memfd_create("syzkaller", 0 [pid 5730] <... openat resumed>) = 3 [pid 5729] <... mount resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5732] <... memfd_create resumed>) = 3 [pid 5732] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5730] chdir("./file0" [pid 5729] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5729] <... openat resumed>) = 3 [pid 5729] chdir("./file0" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5730] <... chdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./112/file0", [pid 5730] ioctl(4, LOOP_CLR_FD [pid 5052] newfstatat(AT_FDCWD, "./108/file0", [pid 5729] <... chdir resumed>) = 0 [pid 5730] <... ioctl resumed>) = 0 [pid 5730] close(4 [pid 5729] ioctl(4, LOOP_CLR_FD [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5730] <... close resumed>) = 0 [pid 5729] <... ioctl resumed>) = 0 [pid 5052] umount2("./108/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5730] exit_group(0) = ? [pid 5729] close(4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5729] <... close resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5730] +++ exited with 0 +++ [pid 5729] exit_group(0 [pid 5052] <... openat resumed>) = 4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5729] <... exit_group resumed>) = ? [pid 5052] newfstatat(4, "", [pid 5047] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5730, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(4, [pid 5047] <... openat resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(3, [pid 5047] newfstatat(4, "", [pid 5052] getdents64(4, [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4 [pid 5729] +++ exited with 0 +++ [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] getdents64(4, [pid 5052] <... close resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5729, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] rmdir("./108/file0" [pid 5048] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... restart_syscall resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./110/binderfs" [pid 5052] <... rmdir resumed>) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5047] getdents64(4, [pid 5052] getdents64(3, [pid 5049] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(4 [pid 5049] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5731] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] close(3 [pid 5049] <... openat resumed>) = 3 [pid 5047] rmdir("./112/file0" [pid 5052] <... close resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5047] <... rmdir resumed>) = 0 [pid 5052] rmdir("./108" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5047] close(3 [pid 5052] mkdir("./109", 0777 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... close resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5049] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] rmdir("./112" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... rmdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] newfstatat(AT_FDCWD, "./112/binderfs", [pid 5047] mkdir("./113", 0777 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] unlink("./112/binderfs" [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] <... unlink resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5052] <... close resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] close(3 [pid 5048] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./110/file0" [pid 5049] <... umount2 resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./110"./strace-static-x86_64: Process 5733 attached [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5733 [pid 5049] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... rmdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] mkdir("./111", 0777 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5734 [pid 5733] set_robust_list(0x555556629660, 24 [pid 5049] newfstatat(AT_FDCWD, "./112/file0", [pid 5048] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5734 attached [pid 5733] <... set_robust_list resumed>) = 0 [pid 5732] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5731] <... write resumed>) = 2097152 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5734] set_robust_list(0x555556629660, 24 [pid 5733] chdir("./109" [pid 5731] munmap(0x7f3b887a1000, 138412032 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5734] <... set_robust_list resumed>) = 0 [pid 5049] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5734] chdir("./113" [pid 5733] <... chdir resumed>) = 0 [pid 5734] <... chdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5734] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5733] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5734] <... prctl resumed>) = 0 [pid 5733] <... prctl resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5049] <... openat resumed>) = 4 [pid 5734] setpgid(0, 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5734] <... setpgid resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5048] close(3 [pid 5734] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5733] setpgid(0, 0 [pid 5731] <... munmap resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... close resumed>) = 0 [pid 5734] <... openat resumed>) = 3 [pid 5733] <... setpgid resumed>) = 0 [pid 5049] getdents64(4, [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5734] write(3, "1000", 4 [pid 5733] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5731] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5734] <... write resumed>) = 4 [pid 5734] close(3./strace-static-x86_64: Process 5735 attached ) = 0 [pid 5735] set_robust_list(0x555556629660, 24 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5735 [pid 5734] symlink("/dev/binderfs", "./binderfs" [pid 5735] <... set_robust_list resumed>) = 0 [pid 5734] <... symlink resumed>) = 0 [pid 5733] <... openat resumed>) = 3 [pid 5731] <... openat resumed>) = 4 [pid 5049] getdents64(4, [pid 5735] chdir("./111") = 0 [pid 5731] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5733] write(3, "1000", 4 [pid 5735] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5735] setpgid(0, 0) = 0 [pid 5734] memfd_create("syzkaller", 0 [pid 5735] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5735] write(3, "1000", 4) = 4 [pid 5735] close(3) = 0 [pid 5735] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5733] <... write resumed>) = 4 [pid 5049] close(4 [pid 5734] <... memfd_create resumed>) = 3 [pid 5733] close(3 [pid 5049] <... close resumed>) = 0 [pid 5734] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5733] <... close resumed>) = 0 [pid 5049] rmdir("./112/file0" [pid 5734] <... mmap resumed>) = 0x7f3b887a1000 [pid 5733] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... rmdir resumed>) = 0 [pid 5735] memfd_create("syzkaller", 0 [pid 5733] <... symlink resumed>) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5731] <... ioctl resumed>) = 0 [pid 5731] close(3) = 0 [pid 5731] mkdir("./file0", 0777 [pid 5049] close(3 [pid 5731] <... mkdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./112" [pid 5735] <... memfd_create resumed>) = 3 [pid 5733] memfd_create("syzkaller", 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5735] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5733] <... memfd_create resumed>) = 3 [pid 5049] mkdir("./113", 0777 [pid 5733] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5731] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] <... mkdir resumed>) = 0 [ 122.428531][ T5731] loop4: detected capacity change from 0 to 4096 [pid 5733] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5732] <... write resumed>) = 2097152 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5732] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5732] <... munmap resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5736 ./strace-static-x86_64: Process 5736 attached [pid 5736] set_robust_list(0x555556629660, 24 [pid 5732] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5736] <... set_robust_list resumed>) = 0 [pid 5732] ioctl(4, LOOP_SET_FD, 3 [pid 5736] chdir("./113" [pid 5732] <... ioctl resumed>) = 0 [pid 5734] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5736] <... chdir resumed>) = 0 [pid 5732] close(3 [pid 5736] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5736] setpgid(0, 0 [pid 5735] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5732] <... close resumed>) = 0 [pid 5736] <... setpgid resumed>) = 0 [pid 5732] mkdir("./file0", 0777 [pid 5736] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5733] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5732] <... mkdir resumed>) = 0 [pid 5736] <... openat resumed>) = 3 [pid 5732] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5736] write(3, "1000", 4) = 4 [pid 5736] close(3) = 0 [ 122.484769][ T5731] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 122.514644][ T5732] loop3: detected capacity change from 0 to 4096 [pid 5736] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5734] <... write resumed>) = 2097152 [pid 5736] memfd_create("syzkaller", 0 [pid 5734] munmap(0x7f3b887a1000, 138412032 [pid 5736] <... memfd_create resumed>) = 3 [pid 5736] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5734] <... munmap resumed>) = 0 [pid 5734] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5733] <... write resumed>) = 2097152 [pid 5734] <... openat resumed>) = 4 [ 122.569048][ T5732] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5733] munmap(0x7f3b887a1000, 138412032 [pid 5734] ioctl(4, LOOP_SET_FD, 3 [pid 5733] <... munmap resumed>) = 0 [pid 5731] <... mount resumed>) = 0 [pid 5731] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5731] chdir("./file0") = 0 [pid 5731] ioctl(4, LOOP_CLR_FD) = 0 [pid 5731] close(4) = 0 [pid 5731] exit_group(0) = ? [pid 5733] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5731] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5731, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5051] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5735] <... write resumed>) = 2097152 [pid 5051] newfstatat(3, "", [pid 5733] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./109/binderfs") = 0 [pid 5051] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5735] munmap(0x7f3b887a1000, 138412032 [pid 5734] <... ioctl resumed>) = 0 [pid 5732] <... mount resumed>) = 0 [pid 5735] <... munmap resumed>) = 0 [pid 5734] close(3 [pid 5732] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5733] <... ioctl resumed>) = 0 [pid 5734] <... close resumed>) = 0 [pid 5733] close(3 [pid 5732] <... openat resumed>) = 3 [pid 5736] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5734] mkdir("./file0", 0777 [pid 5735] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5733] <... close resumed>) = 0 [pid 5732] chdir("./file0" [pid 5734] <... mkdir resumed>) = 0 [pid 5733] mkdir("./file0", 0777 [pid 5732] <... chdir resumed>) = 0 [pid 5734] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5732] ioctl(4, LOOP_CLR_FD [pid 5733] <... mkdir resumed>) = 0 [pid 5732] <... ioctl resumed>) = 0 [pid 5732] close(4) = 0 [pid 5735] <... openat resumed>) = 4 [pid 5732] exit_group(0 [ 122.614135][ T5734] loop0: detected capacity change from 0 to 4096 [ 122.636105][ T5733] loop5: detected capacity change from 0 to 4096 [pid 5735] ioctl(4, LOOP_SET_FD, 3 [pid 5732] <... exit_group resumed>) = ? [pid 5733] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5732] +++ exited with 0 +++ [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5732, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=3 /* 0.03 s */} --- [pid 5051] <... umount2 resumed>) = 0 [pid 5050] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./110/binderfs", [pid 5051] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] unlink("./110/binderfs" [pid 5051] newfstatat(AT_FDCWD, "./109/file0", [pid 5050] <... unlink resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./109/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3 [pid 5050] <... umount2 resumed>) = 0 [pid 5736] <... write resumed>) = 2097152 [pid 5735] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5735] close(3 [pid 5051] rmdir("./109" [pid 5050] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5735] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5735] mkdir("./file0", 0777 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./110/file0", [pid 5735] <... mkdir resumed>) = 0 [pid 5051] mkdir("./110", 0777 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 122.673594][ T5734] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 122.674367][ T5735] loop1: detected capacity change from 0 to 4096 [ 122.705404][ T5733] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5735] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5050] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5736] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./110/file0") = 0 [pid 5734] <... mount resumed>) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./110") = 0 [pid 5734] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5734] <... openat resumed>) = 3 [pid 5051] <... openat resumed>) = 3 [pid 5736] <... munmap resumed>) = 0 [pid 5734] chdir("./file0" [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] mkdir("./111", 0777 [pid 5734] <... chdir resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] <... mkdir resumed>) = 0 [pid 5734] ioctl(4, LOOP_CLR_FD [pid 5051] close(3 [pid 5734] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5734] close(4 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5736] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5734] <... close resumed>) = 0 [pid 5736] <... openat resumed>) = 4 [pid 5734] exit_group(0 [pid 5050] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5737 attached [pid 5736] ioctl(4, LOOP_SET_FD, 3 [pid 5734] <... exit_group resumed>) = ? [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5734] +++ exited with 0 +++ [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5734, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=3 /* 0.03 s */} --- [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5737 ./strace-static-x86_64: Process 5738 attached [pid 5738] set_robust_list(0x555556629660, 24) = 0 [pid 5737] set_robust_list(0x555556629660, 24 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5738 [pid 5737] <... set_robust_list resumed>) = 0 [pid 5737] chdir("./110" [pid 5047] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5737] <... chdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5738] chdir("./111") = 0 [pid 5738] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] <... openat resumed>) = 3 [pid 5738] <... prctl resumed>) = 0 [pid 5737] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5738] setpgid(0, 0 [pid 5047] newfstatat(3, "", [pid 5738] <... setpgid resumed>) = 0 [pid 5738] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5738] write(3, "1000", 4 [pid 5737] <... prctl resumed>) = 0 [pid 5738] <... write resumed>) = 4 [pid 5737] setpgid(0, 0 [pid 5047] getdents64(3, [pid 5738] close(3) = 0 [pid 5738] symlink("/dev/binderfs", "./binderfs" [pid 5737] <... setpgid resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5733] <... mount resumed>) = 0 [pid 5047] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5738] <... symlink resumed>) = 0 [pid 5737] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5733] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5733] <... openat resumed>) = 3 [pid 5733] chdir("./file0" [pid 5047] newfstatat(AT_FDCWD, "./113/binderfs", [pid 5737] <... openat resumed>) = 3 [pid 5733] <... chdir resumed>) = 0 [pid 5737] write(3, "1000", 4 [pid 5733] ioctl(4, LOOP_CLR_FD [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5737] <... write resumed>) = 4 [pid 5733] <... ioctl resumed>) = 0 [pid 5047] unlink("./113/binderfs" [pid 5738] memfd_create("syzkaller", 0 [pid 5737] close(3 [pid 5733] close(4) = 0 [pid 5737] <... close resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5738] <... memfd_create resumed>) = 3 [pid 5738] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5737] symlink("/dev/binderfs", "./binderfs" [pid 5047] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5737] <... symlink resumed>) = 0 [pid 5733] exit_group(0 [pid 5736] <... ioctl resumed>) = 0 [pid 5733] <... exit_group resumed>) = ? [pid 5736] close(3) = 0 [pid 5736] mkdir("./file0", 0777 [pid 5737] memfd_create("syzkaller", 0 [pid 5736] <... mkdir resumed>) = 0 [pid 5736] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5737] <... memfd_create resumed>) = 3 [pid 5733] +++ exited with 0 +++ [ 122.738751][ T5735] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 122.767664][ T5736] loop2: detected capacity change from 0 to 4096 [pid 5737] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5733, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5737] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5047] <... umount2 resumed>) = 0 [pid 5052] <... restart_syscall resumed>) = 0 [pid 5047] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] umount2("./109", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./113/file0", [pid 5052] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(3, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] umount2("./109/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(4, "", [pid 5052] newfstatat(AT_FDCWD, "./109/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] unlink("./109/binderfs" [pid 5047] getdents64(4, [pid 5052] <... unlink resumed>) = 0 [pid 5052] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [ 122.811123][ T5736] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5047] rmdir("./113/file0" [pid 5738] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5735] <... mount resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5735] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] getdents64(3, [pid 5735] <... openat resumed>) = 3 [pid 5735] chdir("./file0" [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5735] <... chdir resumed>) = 0 [pid 5735] ioctl(4, LOOP_CLR_FD [pid 5047] close(3 [pid 5052] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5735] <... ioctl resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./109/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5735] close(4 [pid 5052] getdents64(4, [pid 5047] rmdir("./113" [pid 5736] <... mount resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5735] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./109/file0") = 0 [pid 5052] getdents64(3, [pid 5736] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5735] exit_group(0 [pid 5047] mkdir("./114", 0777 [pid 5736] <... openat resumed>) = 3 [pid 5735] <... exit_group resumed>) = ? [pid 5047] <... mkdir resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./109") = 0 [pid 5735] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5735, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5736] chdir("./file0") = 0 [pid 5736] ioctl(4, LOOP_CLR_FD) = 0 [pid 5736] close(4 [pid 5048] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./111/binderfs" [pid 5736] <... close resumed>) = 0 [pid 5736] exit_group(0 [pid 5048] <... unlink resumed>) = 0 [pid 5736] <... exit_group resumed>) = ? [pid 5048] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5737] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5736] +++ exited with 0 +++ [pid 5052] mkdir("./110", 0777 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5736, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5049] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] newfstatat(AT_FDCWD, "./113/binderfs", [pid 5048] <... umount2 resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] unlink("./113/binderfs" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... unlink resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./111/file0", [pid 5052] close(3 [pid 5049] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5739 attached [pid 5048] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", [pid 5739] set_robust_list(0x555556629660, 24 [pid 5738] <... write resumed>) = 2097152 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./111/file0" [pid 5738] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5739 [pid 5048] <... rmdir resumed>) = 0 [pid 5739] <... set_robust_list resumed>) = 0 [pid 5738] <... munmap resumed>) = 0 [pid 5048] getdents64(3, [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5739] chdir("./110" [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3 [pid 5048] close(3 [pid 5047] <... close resumed>) = 0 [pid 5739] <... chdir resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./111") = 0 [pid 5048] mkdir("./112", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5739] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5739] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5740 attached [pid 5739] setpgid(0, 0) = 0 [pid 5740] set_robust_list(0x555556629660, 24 [pid 5739] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5741 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5740 [pid 5740] <... set_robust_list resumed>) = 0 [pid 5739] <... openat resumed>) = 3 [pid 5739] write(3, "1000", 4./strace-static-x86_64: Process 5741 attached [pid 5740] chdir("./114" [pid 5739] <... write resumed>) = 4 [pid 5740] <... chdir resumed>) = 0 [pid 5739] close(3 [pid 5741] set_robust_list(0x555556629660, 24 [pid 5739] <... close resumed>) = 0 [pid 5738] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5741] <... set_robust_list resumed>) = 0 [pid 5739] symlink("/dev/binderfs", "./binderfs" [pid 5738] <... openat resumed>) = 4 [pid 5741] chdir("./112" [pid 5738] ioctl(4, LOOP_SET_FD, 3 [pid 5741] <... chdir resumed>) = 0 [pid 5739] <... symlink resumed>) = 0 [pid 5741] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5741] setpgid(0, 0 [pid 5739] memfd_create("syzkaller", 0 [pid 5740] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5741] <... setpgid resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5741] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5740] <... prctl resumed>) = 0 [pid 5739] <... memfd_create resumed>) = 3 [pid 5741] <... openat resumed>) = 3 [pid 5741] write(3, "1000", 4) = 4 [pid 5741] close(3) = 0 [pid 5741] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5740] setpgid(0, 0 [pid 5739] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5741] memfd_create("syzkaller", 0) = 3 [pid 5740] <... setpgid resumed>) = 0 [pid 5739] <... mmap resumed>) = 0x7f3b887a1000 [pid 5738] <... ioctl resumed>) = 0 [pid 5737] <... write resumed>) = 2097152 [pid 5049] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5741] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5740] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5738] close(3 [pid 5737] munmap(0x7f3b887a1000, 138412032 [pid 5741] <... mmap resumed>) = 0x7f3b887a1000 [pid 5740] <... openat resumed>) = 3 [pid 5738] <... close resumed>) = 0 [pid 5737] <... munmap resumed>) = 0 [pid 5740] write(3, "1000", 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5740] <... write resumed>) = 4 [pid 5049] newfstatat(AT_FDCWD, "./113/file0", [pid 5740] close(3) = 0 [pid 5738] mkdir("./file0", 0777 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5740] symlink("/dev/binderfs", "./binderfs" [pid 5049] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5740] <... symlink resumed>) = 0 [pid 5738] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", [pid 5738] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 123.006119][ T5738] loop3: detected capacity change from 0 to 4096 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5740] memfd_create("syzkaller", 0 [pid 5737] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] getdents64(4, [pid 5737] <... openat resumed>) = 4 [pid 5737] ioctl(4, LOOP_SET_FD, 3 [pid 5740] <... memfd_create resumed>) = 3 [pid 5739] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5737] <... ioctl resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5740] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] close(4 [pid 5740] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./113/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./113" [pid 5737] close(3 [pid 5049] <... rmdir resumed>) = 0 [pid 5737] <... close resumed>) = 0 [pid 5737] mkdir("./file0", 0777) = 0 [ 123.060783][ T5738] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 123.075175][ T5737] loop4: detected capacity change from 0 to 4096 [pid 5737] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] mkdir("./114", 0777 [pid 5738] <... mount resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5738] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5738] chdir("./file0") = 0 [pid 5738] ioctl(4, LOOP_CLR_FD) = 0 [pid 5738] close(4 [pid 5049] <... openat resumed>) = 3 [pid 5738] <... close resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5738] exit_group(0) = ? [pid 5738] +++ exited with 0 +++ [pid 5049] close(3 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5738, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5742 attached [pid 5741] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5742 [pid 5050] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5742] set_robust_list(0x555556629660, 24 [pid 5739] <... write resumed>) = 2097152 [pid 5050] <... openat resumed>) = 3 [ 123.122439][ T5737] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5050] newfstatat(3, "", [pid 5742] <... set_robust_list resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5742] chdir("./114" [pid 5050] getdents64(3, [pid 5742] <... chdir resumed>) = 0 [pid 5742] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5742] setpgid(0, 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5742] <... setpgid resumed>) = 0 [pid 5742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5742] write(3, "1000", 4) = 4 [pid 5742] close(3) = 0 [pid 5742] symlink("/dev/binderfs", "./binderfs" [pid 5737] <... mount resumed>) = 0 [pid 5050] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5742] <... symlink resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./111/binderfs", [pid 5742] memfd_create("syzkaller", 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./111/binderfs" [pid 5737] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5737] chdir("./file0" [pid 5739] munmap(0x7f3b887a1000, 138412032 [pid 5737] <... chdir resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5050] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5742] <... memfd_create resumed>) = 3 [pid 5741] <... write resumed>) = 2097152 [pid 5740] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5739] <... munmap resumed>) = 0 [pid 5737] ioctl(4, LOOP_CLR_FD [pid 5742] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5741] munmap(0x7f3b887a1000, 138412032 [pid 5739] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] <... umount2 resumed>) = 0 [pid 5742] <... mmap resumed>) = 0x7f3b887a1000 [pid 5741] <... munmap resumed>) = 0 [pid 5739] <... openat resumed>) = 4 [pid 5737] <... ioctl resumed>) = 0 [pid 5739] ioctl(4, LOOP_SET_FD, 3 [pid 5737] close(4 [pid 5050] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5737] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5739] <... ioctl resumed>) = 0 [pid 5737] exit_group(0 [pid 5050] newfstatat(AT_FDCWD, "./111/file0", [pid 5739] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5741] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5739] <... close resumed>) = 0 [pid 5737] <... exit_group resumed>) = ? [pid 5050] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5741] <... openat resumed>) = 4 [pid 5739] mkdir("./file0", 0777 [pid 5737] +++ exited with 0 +++ [pid 5741] ioctl(4, LOOP_SET_FD, 3 [pid 5740] <... write resumed>) = 2097152 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5739] <... mkdir resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5737, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=3 /* 0.03 s */} --- [pid 5051] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5051] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./110/binderfs") = 0 [pid 5051] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5739] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5051] <... umount2 resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5740] munmap(0x7f3b887a1000, 138412032 [pid 5051] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 4 [pid 5051] newfstatat(AT_FDCWD, "./110/file0", [pid 5740] <... munmap resumed>) = 0 [pid 5050] newfstatat(4, "", [pid 5741] <... ioctl resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 123.256214][ T5739] loop5: detected capacity change from 0 to 4096 [ 123.288396][ T5741] loop1: detected capacity change from 0 to 4096 [pid 5741] close(3 [pid 5051] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5741] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5741] mkdir("./file0", 0777 [pid 5051] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5741] <... mkdir resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5741] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./110/file0") = 0 [pid 5740] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] getdents64(3, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, [pid 5740] <... openat resumed>) = 4 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5740] ioctl(4, LOOP_SET_FD, 3 [pid 5051] close(3 [pid 5050] getdents64(4, [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./110") = 0 [pid 5051] mkdir("./111", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] <... close resumed>) = 0 [pid 5051] <... ioctl resumed>) = 0 [pid 5050] rmdir("./111/file0" [pid 5051] close(3) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5743 attached [pid 5742] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5740] <... ioctl resumed>) = 0 [pid 5050] getdents64(3, [pid 5743] set_robust_list(0x555556629660, 24 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5743] <... set_robust_list resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5743 [pid 5743] chdir("./111" [pid 5050] close(3 [pid 5743] <... chdir resumed>) = 0 [pid 5740] close(3 [pid 5050] <... close resumed>) = 0 [pid 5743] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5740] <... close resumed>) = 0 [pid 5050] rmdir("./111" [pid 5740] mkdir("./file0", 0777 [pid 5743] <... prctl resumed>) = 0 [pid 5740] <... mkdir resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5743] setpgid(0, 0) = 0 [pid 5740] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5050] mkdir("./112", 0777 [pid 5743] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... mkdir resumed>) = 0 [ 123.308102][ T5739] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 123.316384][ T5741] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 123.330213][ T5740] loop0: detected capacity change from 0 to 4096 [pid 5739] <... mount resumed>) = 0 [pid 5739] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5739] chdir("./file0") = 0 [pid 5739] ioctl(4, LOOP_CLR_FD) = 0 [pid 5739] close(4) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5743] <... openat resumed>) = 3 [pid 5743] write(3, "1000", 4 [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5743] <... write resumed>) = 4 [pid 5743] close(3 [pid 5739] exit_group(0) = ? [pid 5743] <... close resumed>) = 0 [pid 5739] +++ exited with 0 +++ [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5743] symlink("/dev/binderfs", "./binderfs" [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5739, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5050] close(3 [pid 5052] umount2("./110", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, [pid 5743] <... symlink resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] umount2("./110/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5744 ./strace-static-x86_64: Process 5744 attached [pid 5744] set_robust_list(0x555556629660, 24) = 0 [pid 5744] chdir("./112" [pid 5743] memfd_create("syzkaller", 0 [pid 5052] newfstatat(AT_FDCWD, "./110/binderfs", [pid 5744] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./110/binderfs" [pid 5744] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... unlink resumed>) = 0 [pid 5744] <... prctl resumed>) = 0 [ 123.356059][ T5740] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5743] <... memfd_create resumed>) = 3 [pid 5052] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5744] setpgid(0, 0 [pid 5743] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5742] <... write resumed>) = 2097152 [pid 5744] <... setpgid resumed>) = 0 [pid 5744] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5743] <... mmap resumed>) = 0x7f3b887a1000 [pid 5742] munmap(0x7f3b887a1000, 138412032 [pid 5744] <... openat resumed>) = 3 [pid 5744] write(3, "1000", 4 [pid 5742] <... munmap resumed>) = 0 [pid 5744] <... write resumed>) = 4 [pid 5742] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5744] close(3 [pid 5742] <... openat resumed>) = 4 [pid 5744] <... close resumed>) = 0 [pid 5744] symlink("/dev/binderfs", "./binderfs" [pid 5742] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... umount2 resumed>) = 0 [pid 5744] <... symlink resumed>) = 0 [pid 5744] memfd_create("syzkaller", 0 [pid 5052] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5744] <... memfd_create resumed>) = 3 [pid 5740] <... mount resumed>) = 0 [pid 5741] <... mount resumed>) = 0 [pid 5742] <... ioctl resumed>) = 0 [pid 5052] umount2("./110/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5741] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5744] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5741] <... openat resumed>) = 3 [pid 5740] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5744] <... mmap resumed>) = 0x7f3b887a1000 [pid 5741] chdir("./file0" [pid 5740] <... openat resumed>) = 3 [pid 5743] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5742] close(3 [pid 5741] <... chdir resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5741] ioctl(4, LOOP_CLR_FD [pid 5052] newfstatat(4, "", [pid 5740] chdir("./file0" [pid 5742] <... close resumed>) = 0 [pid 5741] <... ioctl resumed>) = 0 [pid 5740] <... chdir resumed>) = 0 [ 123.440744][ T5742] loop2: detected capacity change from 0 to 4096 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5742] mkdir("./file0", 0777 [pid 5741] close(4 [pid 5052] getdents64(4, [pid 5741] <... close resumed>) = 0 [pid 5740] ioctl(4, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5741] exit_group(0 [pid 5740] <... ioctl resumed>) = 0 [pid 5052] getdents64(4, [pid 5740] close(4) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4 [pid 5742] <... mkdir resumed>) = 0 [pid 5741] <... exit_group resumed>) = ? [pid 5740] exit_group(0) = ? [pid 5741] +++ exited with 0 +++ [pid 5740] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5740, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5052] <... close resumed>) = 0 [pid 5742] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] rmdir("./110/file0" [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5741, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=8 /* 0.08 s */} --- [pid 5048] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... rmdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] close(3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... close resumed>) = 0 [pid 5744] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] getdents64(3, [pid 5052] rmdir("./110" [pid 5048] <... openat resumed>) = 3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5743] <... write resumed>) = 2097152 [pid 5052] <... rmdir resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5047] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] mkdir("./111", 0777 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./114/binderfs", [pid 5048] getdents64(3, [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] unlink("./114/binderfs" [pid 5048] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] <... unlink resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./112/binderfs", [pid 5047] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5743] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5743] <... munmap resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5048] unlink("./112/binderfs" [pid 5047] <... umount2 resumed>) = 0 [ 123.516796][ T5742] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5743] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5742] <... mount resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5048] <... unlink resumed>) = 0 [pid 5047] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5742] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5048] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5742] <... openat resumed>) = 3 [pid 5047] newfstatat(AT_FDCWD, "./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5742] chdir("./file0" [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] close(3 [pid 5742] <... chdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... close resumed>) = 0 [pid 5742] ioctl(4, LOOP_CLR_FD [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5743] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5745 attached [pid 5743] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... openat resumed>) = 4 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5745 [pid 5047] newfstatat(4, "", [pid 5745] set_robust_list(0x555556629660, 24) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5745] chdir("./111" [pid 5047] getdents64(4, [pid 5745] <... chdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5745] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] getdents64(4, [pid 5745] <... prctl resumed>) = 0 [pid 5742] <... ioctl resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4 [pid 5745] setpgid(0, 0 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./114/file0" [pid 5745] <... setpgid resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5742] close(4 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./114") = 0 [pid 5742] <... close resumed>) = 0 [pid 5047] mkdir("./115", 0777 [pid 5745] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5742] exit_group(0 [pid 5047] <... mkdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = 0 [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5746 attached , child_tidptr=0x555556629650) = 5746 [pid 5746] set_robust_list(0x555556629660, 24) = 0 [pid 5744] <... write resumed>) = 2097152 [pid 5746] chdir("./115" [pid 5744] munmap(0x7f3b887a1000, 138412032 [pid 5742] <... exit_group resumed>) = ? [pid 5746] <... chdir resumed>) = 0 [pid 5744] <... munmap resumed>) = 0 [pid 5746] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5746] setpgid(0, 0) = 0 [pid 5746] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5742] +++ exited with 0 +++ [pid 5746] write(3, "1000", 4 [pid 5745] <... openat resumed>) = 3 [pid 5746] <... write resumed>) = 4 [pid 5746] close(3 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5742, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5746] <... close resumed>) = 0 [pid 5745] write(3, "1000", 4 [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5746] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... restart_syscall resumed>) = 0 [pid 5746] <... symlink resumed>) = 0 [pid 5745] <... write resumed>) = 4 [pid 5743] <... ioctl resumed>) = 0 [pid 5746] memfd_create("syzkaller", 0 [pid 5745] close(3 [pid 5743] close(3 [pid 5746] <... memfd_create resumed>) = 3 [pid 5744] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = 0 [pid 5746] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5745] <... close resumed>) = 0 [pid 5744] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5746] <... mmap resumed>) = 0x7f3b887a1000 [pid 5745] symlink("/dev/binderfs", "./binderfs" [pid 5743] <... close resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5744] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... openat resumed>) = 3 [pid 5745] <... symlink resumed>) = 0 [pid 5743] mkdir("./file0", 0777 [pid 5049] newfstatat(3, "", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5743] <... mkdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] newfstatat(AT_FDCWD, "./112/file0", [pid 5049] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5745] memfd_create("syzkaller", 0 [pid 5743] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] unlink("./114/binderfs" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5048] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5744] <... ioctl resumed>) = 0 [pid 5744] close(3) = 0 [pid 5744] mkdir("./file0", 0777) = 0 [ 123.597943][ T5743] loop4: detected capacity change from 0 to 4096 [ 123.633969][ T5744] loop3: detected capacity change from 0 to 4096 [pid 5744] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5048] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5745] <... memfd_create resumed>) = 3 [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", [pid 5745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5745] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./112/file0" [pid 5049] <... umount2 resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [ 123.668544][ T5743] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 123.677533][ T5744] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./112" [pid 5746] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] mkdir("./113", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5744] <... mount resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5049] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5744] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] newfstatat(AT_FDCWD, "./114/file0", [pid 5048] close(3 [pid 5744] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... close resumed>) = 0 [pid 5745] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5744] chdir("./file0") = 0 [pid 5744] ioctl(4, LOOP_CLR_FD) = 0 [pid 5049] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5744] close(4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5747 attached [pid 5744] <... close resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5744] exit_group(0 [pid 5747] set_robust_list(0x555556629660, 24 [pid 5744] <... exit_group resumed>) = ? [pid 5049] <... openat resumed>) = 4 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5747 [pid 5747] <... set_robust_list resumed>) = 0 [pid 5744] +++ exited with 0 +++ [pid 5049] newfstatat(4, "", [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5744, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=2 /* 0.02 s */} --- [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5747] chdir("./113" [pid 5050] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(4, [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./114/file0" [pid 5050] <... openat resumed>) = 3 [pid 5049] <... rmdir resumed>) = 0 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, [pid 5747] <... chdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] getdents64(3, [pid 5050] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5747] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5747] <... prctl resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] close(3 [pid 5747] setpgid(0, 0 [pid 5050] newfstatat(AT_FDCWD, "./112/binderfs", [pid 5049] <... close resumed>) = 0 [pid 5747] <... setpgid resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] rmdir("./114" [pid 5747] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] unlink("./112/binderfs" [pid 5049] <... rmdir resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5049] mkdir("./115", 0777 [pid 5747] <... openat resumed>) = 3 [pid 5050] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5747] write(3, "1000", 4 [pid 5746] <... write resumed>) = 2097152 [pid 5049] <... close resumed>) = 0 [pid 5747] <... write resumed>) = 4 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5747] close(3) = 0 [pid 5747] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5748 ./strace-static-x86_64: Process 5748 attached [pid 5747] <... symlink resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5748] set_robust_list(0x555556629660, 24) = 0 [pid 5050] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5748] chdir("./115" [pid 5050] newfstatat(AT_FDCWD, "./112/file0", [pid 5748] <... chdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5748] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5748] <... prctl resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5748] setpgid(0, 0 [pid 5050] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5748] <... setpgid resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5748] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] newfstatat(4, "", [pid 5748] <... openat resumed>) = 3 [pid 5746] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5747] memfd_create("syzkaller", 0 [pid 5746] <... munmap resumed>) = 0 [pid 5745] <... write resumed>) = 2097152 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5748] write(3, "1000", 4 [pid 5747] <... memfd_create resumed>) = 3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5748] <... write resumed>) = 4 [pid 5050] close(4 [pid 5748] close(3 [pid 5050] <... close resumed>) = 0 [pid 5748] <... close resumed>) = 0 [pid 5747] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5746] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5745] munmap(0x7f3b887a1000, 138412032 [pid 5050] rmdir("./112/file0" [pid 5748] symlink("/dev/binderfs", "./binderfs" [pid 5747] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... rmdir resumed>) = 0 [pid 5748] <... symlink resumed>) = 0 [pid 5746] <... openat resumed>) = 4 [pid 5050] getdents64(3, [pid 5746] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5748] memfd_create("syzkaller", 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./112") = 0 [pid 5050] mkdir("./113", 0777) = 0 [pid 5748] <... memfd_create resumed>) = 3 [pid 5746] <... ioctl resumed>) = 0 [pid 5745] <... munmap resumed>) = 0 [pid 5743] <... mount resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5746] close(3 [pid 5745] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5748] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5746] <... close resumed>) = 0 [pid 5745] <... openat resumed>) = 4 [ 123.834264][ T5746] loop0: detected capacity change from 0 to 4096 [ 123.855884][ T5745] loop5: detected capacity change from 0 to 4096 [pid 5743] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... openat resumed>) = 3 [pid 5748] <... mmap resumed>) = 0x7f3b887a1000 [pid 5746] mkdir("./file0", 0777 [pid 5745] ioctl(4, LOOP_SET_FD, 3 [pid 5743] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5743] chdir("./file0") = 0 [pid 5743] ioctl(4, LOOP_CLR_FD) = 0 [pid 5743] close(4 [pid 5746] <... mkdir resumed>) = 0 [pid 5743] <... close resumed>) = 0 [pid 5050] <... ioctl resumed>) = 0 [pid 5743] exit_group(0 [pid 5050] close(3 [pid 5746] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5050] <... close resumed>) = 0 [pid 5743] <... exit_group resumed>) = ? [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5743] +++ exited with 0 +++ ./strace-static-x86_64: Process 5749 attached [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5743, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5749 [pid 5749] set_robust_list(0x555556629660, 24) = 0 [pid 5749] chdir("./113") = 0 [pid 5749] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5749] <... prctl resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5749] setpgid(0, 0) = 0 [pid 5051] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5749] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5749] write(3, "1000", 4) = 4 [pid 5749] close(3) = 0 [pid 5749] symlink("/dev/binderfs", "./binderfs" [pid 5051] newfstatat(AT_FDCWD, "./111/binderfs", [pid 5749] <... symlink resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./111/binderfs") = 0 [pid 5051] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5747] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5745] <... ioctl resumed>) = 0 [pid 5749] memfd_create("syzkaller", 0 [pid 5745] close(3) = 0 [pid 5745] mkdir("./file0", 0777) = 0 [ 123.878585][ T5746] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5745] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5749] <... memfd_create resumed>) = 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5749] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5051] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", [pid 5746] <... mount resumed>) = 0 [pid 5747] <... write resumed>) = 2097152 [pid 5746] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5746] <... openat resumed>) = 3 [pid 5051] getdents64(4, [pid 5746] chdir("./file0" [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5746] <... chdir resumed>) = 0 [pid 5051] getdents64(4, [pid 5746] ioctl(4, LOOP_CLR_FD [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5746] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5747] munmap(0x7f3b887a1000, 138412032 [pid 5746] close(4 [pid 5051] rmdir("./111/file0" [pid 5747] <... munmap resumed>) = 0 [pid 5748] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5746] <... close resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [ 123.924536][ T5745] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5746] exit_group(0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5746] <... exit_group resumed>) = ? [pid 5051] close(3) = 0 [pid 5746] +++ exited with 0 +++ [pid 5051] rmdir("./111" [pid 5747] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5746, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5747] <... openat resumed>) = 4 [pid 5051] <... rmdir resumed>) = 0 [pid 5047] <... restart_syscall resumed>) = 0 [pid 5047] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5051] mkdir("./112", 0777 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5747] ioctl(4, LOOP_SET_FD, 3 [pid 5047] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] <... mkdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5745] <... mount resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5745] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5745] chdir("./file0") = 0 [pid 5047] unlink("./115/binderfs") = 0 [pid 5047] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... openat resumed>) = 3 [pid 5745] ioctl(4, LOOP_CLR_FD) = 0 [pid 5745] close(4) = 0 [pid 5745] exit_group(0) = ? [pid 5745] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5745, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5052] umount2("./111", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5748] <... write resumed>) = 2097152 [pid 5052] getdents64(3, [pid 5749] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5747] <... ioctl resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5748] munmap(0x7f3b887a1000, 138412032 [pid 5052] umount2("./111/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5748] <... munmap resumed>) = 0 [pid 5747] close(3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] close(3 [pid 5747] <... close resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5747] mkdir("./file0", 0777 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] newfstatat(AT_FDCWD, "./111/binderfs", [pid 5747] <... mkdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5750 [pid 5747] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] unlink("./111/binderfs") = 0 [pid 5052] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5750 attached [pid 5748] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5750] set_robust_list(0x555556629660, 24 [pid 5748] <... openat resumed>) = 4 [pid 5750] <... set_robust_list resumed>) = 0 [pid 5750] chdir("./112") = 0 [pid 5750] prctl(PR_SET_PDEATHSIG, SIGKILL [ 124.026408][ T5747] loop1: detected capacity change from 0 to 4096 [ 124.065614][ T5747] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5748] ioctl(4, LOOP_SET_FD, 3 [pid 5750] <... prctl resumed>) = 0 [pid 5750] setpgid(0, 0) = 0 [pid 5750] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5750] write(3, "1000", 4) = 4 [pid 5750] close(3) = 0 [pid 5750] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5750] memfd_create("syzkaller", 0 [pid 5047] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5750] <... memfd_create resumed>) = 3 [pid 5047] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5750] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] <... openat resumed>) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5750] <... mmap resumed>) = 0x7f3b887a1000 [pid 5748] <... ioctl resumed>) = 0 [pid 5047] getdents64(4, [pid 5748] close(3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] close(4 [pid 5748] <... close resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./115/file0" [pid 5748] mkdir("./file0", 0777 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, [pid 5748] <... mkdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [ 124.084890][ T5748] loop2: detected capacity change from 0 to 4096 [pid 5047] rmdir("./115") = 0 [pid 5047] mkdir("./116", 0777 [pid 5748] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5047] <... mkdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5749] <... write resumed>) = 2097152 [pid 5747] <... mount resumed>) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] close(3 [pid 5749] munmap(0x7f3b887a1000, 138412032 [pid 5747] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5747] <... openat resumed>) = 3 [pid 5052] newfstatat(AT_FDCWD, "./111/file0", [pid 5747] chdir("./file0" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5747] <... chdir resumed>) = 0 [pid 5747] ioctl(4, LOOP_CLR_FD [pid 5052] umount2("./111/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5751 ./strace-static-x86_64: Process 5751 attached [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5751] set_robust_list(0x555556629660, 24 [pid 5052] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5751] <... set_robust_list resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5751] chdir("./116" [pid 5052] newfstatat(4, "", [pid 5751] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5751] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] getdents64(4, [pid 5751] <... prctl resumed>) = 0 [pid 5747] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5751] setpgid(0, 0 [pid 5749] <... munmap resumed>) = 0 [pid 5747] close(4 [pid 5751] <... setpgid resumed>) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5751] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5749] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5747] <... close resumed>) = 0 [pid 5052] close(4 [pid 5751] <... openat resumed>) = 3 [pid 5749] <... openat resumed>) = 4 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./111/file0") = 0 [pid 5749] ioctl(4, LOOP_SET_FD, 3 [pid 5747] exit_group(0 [pid 5751] write(3, "1000", 4) = 4 [pid 5052] getdents64(3, [pid 5751] close(3 [pid 5747] <... exit_group resumed>) = ? [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5751] <... close resumed>) = 0 [pid 5751] symlink("/dev/binderfs", "./binderfs" [pid 5052] close(3 [pid 5751] <... symlink resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./111") = 0 [pid 5052] mkdir("./112", 0777 [pid 5751] memfd_create("syzkaller", 0 [pid 5052] <... mkdir resumed>) = 0 [ 124.139605][ T5748] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5751] <... memfd_create resumed>) = 3 [pid 5750] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5747] +++ exited with 0 +++ [pid 5751] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5747, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5751] <... mmap resumed>) = 0x7f3b887a1000 [pid 5749] <... ioctl resumed>) = 0 [pid 5748] <... mount resumed>) = 0 [pid 5748] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5048] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5748] <... openat resumed>) = 3 [pid 5052] close(3 [pid 5048] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5748] chdir("./file0" [pid 5052] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5748] <... chdir resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5749] close(3 [pid 5748] ioctl(4, LOOP_CLR_FD [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5749] <... close resumed>) = 0 [pid 5748] <... ioctl resumed>) = 0 [pid 5048] getdents64(3, [pid 5749] mkdir("./file0", 0777 [pid 5748] close(4 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5752 attached [pid 5748] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5752] set_robust_list(0x555556629660, 24 [pid 5048] newfstatat(AT_FDCWD, "./113/binderfs", [pid 5752] <... set_robust_list resumed>) = 0 [pid 5749] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5752] chdir("./112" [pid 5748] exit_group(0) = ? [ 124.184275][ T5749] loop3: detected capacity change from 0 to 4096 [pid 5048] unlink("./113/binderfs" [pid 5749] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5752 [pid 5048] <... unlink resumed>) = 0 [pid 5752] <... chdir resumed>) = 0 [pid 5048] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5752] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5752] <... prctl resumed>) = 0 [pid 5048] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5752] setpgid(0, 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5752] <... setpgid resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5752] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5752] <... openat resumed>) = 3 [pid 5048] getdents64(4, [pid 5752] write(3, "1000", 4) = 4 [pid 5752] close(3) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5752] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5048] getdents64(4, [pid 5752] memfd_create("syzkaller", 0 [pid 5748] +++ exited with 0 +++ [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5748, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5048] <... close resumed>) = 0 [pid 5049] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5048] rmdir("./113/file0" [pid 5752] <... memfd_create resumed>) = 3 [pid 5752] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... rmdir resumed>) = 0 [pid 5752] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(3, [pid 5049] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... close resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5048] rmdir("./113" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... rmdir resumed>) = 0 [pid 5049] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./115/binderfs") = 0 [pid 5048] mkdir("./114", 0777 [pid 5049] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5750] <... write resumed>) = 2097152 [pid 5048] <... mkdir resumed>) = 0 [ 124.227152][ T5749] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5750] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5749] <... mount resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5753 attached [pid 5751] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5749] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5753] set_robust_list(0x555556629660, 24) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5753 [pid 5753] chdir("./114" [pid 5749] <... openat resumed>) = 3 [pid 5750] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5750] ioctl(4, LOOP_SET_FD, 3 [pid 5753] <... chdir resumed>) = 0 [pid 5749] chdir("./file0") = 0 [pid 5753] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5752] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5749] ioctl(4, LOOP_CLR_FD [pid 5049] <... umount2 resumed>) = 0 [pid 5749] <... ioctl resumed>) = 0 [pid 5753] setpgid(0, 0 [pid 5049] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5753] <... setpgid resumed>) = 0 [pid 5749] close(4 [pid 5049] newfstatat(AT_FDCWD, "./115/file0", [pid 5749] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5750] <... ioctl resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5750] close(3 [pid 5049] <... openat resumed>) = 4 [pid 5753] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5750] <... close resumed>) = 0 [pid 5749] exit_group(0 [pid 5049] newfstatat(4, "", [pid 5749] <... exit_group resumed>) = ? [pid 5750] mkdir("./file0", 0777 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5753] <... openat resumed>) = 3 [pid 5750] <... mkdir resumed>) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5753] write(3, "1000", 4 [pid 5750] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [ 124.313171][ T5750] loop4: detected capacity change from 0 to 4096 [pid 5753] <... write resumed>) = 4 [pid 5749] +++ exited with 0 +++ [pid 5049] close(4 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5749, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5753] close(3 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./115/file0") = 0 [pid 5049] getdents64(3, [pid 5753] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5753] symlink("/dev/binderfs", "./binderfs" [pid 5050] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] close(3) = 0 [pid 5049] rmdir("./115") = 0 [pid 5049] mkdir("./116", 0777 [pid 5753] <... symlink resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5753] memfd_create("syzkaller", 0 [pid 5751] <... write resumed>) = 2097152 [pid 5050] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5050] newfstatat(3, "", [pid 5049] <... openat resumed>) = 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5050] getdents64(3, [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... close resumed>) = 0 [pid 5050] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5754 attached [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./113/binderfs", [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5754 [pid 5754] set_robust_list(0x555556629660, 24 [pid 5751] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5754] <... set_robust_list resumed>) = 0 [pid 5751] <... munmap resumed>) = 0 [pid 5050] unlink("./113/binderfs" [pid 5754] chdir("./116") = 0 [pid 5754] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... unlink resumed>) = 0 [pid 5754] <... prctl resumed>) = 0 [pid 5754] setpgid(0, 0 [pid 5050] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5754] <... setpgid resumed>) = 0 [pid 5754] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5754] write(3, "1000", 4 [pid 5751] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5754] <... write resumed>) = 4 [pid 5751] <... openat resumed>) = 4 [pid 5754] close(3 [ 124.362678][ T5750] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5751] ioctl(4, LOOP_SET_FD, 3 [pid 5754] <... close resumed>) = 0 [pid 5751] <... ioctl resumed>) = 0 [pid 5754] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5754] memfd_create("syzkaller", 0 [pid 5753] <... memfd_create resumed>) = 3 [pid 5753] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5754] <... memfd_create resumed>) = 3 [pid 5753] <... mmap resumed>) = 0x7f3b887a1000 [pid 5754] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5751] close(3 [pid 5750] <... mount resumed>) = 0 [pid 5751] <... close resumed>) = 0 [pid 5751] mkdir("./file0", 0777) = 0 [pid 5750] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5751] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5750] chdir("./file0") = 0 [pid 5752] <... write resumed>) = 2097152 [pid 5750] ioctl(4, LOOP_CLR_FD) = 0 [ 124.412522][ T5751] loop0: detected capacity change from 0 to 4096 [pid 5750] close(4) = 0 [pid 5750] exit_group(0) = ? [pid 5750] +++ exited with 0 +++ [pid 5752] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5750, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5752] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5752] ioctl(4, LOOP_SET_FD, 3 [pid 5754] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... umount2 resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(3, "", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] newfstatat(AT_FDCWD, "./113/file0", [pid 5051] getdents64(3, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./112/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./112/binderfs") = 0 [pid 5051] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, [pid 5051] <... umount2 resumed>) = 0 [pid 5753] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5752] <... ioctl resumed>) = 0 [pid 5751] <... mount resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5752] close(3) = 0 [pid 5752] mkdir("./file0", 0777) = 0 [pid 5051] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(4, [pid 5751] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [ 124.468275][ T5751] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 124.495482][ T5752] loop5: detected capacity change from 0 to 4096 [pid 5752] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5751] <... openat resumed>) = 3 [pid 5751] chdir("./file0" [pid 5051] newfstatat(AT_FDCWD, "./112/file0", [pid 5050] close(4 [pid 5751] <... chdir resumed>) = 0 [pid 5751] ioctl(4, LOOP_CLR_FD [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./113/file0" [pid 5051] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5751] <... ioctl resumed>) = 0 [pid 5751] close(4) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5751] exit_group(0 [pid 5051] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5751] <... exit_group resumed>) = ? [pid 5051] <... openat resumed>) = 4 [pid 5050] <... rmdir resumed>) = 0 [pid 5751] +++ exited with 0 +++ [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5751, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(4, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(3, [pid 5047] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] close(4 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5051] <... close resumed>) = 0 [pid 5050] close(3 [pid 5047] newfstatat(3, "", [pid 5051] rmdir("./112/file0" [pid 5050] <... close resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] rmdir("./113" [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./116/binderfs") = 0 [pid 5047] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5754] <... write resumed>) = 2097152 [pid 5051] getdents64(3, [pid 5050] <... rmdir resumed>) = 0 [pid 5754] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] mkdir("./114", 0777 [pid 5753] <... write resumed>) = 2097152 [pid 5051] close(3 [pid 5050] <... mkdir resumed>) = 0 [pid 5753] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5051] rmdir("./112" [pid 5050] <... openat resumed>) = 3 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3 [pid 5051] mkdir("./113", 0777 [pid 5050] <... close resumed>) = 0 [ 124.547551][ T5752] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5755 attached [pid 5755] set_robust_list(0x555556629660, 24) = 0 [pid 5754] <... munmap resumed>) = 0 [pid 5753] <... munmap resumed>) = 0 [pid 5752] <... mount resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5755 [pid 5754] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5753] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5755] chdir("./114" [pid 5754] <... openat resumed>) = 4 [pid 5753] <... openat resumed>) = 4 [pid 5047] <... umount2 resumed>) = 0 [pid 5754] ioctl(4, LOOP_SET_FD, 3 [pid 5753] ioctl(4, LOOP_SET_FD, 3 [pid 5755] <... chdir resumed>) = 0 [pid 5752] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5755] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5752] <... openat resumed>) = 3 [pid 5047] newfstatat(AT_FDCWD, "./116/file0", [pid 5755] <... prctl resumed>) = 0 [pid 5752] chdir("./file0" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5752] <... chdir resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5752] ioctl(4, LOOP_CLR_FD [pid 5047] newfstatat(4, "", [pid 5752] <... ioctl resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5755] setpgid(0, 0 [pid 5752] close(4 [pid 5047] getdents64(4, [pid 5755] <... setpgid resumed>) = 0 [pid 5752] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5755] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5752] exit_group(0 [pid 5047] getdents64(4, [pid 5755] <... openat resumed>) = 3 [pid 5752] <... exit_group resumed>) = ? [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5752] +++ exited with 0 +++ [pid 5047] close(4 [pid 5051] <... openat resumed>) = 3 [pid 5047] <... close resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5752, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5047] rmdir("./116/file0" [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5047] <... rmdir resumed>) = 0 [pid 5052] <... restart_syscall resumed>) = 0 [pid 5755] write(3, "1000", 4 [pid 5047] getdents64(3, [pid 5052] umount2("./112", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5755] <... write resumed>) = 4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./116") = 0 [pid 5755] close(3 [pid 5754] <... ioctl resumed>) = 0 [pid 5753] <... ioctl resumed>) = 0 [pid 5052] getdents64(3, [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5755] <... close resumed>) = 0 [pid 5753] close(3 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5754] close(3 [pid 5047] mkdir("./117", 0777 [pid 5753] <... close resumed>) = 0 [pid 5754] <... close resumed>) = 0 [pid 5753] mkdir("./file0", 0777 [pid 5051] close(3 [pid 5755] symlink("/dev/binderfs", "./binderfs" [pid 5754] mkdir("./file0", 0777 [pid 5753] <... mkdir resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5753] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5755] <... symlink resumed>) = 0 [pid 5754] <... mkdir resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5755] memfd_create("syzkaller", 0 [pid 5052] umount2("./112/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 124.626083][ T5753] loop1: detected capacity change from 0 to 4096 [ 124.632924][ T5754] loop2: detected capacity change from 0 to 4096 [ 124.666147][ T5753] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5754] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] newfstatat(AT_FDCWD, "./112/binderfs", [pid 5047] <... ioctl resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] close(3 [pid 5755] <... memfd_create resumed>) = 3 [pid 5052] unlink("./112/binderfs" [pid 5755] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... unlink resumed>) = 0 [pid 5755] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5756 attached [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5756 [pid 5756] set_robust_list(0x555556629660, 24) = 0 [pid 5756] chdir("./113") = 0 [pid 5756] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5754] <... mount resumed>) = 0 [pid 5756] setpgid(0, 0) = 0 [pid 5756] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5754] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5756] <... openat resumed>) = 3 [pid 5754] <... openat resumed>) = 3 [pid 5756] write(3, "1000", 4 [pid 5754] chdir("./file0" [pid 5756] <... write resumed>) = 4 [pid 5754] <... chdir resumed>) = 0 [pid 5754] ioctl(4, LOOP_CLR_FD [pid 5756] close(3 [pid 5754] <... ioctl resumed>) = 0 [pid 5756] <... close resumed>) = 0 [ 124.676228][ T5754] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5756] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5754] close(4 [pid 5756] memfd_create("syzkaller", 0 [pid 5754] <... close resumed>) = 0 [pid 5756] <... memfd_create resumed>) = 3 [pid 5754] exit_group(0 [pid 5052] <... umount2 resumed>) = 0 [pid 5756] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5754] <... exit_group resumed>) = ? [pid 5047] <... close resumed>) = 0 [pid 5756] <... mmap resumed>) = 0x7f3b887a1000 [pid 5754] +++ exited with 0 +++ [pid 5753] <... mount resumed>) = 0 [pid 5052] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5754, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5753] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5753] <... openat resumed>) = 3 [pid 5052] newfstatat(AT_FDCWD, "./112/file0", [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5757 [pid 5753] chdir("./file0" [pid 5049] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5757 attached [pid 5753] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5757] set_robust_list(0x555556629660, 24 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5757] <... set_robust_list resumed>) = 0 [pid 5049] unlink("./116/binderfs" [pid 5757] chdir("./117" [pid 5049] <... unlink resumed>) = 0 [pid 5757] <... chdir resumed>) = 0 [pid 5753] ioctl(4, LOOP_CLR_FD [pid 5052] umount2("./112/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5757] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5757] <... prctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5757] setpgid(0, 0) = 0 [pid 5757] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5753] <... ioctl resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", [pid 5753] close(4 [pid 5757] write(3, "1000", 4) = 4 [pid 5757] close(3) = 0 [pid 5757] symlink("/dev/binderfs", "./binderfs" [pid 5753] <... close resumed>) = 0 [pid 5757] <... symlink resumed>) = 0 [pid 5757] memfd_create("syzkaller", 0 [pid 5755] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5753] exit_group(0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5757] <... memfd_create resumed>) = 3 [pid 5757] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5753] <... exit_group resumed>) = ? [pid 5052] getdents64(4, [pid 5753] +++ exited with 0 +++ [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5753, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5049] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5052] close(4) = 0 [pid 5049] newfstatat(4, "", [pid 5052] rmdir("./112/file0" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] getdents64(4, [pid 5048] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5756] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] getdents64(3, [pid 5049] getdents64(4, [pid 5048] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3 [pid 5048] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] newfstatat(3, "", [pid 5052] rmdir("./112" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5049] close(4 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] mkdir("./113", 0777 [pid 5049] <... close resumed>) = 0 [pid 5048] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./114/binderfs", [pid 5052] <... mkdir resumed>) = 0 [pid 5049] rmdir("./116/file0" [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] <... rmdir resumed>) = 0 [pid 5048] unlink("./114/binderfs" [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5048] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] close(3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... close resumed>) = 0 [pid 5052] close(3 [pid 5049] rmdir("./116") = 0 [pid 5049] mkdir("./117", 0777 [pid 5052] <... close resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5758 attached [pid 5755] <... write resumed>) = 2097152 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5758] set_robust_list(0x555556629660, 24 [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5758] <... set_robust_list resumed>) = 0 [pid 5758] chdir("./113") = 0 ./strace-static-x86_64: Process 5759 attached [pid 5758] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5759] set_robust_list(0x555556629660, 24 [pid 5758] <... prctl resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5759 [pid 5759] <... set_robust_list resumed>) = 0 [pid 5758] setpgid(0, 0 [pid 5759] chdir("./117" [pid 5758] <... setpgid resumed>) = 0 [pid 5758] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5758 [pid 5758] <... openat resumed>) = 3 [pid 5759] <... chdir resumed>) = 0 [pid 5758] write(3, "1000", 4) = 4 [pid 5758] close(3) = 0 [pid 5758] symlink("/dev/binderfs", "./binderfs" [pid 5759] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5758] <... symlink resumed>) = 0 [pid 5755] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5759] <... prctl resumed>) = 0 [pid 5758] memfd_create("syzkaller", 0 [pid 5759] setpgid(0, 0) = 0 [pid 5758] <... memfd_create resumed>) = 3 [pid 5759] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5758] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5759] <... openat resumed>) = 3 [pid 5758] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... umount2 resumed>) = 0 [pid 5759] write(3, "1000", 4 [pid 5755] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5759] <... write resumed>) = 4 [pid 5755] <... openat resumed>) = 4 [pid 5759] close(3 [pid 5757] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5755] ioctl(4, LOOP_SET_FD, 3 [pid 5756] <... write resumed>) = 2097152 [pid 5048] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5759] <... close resumed>) = 0 [pid 5759] symlink("/dev/binderfs", "./binderfs" [pid 5756] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./114/file0", [pid 5759] <... symlink resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5759] memfd_create("syzkaller", 0 [pid 5048] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5755] <... ioctl resumed>) = 0 [pid 5755] close(3) = 0 [pid 5755] mkdir("./file0", 0777) = 0 [pid 5048] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5755] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5048] <... openat resumed>) = 4 [pid 5759] <... memfd_create resumed>) = 3 [pid 5048] newfstatat(4, "", [pid 5759] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5756] <... munmap resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5756] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5759] <... mmap resumed>) = 0x7f3b887a1000 [pid 5756] <... openat resumed>) = 4 [pid 5756] ioctl(4, LOOP_SET_FD, 3 [pid 5048] getdents64(4, [pid 5756] <... ioctl resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./114/file0" [pid 5756] close(3 [pid 5048] <... rmdir resumed>) = 0 [pid 5756] <... close resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5756] mkdir("./file0", 0777 [pid 5048] close(3) = 0 [pid 5048] rmdir("./114") = 0 [pid 5756] <... mkdir resumed>) = 0 [pid 5756] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5048] mkdir("./115", 0777) = 0 [ 124.925221][ T5755] loop3: detected capacity change from 0 to 4096 [ 124.953255][ T5755] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 124.964025][ T5756] loop4: detected capacity change from 0 to 4096 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5757] <... write resumed>) = 2097152 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5757] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5757] <... munmap resumed>) = 0 [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5760 ./strace-static-x86_64: Process 5760 attached [pid 5758] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5757] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5760] set_robust_list(0x555556629660, 24 [pid 5757] <... openat resumed>) = 4 [pid 5760] <... set_robust_list resumed>) = 0 [pid 5757] ioctl(4, LOOP_SET_FD, 3 [ 124.992362][ T5756] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5760] chdir("./115") = 0 [pid 5755] <... mount resumed>) = 0 [pid 5760] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5760] setpgid(0, 0 [pid 5755] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5760] <... setpgid resumed>) = 0 [pid 5755] <... openat resumed>) = 3 [pid 5760] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5755] chdir("./file0" [pid 5760] write(3, "1000", 4 [pid 5757] <... ioctl resumed>) = 0 [pid 5755] <... chdir resumed>) = 0 [pid 5755] ioctl(4, LOOP_CLR_FD [pid 5760] <... write resumed>) = 4 [pid 5755] <... ioctl resumed>) = 0 [pid 5760] close(3 [pid 5755] close(4 [pid 5760] <... close resumed>) = 0 [pid 5755] <... close resumed>) = 0 [pid 5760] symlink("/dev/binderfs", "./binderfs" [pid 5755] exit_group(0) = ? [pid 5760] <... symlink resumed>) = 0 [pid 5755] +++ exited with 0 +++ [pid 5760] memfd_create("syzkaller", 0) = 3 [pid 5756] <... mount resumed>) = 0 [pid 5760] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5759] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5757] close(3 [pid 5756] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5755, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5757] <... close resumed>) = 0 [pid 5757] mkdir("./file0", 0777 [pid 5756] <... openat resumed>) = 3 [pid 5757] <... mkdir resumed>) = 0 [pid 5758] <... write resumed>) = 2097152 [pid 5757] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5050] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5756] chdir("./file0" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5756] <... chdir resumed>) = 0 [pid 5756] ioctl(4, LOOP_CLR_FD) = 0 [pid 5756] close(4 [ 125.032610][ T5757] loop0: detected capacity change from 0 to 4096 [pid 5050] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5756] <... close resumed>) = 0 [pid 5756] exit_group(0 [pid 5050] <... openat resumed>) = 3 [pid 5756] <... exit_group resumed>) = ? [pid 5050] newfstatat(3, "", [pid 5758] munmap(0x7f3b887a1000, 138412032 [pid 5756] +++ exited with 0 +++ [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5756, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(AT_FDCWD, "./114/binderfs", [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5759] <... write resumed>) = 2097152 [pid 5758] <... munmap resumed>) = 0 [pid 5051] getdents64(3, [pid 5050] unlink("./114/binderfs" [pid 5759] munmap(0x7f3b887a1000, 138412032 [pid 5758] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... unlink resumed>) = 0 [pid 5759] <... munmap resumed>) = 0 [pid 5758] <... openat resumed>) = 4 [pid 5051] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5759] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5758] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = 0 [pid 5759] <... openat resumed>) = 4 [pid 5051] newfstatat(AT_FDCWD, "./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] unlink("./113/binderfs") = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(AT_FDCWD, "./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 125.104197][ T5757] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 125.128264][ T5758] loop5: detected capacity change from 0 to 4096 [pid 5760] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5759] ioctl(4, LOOP_SET_FD, 3 [pid 5050] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5757] <... mount resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./114/file0" [pid 5758] <... ioctl resumed>) = 0 [pid 5757] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... rmdir resumed>) = 0 [pid 5758] close(3 [pid 5757] <... openat resumed>) = 3 [pid 5050] getdents64(3, [pid 5758] <... close resumed>) = 0 [pid 5757] chdir("./file0" [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5758] mkdir("./file0", 0777 [pid 5757] <... chdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5759] <... ioctl resumed>) = 0 [pid 5757] ioctl(4, LOOP_CLR_FD [pid 5050] rmdir("./114" [pid 5758] <... mkdir resumed>) = 0 [pid 5757] <... ioctl resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5758] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5757] close(4 [pid 5050] mkdir("./115", 0777 [pid 5759] close(3 [pid 5757] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5759] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5759] mkdir("./file0", 0777) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5759] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5051] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./113/file0", ./strace-static-x86_64: Process 5761 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5761] set_robust_list(0x555556629660, 24 [pid 5051] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5761] <... set_robust_list resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5761] chdir("./115" [pid 5051] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5761] <... chdir resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5761 [pid 5761] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5757] exit_group(0 [ 125.159269][ T5759] loop2: detected capacity change from 0 to 4096 [ 125.189398][ T5758] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5051] newfstatat(4, "", [pid 5761] setpgid(0, 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5761] <... setpgid resumed>) = 0 [pid 5760] <... write resumed>) = 2097152 [pid 5757] <... exit_group resumed>) = ? [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5761] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./113/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5761] <... openat resumed>) = 3 [pid 5051] close(3) = 0 [pid 5051] rmdir("./113") = 0 [pid 5761] write(3, "1000", 4 [pid 5051] mkdir("./114", 0777 [pid 5761] <... write resumed>) = 4 [pid 5051] <... mkdir resumed>) = 0 [pid 5761] close(3) = 0 [pid 5761] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5761] memfd_create("syzkaller", 0 [pid 5757] +++ exited with 0 +++ [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5761] <... memfd_create resumed>) = 3 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5762 [pid 5761] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5757, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 5761] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5762 attached [pid 5762] set_robust_list(0x555556629660, 24) = 0 [pid 5762] chdir("./114") = 0 [pid 5762] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] <... restart_syscall resumed>) = 0 [pid 5762] <... prctl resumed>) = 0 [pid 5762] setpgid(0, 0) = 0 [ 125.202071][ T5759] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5047] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5762] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5760] munmap(0x7f3b887a1000, 138412032 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5762] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", [pid 5762] write(3, "1000", 4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5762] <... write resumed>) = 4 [pid 5762] close(3 [pid 5047] getdents64(3, [pid 5762] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5762] symlink("/dev/binderfs", "./binderfs" [pid 5047] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5762] <... symlink resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./117/binderfs") = 0 [pid 5047] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5762] memfd_create("syzkaller", 0 [pid 5760] <... munmap resumed>) = 0 [pid 5760] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5760] ioctl(4, LOOP_SET_FD, 3 [pid 5762] <... memfd_create resumed>) = 3 [pid 5762] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5761] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5760] <... ioctl resumed>) = 0 [pid 5760] close(3) = 0 [pid 5760] mkdir("./file0", 0777) = 0 [pid 5760] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5047] <... umount2 resumed>) = 0 [pid 5758] <... mount resumed>) = 0 [ 125.283660][ T5760] loop1: detected capacity change from 0 to 4096 [pid 5758] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5758] chdir("./file0") = 0 [pid 5758] ioctl(4, LOOP_CLR_FD) = 0 [pid 5758] close(4) = 0 [pid 5758] exit_group(0) = ? [pid 5758] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5758, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5052] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5047] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] umount2("./113", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(4, "", [pid 5052] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5047] getdents64(4, [pid 5052] newfstatat(3, "", [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4 [pid 5052] getdents64(3, [pid 5047] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] rmdir("./117/file0") = 0 [pid 5052] umount2("./113/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(3, [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] newfstatat(AT_FDCWD, "./113/binderfs", [pid 5047] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... close resumed>) = 0 [pid 5052] unlink("./113/binderfs") = 0 [pid 5760] <... mount resumed>) = 0 [pid 5047] rmdir("./117" [pid 5760] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5760] <... openat resumed>) = 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5759] <... mount resumed>) = 0 [pid 5762] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5759] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] mkdir("./118", 0777) = 0 [pid 5759] <... openat resumed>) = 3 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5759] chdir("./file0" [pid 5047] <... openat resumed>) = 3 [pid 5759] <... chdir resumed>) = 0 [pid 5760] chdir("./file0" [pid 5759] ioctl(4, LOOP_CLR_FD [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5760] <... chdir resumed>) = 0 [pid 5759] <... ioctl resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [ 125.335004][ T5760] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5759] close(4 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5759] <... close resumed>) = 0 [pid 5759] exit_group(0 [pid 5052] <... umount2 resumed>) = 0 [pid 5052] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5763 attached [pid 5760] ioctl(4, LOOP_CLR_FD [pid 5759] <... exit_group resumed>) = ? [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5763 [pid 5760] <... ioctl resumed>) = 0 [pid 5763] set_robust_list(0x555556629660, 24 [pid 5760] close(4 [pid 5052] newfstatat(AT_FDCWD, "./113/file0", [pid 5760] <... close resumed>) = 0 [pid 5763] <... set_robust_list resumed>) = 0 [pid 5760] exit_group(0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5760] <... exit_group resumed>) = ? [pid 5763] chdir("./118" [pid 5052] umount2("./113/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5763] <... chdir resumed>) = 0 [pid 5761] <... write resumed>) = 2097152 [pid 5760] +++ exited with 0 +++ [pid 5052] <... openat resumed>) = 4 [pid 5763] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5759] +++ exited with 0 +++ [pid 5052] newfstatat(4, "", [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5760, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5763] setpgid(0, 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5759, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=6 /* 0.06 s */} --- [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5763] <... setpgid resumed>) = 0 [pid 5761] munmap(0x7f3b887a1000, 138412032 [pid 5052] getdents64(4, [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5048] <... restart_syscall resumed>) = 0 [pid 5763] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5761] <... munmap resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5763] <... openat resumed>) = 3 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5763] write(3, "1000", 4 [pid 5052] close(4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5763] <... write resumed>) = 4 [pid 5052] <... close resumed>) = 0 [pid 5049] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5049] newfstatat(3, "", [pid 5048] newfstatat(3, "", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5763] close(3 [pid 5761] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] rmdir("./113/file0" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] getdents64(3, [pid 5763] <... close resumed>) = 0 [pid 5761] <... openat resumed>) = 4 [pid 5049] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5763] symlink("/dev/binderfs", "./binderfs" [pid 5761] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5763] <... symlink resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./117/binderfs", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5763] memfd_create("syzkaller", 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(AT_FDCWD, "./115/binderfs", [pid 5052] getdents64(3, [pid 5049] unlink("./117/binderfs" [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./115/binderfs" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5052] close(3 [pid 5049] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5763] <... memfd_create resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5763] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5052] rmdir("./113") = 0 [pid 5761] <... ioctl resumed>) = 0 [pid 5761] close(3) = 0 [pid 5761] mkdir("./file0", 0777) = 0 [pid 5761] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] mkdir("./114", 0777 [pid 5049] <... umount2 resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [ 125.449422][ T5761] loop3: detected capacity change from 0 to 4096 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5762] <... write resumed>) = 2097152 [pid 5052] <... close resumed>) = 0 [pid 5049] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5764 attached [pid 5762] munmap(0x7f3b887a1000, 138412032 [pid 5049] newfstatat(AT_FDCWD, "./117/file0", [pid 5048] <... umount2 resumed>) = 0 [pid 5764] set_robust_list(0x555556629660, 24 [pid 5048] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5764] <... set_robust_list resumed>) = 0 [pid 5762] <... munmap resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5764 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(AT_FDCWD, "./115/file0", [pid 5764] chdir("./114" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5764] <... chdir resumed>) = 0 [pid 5049] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5764] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5764] <... prctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5764] setpgid(0, 0 [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", [pid 5764] <... setpgid resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5764] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] getdents64(4, [pid 5764] <... openat resumed>) = 3 [pid 5049] <... openat resumed>) = 4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5764] write(3, "1000", 4 [pid 5048] getdents64(4, [pid 5764] <... write resumed>) = 4 [pid 5049] newfstatat(4, "", [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5764] close(3 [pid 5762] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] close(4 [pid 5764] <... close resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5764] symlink("/dev/binderfs", "./binderfs" [pid 5762] <... openat resumed>) = 4 [pid 5049] getdents64(4, [pid 5048] rmdir("./115/file0" [pid 5764] <... symlink resumed>) = 0 [pid 5762] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... rmdir resumed>) = 0 [ 125.492606][ T5761] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5049] getdents64(4, [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./115") = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./117/file0" [pid 5048] mkdir("./116", 0777 [pid 5764] memfd_create("syzkaller", 0 [pid 5763] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5764] <... memfd_create resumed>) = 3 [pid 5049] getdents64(3, [pid 5764] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5764] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] close(3) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5049] rmdir("./117" [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] mkdir("./118", 0777./strace-static-x86_64: Process 5765 attached [pid 5765] set_robust_list(0x555556629660, 24 [pid 5049] <... mkdir resumed>) = 0 [pid 5765] <... set_robust_list resumed>) = 0 [pid 5762] <... ioctl resumed>) = 0 [pid 5765] chdir("./116" [pid 5762] close(3 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5765 [pid 5765] <... chdir resumed>) = 0 [pid 5762] <... close resumed>) = 0 [pid 5765] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5762] mkdir("./file0", 0777) = 0 [pid 5765] <... prctl resumed>) = 0 [pid 5765] setpgid(0, 0) = 0 [pid 5765] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5765] write(3, "1000", 4 [pid 5762] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5765] <... write resumed>) = 4 [pid 5765] close(3) = 0 [ 125.548644][ T5762] loop4: detected capacity change from 0 to 4096 [pid 5765] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5049] <... openat resumed>) = 3 [pid 5765] memfd_create("syzkaller", 0 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5765] <... memfd_create resumed>) = 3 [pid 5765] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5766 ./strace-static-x86_64: Process 5766 attached [pid 5763] <... write resumed>) = 2097152 [pid 5766] set_robust_list(0x555556629660, 24) = 0 [pid 5766] chdir("./118") = 0 [pid 5766] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5766] setpgid(0, 0) = 0 [pid 5766] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5766] write(3, "1000", 4 [pid 5761] <... mount resumed>) = 0 [pid 5761] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5766] <... write resumed>) = 4 [pid 5761] <... openat resumed>) = 3 [pid 5766] close(3 [pid 5761] chdir("./file0" [pid 5764] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5766] <... close resumed>) = 0 [pid 5761] <... chdir resumed>) = 0 [pid 5766] symlink("/dev/binderfs", "./binderfs" [pid 5763] munmap(0x7f3b887a1000, 138412032 [pid 5761] ioctl(4, LOOP_CLR_FD [pid 5766] <... symlink resumed>) = 0 [pid 5761] <... ioctl resumed>) = 0 [ 125.603473][ T5762] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5766] memfd_create("syzkaller", 0 [pid 5763] <... munmap resumed>) = 0 [pid 5761] close(4 [pid 5766] <... memfd_create resumed>) = 3 [pid 5761] <... close resumed>) = 0 [pid 5766] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5761] exit_group(0 [pid 5766] <... mmap resumed>) = 0x7f3b887a1000 [pid 5761] <... exit_group resumed>) = ? [pid 5761] +++ exited with 0 +++ [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5761, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5050] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5763] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5050] <... openat resumed>) = 3 [pid 5763] <... openat resumed>) = 4 [pid 5050] newfstatat(3, "", [pid 5763] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./115/binderfs") = 0 [pid 5050] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5763] <... ioctl resumed>) = 0 [pid 5763] close(3) = 0 [pid 5763] mkdir("./file0", 0777) = 0 [pid 5763] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5050] <... umount2 resumed>) = 0 [pid 5050] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5765] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... close resumed>) = 0 [pid 5764] <... write resumed>) = 2097152 [pid 5050] rmdir("./115/file0") = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./115") = 0 [pid 5050] mkdir("./116", 0777) = 0 [pid 5764] munmap(0x7f3b887a1000, 138412032 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [ 125.677003][ T5763] loop0: detected capacity change from 0 to 4096 [ 125.712741][ T5763] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5766] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5767 attached [pid 5767] set_robust_list(0x555556629660, 24) = 0 [pid 5767] chdir("./116") = 0 [pid 5767] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5767 [pid 5767] <... prctl resumed>) = 0 [pid 5767] setpgid(0, 0) = 0 [pid 5767] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5764] <... munmap resumed>) = 0 [pid 5767] <... openat resumed>) = 3 [pid 5767] write(3, "1000", 4) = 4 [pid 5764] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5762] <... mount resumed>) = 0 [pid 5767] close(3 [pid 5764] <... openat resumed>) = 4 [pid 5767] <... close resumed>) = 0 [pid 5767] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5764] ioctl(4, LOOP_SET_FD, 3 [pid 5767] memfd_create("syzkaller", 0 [pid 5764] <... ioctl resumed>) = 0 [pid 5762] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5767] <... memfd_create resumed>) = 3 [pid 5762] <... openat resumed>) = 3 [pid 5767] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5765] <... write resumed>) = 2097152 [pid 5767] <... mmap resumed>) = 0x7f3b887a1000 [pid 5764] close(3 [pid 5762] chdir("./file0" [pid 5764] <... close resumed>) = 0 [pid 5764] mkdir("./file0", 0777 [pid 5762] <... chdir resumed>) = 0 [pid 5765] munmap(0x7f3b887a1000, 138412032 [pid 5764] <... mkdir resumed>) = 0 [pid 5762] ioctl(4, LOOP_CLR_FD) = 0 [pid 5764] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5762] close(4 [pid 5765] <... munmap resumed>) = 0 [pid 5765] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5762] <... close resumed>) = 0 [pid 5762] exit_group(0 [pid 5765] <... openat resumed>) = 4 [pid 5762] <... exit_group resumed>) = ? [ 125.785462][ T5764] loop5: detected capacity change from 0 to 4096 [pid 5765] ioctl(4, LOOP_SET_FD, 3 [pid 5762] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5762, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./114/binderfs") = 0 [pid 5051] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5765] <... ioctl resumed>) = 0 [pid 5766] <... write resumed>) = 2097152 [pid 5766] munmap(0x7f3b887a1000, 138412032 [pid 5765] close(3) = 0 [pid 5765] mkdir("./file0", 0777) = 0 [pid 5765] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5763] <... mount resumed>) = 0 [pid 5766] <... munmap resumed>) = 0 [pid 5763] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5766] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5763] <... openat resumed>) = 3 [pid 5766] <... openat resumed>) = 4 [pid 5763] chdir("./file0" [pid 5766] ioctl(4, LOOP_SET_FD, 3 [pid 5763] <... chdir resumed>) = 0 [ 125.826735][ T5765] loop1: detected capacity change from 0 to 4096 [ 125.835485][ T5764] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5763] ioctl(4, LOOP_CLR_FD) = 0 [pid 5767] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5763] close(4 [pid 5766] <... ioctl resumed>) = 0 [pid 5763] <... close resumed>) = 0 [pid 5764] <... mount resumed>) = 0 [pid 5763] exit_group(0 [pid 5051] <... umount2 resumed>) = 0 [pid 5766] close(3 [pid 5763] <... exit_group resumed>) = ? [pid 5766] <... close resumed>) = 0 [pid 5763] +++ exited with 0 +++ [pid 5766] mkdir("./file0", 0777 [pid 5764] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5763, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5766] <... mkdir resumed>) = 0 [pid 5764] <... openat resumed>) = 3 [pid 5051] newfstatat(AT_FDCWD, "./114/file0", [pid 5764] chdir("./file0" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5764] <... chdir resumed>) = 0 [pid 5051] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5764] ioctl(4, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5764] <... ioctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5764] close(4 [pid 5051] <... openat resumed>) = 4 [pid 5047] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5766] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5764] <... close resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5764] exit_group(0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 125.876903][ T5766] loop2: detected capacity change from 0 to 4096 [ 125.877356][ T5765] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5047] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5764] <... exit_group resumed>) = ? [pid 5051] getdents64(4, [pid 5047] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] newfstatat(3, "", [pid 5051] getdents64(4, [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] getdents64(3, [pid 5051] close(4 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... close resumed>) = 0 [pid 5047] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] rmdir("./114/file0" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... rmdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./118/binderfs", [pid 5051] getdents64(3, [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] unlink("./118/binderfs" [pid 5051] close(3 [pid 5047] <... unlink resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5047] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] rmdir("./114") = 0 [pid 5764] +++ exited with 0 +++ [pid 5051] mkdir("./115", 0777) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5764, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5052] umount2("./114", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] newfstatat(3, "", [pid 5051] <... openat resumed>) = 3 [pid 5767] <... write resumed>) = 2097152 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5047] <... umount2 resumed>) = 0 [pid 5052] getdents64(3, [pid 5047] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] newfstatat(AT_FDCWD, "./118/file0", [pid 5052] umount2("./114/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./114/binderfs", [pid 5047] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] unlink("./114/binderfs" [pid 5047] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... unlink resumed>) = 0 [pid 5051] close(3 [pid 5047] <... openat resumed>) = 4 [pid 5052] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5768 attached [pid 5047] getdents64(4, [pid 5768] set_robust_list(0x555556629660, 24 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5768] <... set_robust_list resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5768 [pid 5047] getdents64(4, [pid 5768] chdir("./115" [pid 5767] munmap(0x7f3b887a1000, 138412032 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5768] <... chdir resumed>) = 0 [pid 5047] close(4 [pid 5768] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] <... close resumed>) = 0 [pid 5768] <... prctl resumed>) = 0 [pid 5047] rmdir("./118/file0" [pid 5768] setpgid(0, 0) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5768] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5767] <... munmap resumed>) = 0 [pid 5766] <... mount resumed>) = 0 [ 125.932589][ T5766] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5768] <... openat resumed>) = 3 [pid 5047] getdents64(3, [pid 5766] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5768] write(3, "1000", 4 [pid 5766] <... openat resumed>) = 3 [pid 5768] <... write resumed>) = 4 [pid 5767] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5766] chdir("./file0" [pid 5047] close(3 [pid 5768] close(3 [pid 5767] <... openat resumed>) = 4 [pid 5047] <... close resumed>) = 0 [pid 5768] <... close resumed>) = 0 [pid 5767] ioctl(4, LOOP_SET_FD, 3 [pid 5766] <... chdir resumed>) = 0 [pid 5047] rmdir("./118" [pid 5768] symlink("/dev/binderfs", "./binderfs" [pid 5766] ioctl(4, LOOP_CLR_FD [pid 5765] <... mount resumed>) = 0 [pid 5768] <... symlink resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5768] memfd_create("syzkaller", 0 [pid 5766] <... ioctl resumed>) = 0 [pid 5047] mkdir("./119", 0777) = 0 [pid 5765] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5765] chdir("./file0" [pid 5768] <... memfd_create resumed>) = 3 [pid 5765] <... chdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5768] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5765] ioctl(4, LOOP_CLR_FD [pid 5047] <... openat resumed>) = 3 [pid 5765] <... ioctl resumed>) = 0 [pid 5765] close(4 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5765] <... close resumed>) = 0 [pid 5047] <... ioctl resumed>) = 0 [pid 5765] exit_group(0 [pid 5047] close(3 [pid 5768] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] <... close resumed>) = 0 [pid 5765] <... exit_group resumed>) = ? [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5766] close(4) = 0 [pid 5766] exit_group(0 [pid 5765] +++ exited with 0 +++ [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5769 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5765, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5767] <... ioctl resumed>) = 0 [pid 5767] close(3 [pid 5048] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5769 attached [pid 5767] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5769] set_robust_list(0x555556629660, 24 [pid 5767] mkdir("./file0", 0777 [pid 5766] <... exit_group resumed>) = ? [pid 5048] newfstatat(3, "", [pid 5769] <... set_robust_list resumed>) = 0 [pid 5767] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5769] chdir("./119" [pid 5048] getdents64(3, [pid 5769] <... chdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5769] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5766] +++ exited with 0 +++ [pid 5048] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5769] <... prctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5766, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5769] setpgid(0, 0 [pid 5052] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5769] <... setpgid resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./116/binderfs", [pid 5769] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] newfstatat(AT_FDCWD, "./114/file0", [pid 5769] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5769] write(3, "1000", 4 [pid 5767] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./114/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] unlink("./116/binderfs" [pid 5769] <... write resumed>) = 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... unlink resumed>) = 0 [ 126.001876][ T5767] loop3: detected capacity change from 0 to 4096 [pid 5769] close(3 [pid 5052] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5769] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(4, "", [pid 5049] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5769] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... openat resumed>) = 3 [pid 5769] <... symlink resumed>) = 0 [pid 5052] getdents64(4, [pid 5049] newfstatat(3, "", [pid 5769] memfd_create("syzkaller", 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(3, [pid 5052] getdents64(4, [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] close(4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... close resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./118/binderfs", [pid 5769] <... memfd_create resumed>) = 3 [pid 5052] rmdir("./114/file0" [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./118/binderfs" [pid 5769] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5769] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... unlink resumed>) = 0 [pid 5052] getdents64(3, [pid 5049] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./114") = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5049] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] mkdir("./115", 0777 [ 126.054541][ T5767] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5049] newfstatat(AT_FDCWD, "./118/file0", [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(4, "", [pid 5049] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5768] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", [pid 5048] getdents64(4, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] getdents64(4, [pid 5048] close(4 [pid 5052] <... openat resumed>) = 3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... close resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] getdents64(4, [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(3 [pid 5049] close(4) = 0 [pid 5048] rmdir("./116/file0" [pid 5049] rmdir("./118/file0") = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5052] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./116" [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] close(3 [pid 5048] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5770 attached [pid 5767] <... mount resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5048] mkdir("./117", 0777 [pid 5770] set_robust_list(0x555556629660, 24 [pid 5767] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5770 [pid 5049] rmdir("./118" [pid 5770] <... set_robust_list resumed>) = 0 [pid 5767] <... openat resumed>) = 3 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5767] chdir("./file0" [pid 5049] mkdir("./119", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5767] <... chdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5770] chdir("./115" [pid 5767] ioctl(4, LOOP_CLR_FD [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5767] <... ioctl resumed>) = 0 [pid 5049] close(3 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5770] <... chdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5048] close(3 [pid 5770] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5768] <... write resumed>) = 2097152 [pid 5767] close(4 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... close resumed>) = 0 [pid 5770] <... prctl resumed>) = 0 [pid 5767] <... close resumed>) = 0 ./strace-static-x86_64: Process 5771 attached [pid 5770] setpgid(0, 0 [pid 5767] exit_group(0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5771] set_robust_list(0x555556629660, 24 [pid 5770] <... setpgid resumed>) = 0 [pid 5767] <... exit_group resumed>) = ? [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5771 [pid 5770] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5772 ./strace-static-x86_64: Process 5772 attached [pid 5771] <... set_robust_list resumed>) = 0 [pid 5770] <... openat resumed>) = 3 [pid 5769] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5768] munmap(0x7f3b887a1000, 138412032 [pid 5767] +++ exited with 0 +++ [pid 5772] set_robust_list(0x555556629660, 24 [pid 5771] chdir("./119" [pid 5770] write(3, "1000", 4 [pid 5768] <... munmap resumed>) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5767, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5772] <... set_robust_list resumed>) = 0 [pid 5771] <... chdir resumed>) = 0 [pid 5770] <... write resumed>) = 4 [pid 5772] chdir("./117" [pid 5771] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5770] close(3 [pid 5772] <... chdir resumed>) = 0 [pid 5771] <... prctl resumed>) = 0 [pid 5770] <... close resumed>) = 0 [pid 5770] symlink("/dev/binderfs", "./binderfs" [pid 5772] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5771] setpgid(0, 0 [pid 5770] <... symlink resumed>) = 0 [pid 5050] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5772] <... prctl resumed>) = 0 [pid 5771] <... setpgid resumed>) = 0 [pid 5768] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5768] ioctl(4, LOOP_SET_FD, 3 [pid 5050] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5772] setpgid(0, 0 [pid 5771] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5770] memfd_create("syzkaller", 0 [pid 5050] <... openat resumed>) = 3 [pid 5772] <... setpgid resumed>) = 0 [pid 5771] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5770] <... memfd_create resumed>) = 3 [pid 5768] <... ioctl resumed>) = 0 [pid 5772] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5770] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] getdents64(3, [pid 5768] close(3 [pid 5770] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5768] <... close resumed>) = 0 [pid 5768] mkdir("./file0", 0777) = 0 [pid 5768] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5772] <... openat resumed>) = 3 [pid 5771] write(3, "1000", 4 [pid 5769] <... write resumed>) = 2097152 [pid 5050] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5772] write(3, "1000", 4 [pid 5771] <... write resumed>) = 4 [pid 5772] <... write resumed>) = 4 [pid 5771] close(3 [pid 5769] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5772] close(3 [pid 5771] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./116/binderfs", [pid 5772] <... close resumed>) = 0 [pid 5771] symlink("/dev/binderfs", "./binderfs" [pid 5772] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5771] <... symlink resumed>) = 0 [pid 5769] <... munmap resumed>) = 0 [pid 5772] <... symlink resumed>) = 0 [pid 5771] memfd_create("syzkaller", 0 [pid 5770] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] unlink("./116/binderfs" [pid 5771] <... memfd_create resumed>) = 3 [pid 5769] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5050] <... unlink resumed>) = 0 [pid 5771] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5771] <... mmap resumed>) = 0x7f3b887a1000 [pid 5769] <... openat resumed>) = 4 [ 126.248211][ T5768] loop4: detected capacity change from 0 to 4096 [ 126.283174][ T5768] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5769] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5769] close(3) = 0 [pid 5769] mkdir("./file0", 0777 [pid 5772] memfd_create("syzkaller", 0) = 3 [pid 5772] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5769] <... mkdir resumed>) = 0 [pid 5769] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5772] <... mmap resumed>) = 0x7f3b887a1000 [pid 5770] <... write resumed>) = 2097152 [pid 5770] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5768] <... mount resumed>) = 0 [pid 5770] openat(AT_FDCWD, "/dev/loop5", O_RDWR [ 126.315051][ T5769] loop0: detected capacity change from 0 to 4096 [ 126.348912][ T5769] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5768] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5770] <... openat resumed>) = 4 [pid 5768] <... openat resumed>) = 3 [pid 5050] <... umount2 resumed>) = 0 [pid 5050] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5770] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5771] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5770] <... ioctl resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./116/file0", [pid 5768] chdir("./file0" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5768] <... chdir resumed>) = 0 [pid 5768] ioctl(4, LOOP_CLR_FD) = 0 [pid 5768] close(4) = 0 [pid 5050] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", [pid 5768] exit_group(0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5768] <... exit_group resumed>) = ? [pid 5050] getdents64(4, [pid 5768] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5768, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5772] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] close(4 [pid 5051] getdents64(3, [pid 5050] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] rmdir("./116/file0" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5770] close(3 [pid 5051] newfstatat(AT_FDCWD, "./115/binderfs", [pid 5050] <... rmdir resumed>) = 0 [pid 5770] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] getdents64(3, [pid 5770] mkdir("./file0", 0777 [pid 5051] unlink("./115/binderfs" [pid 5770] <... mkdir resumed>) = 0 [pid 5769] <... mount resumed>) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] close(3 [ 126.404758][ T5770] loop5: detected capacity change from 0 to 4096 [pid 5770] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5771] <... write resumed>) = 2097152 [pid 5050] <... close resumed>) = 0 [pid 5771] munmap(0x7f3b887a1000, 138412032 [pid 5769] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] rmdir("./116" [pid 5769] <... openat resumed>) = 3 [pid 5769] chdir("./file0") = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5769] ioctl(4, LOOP_CLR_FD [pid 5050] mkdir("./117", 0777 [pid 5769] <... ioctl resumed>) = 0 [pid 5769] close(4 [pid 5772] <... write resumed>) = 2097152 [pid 5771] <... munmap resumed>) = 0 [pid 5769] <... close resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5772] munmap(0x7f3b887a1000, 138412032 [pid 5771] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5769] exit_group(0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5769] <... exit_group resumed>) = ? [pid 5050] <... openat resumed>) = 3 [pid 5772] <... munmap resumed>) = 0 [pid 5771] <... openat resumed>) = 4 [pid 5769] +++ exited with 0 +++ [pid 5051] <... umount2 resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5771] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] close(3 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5769, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5047] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./119/binderfs") = 0 [pid 5047] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5047] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5772] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5771] <... ioctl resumed>) = 0 [pid 5051] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... close resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./119/file0", [pid 5772] <... openat resumed>) = 4 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 126.462404][ T5770] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 126.495424][ T5771] loop2: detected capacity change from 0 to 4096 ./strace-static-x86_64: Process 5773 attached [pid 5772] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5773] set_robust_list(0x555556629660, 24 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5773] <... set_robust_list resumed>) = 0 [pid 5047] newfstatat(4, "", [pid 5773] chdir("./117" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5773] <... chdir resumed>) = 0 [pid 5047] getdents64(4, [pid 5773] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5773] <... prctl resumed>) = 0 [pid 5047] getdents64(4, [pid 5773] setpgid(0, 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5773] <... setpgid resumed>) = 0 [pid 5047] close(4 [pid 5773] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... close resumed>) = 0 [pid 5773] <... openat resumed>) = 3 [pid 5771] close(3 [pid 5051] newfstatat(AT_FDCWD, "./115/file0", [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5773 [pid 5047] rmdir("./119/file0" [pid 5771] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5772] <... ioctl resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5773] write(3, "1000", 4 [pid 5772] close(3 [pid 5771] mkdir("./file0", 0777 [pid 5051] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(3, [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5770] <... mount resumed>) = 0 [pid 5047] close(3 [pid 5051] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... close resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5047] rmdir("./119" [pid 5773] <... write resumed>) = 4 [pid 5772] <... close resumed>) = 0 [pid 5771] <... mkdir resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5047] <... rmdir resumed>) = 0 [pid 5773] close(3 [pid 5771] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5773] <... close resumed>) = 0 [pid 5772] mkdir("./file0", 0777 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5770] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] mkdir("./120", 0777 [pid 5773] symlink("/dev/binderfs", "./binderfs" [pid 5772] <... mkdir resumed>) = 0 [pid 5051] getdents64(4, [pid 5047] <... mkdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5773] <... symlink resumed>) = 0 [pid 5770] <... openat resumed>) = 3 [pid 5051] getdents64(4, [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] close(3 [pid 5770] chdir("./file0" [pid 5047] <... close resumed>) = 0 [pid 5770] <... chdir resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5770] ioctl(4, LOOP_CLR_FD) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5774 [pid 5770] close(4) = 0 [pid 5770] exit_group(0) = ? [pid 5770] +++ exited with 0 +++ ./strace-static-x86_64: Process 5774 attached [pid 5774] set_robust_list(0x555556629660, 24) = 0 [pid 5774] chdir("./120") = 0 [pid 5774] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5774] setpgid(0, 0) = 0 [pid 5774] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5774] write(3, "1000", 4) = 4 [pid 5774] close(3) = 0 [pid 5774] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5772] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5770, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] close(4) = 0 [ 126.514323][ T5772] loop1: detected capacity change from 0 to 4096 [ 126.547187][ T5771] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5051] rmdir("./115/file0" [pid 5774] memfd_create("syzkaller", 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5774] <... memfd_create resumed>) = 3 [pid 5773] memfd_create("syzkaller", 0 [pid 5052] umount2("./115", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5774] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(3, [pid 5774] <... mmap resumed>) = 0x7f3b887a1000 [pid 5773] <... memfd_create resumed>) = 3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5773] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] close(3 [pid 5052] <... openat resumed>) = 3 [pid 5773] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... close resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5051] rmdir("./115" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5051] mkdir("./116", 0777) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5052] umount2("./115/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./115/binderfs", [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 126.562599][ T5772] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5051] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5774] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] unlink("./115/binderfs" [pid 5771] <... mount resumed>) = 0 [pid 5771] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5775 ./strace-static-x86_64: Process 5775 attached [pid 5771] <... openat resumed>) = 3 [pid 5052] <... unlink resumed>) = 0 [pid 5771] chdir("./file0" [pid 5052] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5775] set_robust_list(0x555556629660, 24 [pid 5771] <... chdir resumed>) = 0 [pid 5775] <... set_robust_list resumed>) = 0 [pid 5771] ioctl(4, LOOP_CLR_FD) = 0 [pid 5771] close(4 [pid 5775] chdir("./116" [pid 5771] <... close resumed>) = 0 [pid 5775] <... chdir resumed>) = 0 [pid 5771] exit_group(0 [pid 5775] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5771] <... exit_group resumed>) = ? [pid 5775] <... prctl resumed>) = 0 [pid 5772] <... mount resumed>) = 0 [pid 5771] +++ exited with 0 +++ [pid 5052] <... umount2 resumed>) = 0 [pid 5775] setpgid(0, 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5771, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5775] <... setpgid resumed>) = 0 [pid 5775] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5772] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5775] write(3, "1000", 4 [pid 5049] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5775] <... write resumed>) = 4 [pid 5052] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5775] close(3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./115/file0", [pid 5772] <... openat resumed>) = 3 [pid 5775] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5775] symlink("/dev/binderfs", "./binderfs" [pid 5052] umount2("./115/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 3 [pid 5049] newfstatat(3, "", [pid 5775] <... symlink resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5773] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5772] chdir("./file0" [pid 5052] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5772] <... chdir resumed>) = 0 [pid 5772] ioctl(4, LOOP_CLR_FD [pid 5052] newfstatat(4, "", [pid 5772] <... ioctl resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5775] memfd_create("syzkaller", 0 [pid 5772] close(4 [pid 5052] getdents64(4, [pid 5775] <... memfd_create resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5775] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5772] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] newfstatat(AT_FDCWD, "./119/binderfs", [pid 5772] exit_group(0 [pid 5052] getdents64(4, [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5775] <... mmap resumed>) = 0x7f3b887a1000 [pid 5772] <... exit_group resumed>) = ? [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] unlink("./119/binderfs" [pid 5772] +++ exited with 0 +++ [pid 5052] close(4 [pid 5049] <... unlink resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5772, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] rmdir("./115/file0") = 0 [pid 5048] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] getdents64(3, [pid 5048] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5052] close(3 [pid 5048] newfstatat(3, "", [pid 5052] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] rmdir("./115") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] mkdir("./116", 0777 [pid 5048] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... mkdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5048] unlink("./117/binderfs" [pid 5052] <... openat resumed>) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5048] <... unlink resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5776 attached [pid 5776] set_robust_list(0x555556629660, 24) = 0 [pid 5776] chdir("./116") = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5776 [pid 5776] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5776] setpgid(0, 0) = 0 [pid 5776] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5776] write(3, "1000", 4) = 4 [pid 5774] <... write resumed>) = 2097152 [pid 5776] close(3) = 0 [pid 5776] symlink("/dev/binderfs", "./binderfs" [pid 5774] munmap(0x7f3b887a1000, 138412032 [pid 5776] <... symlink resumed>) = 0 [pid 5774] <... munmap resumed>) = 0 [pid 5776] memfd_create("syzkaller", 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5776] <... memfd_create resumed>) = 3 [pid 5776] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5774] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5774] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... umount2 resumed>) = 0 [pid 5773] <... write resumed>) = 2097152 [pid 5048] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./117/file0", [pid 5049] newfstatat(AT_FDCWD, "./119/file0", [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5773] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./117/file0" [pid 5049] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(3, [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5048] close(3 [pid 5049] rmdir("./119/file0" [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./117" [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5773] <... munmap resumed>) = 0 [pid 5774] <... ioctl resumed>) = 0 [pid 5774] close(3 [pid 5048] mkdir("./118", 0777 [pid 5774] <... close resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5774] mkdir("./file0", 0777) = 0 [ 126.770221][ T5774] loop0: detected capacity change from 0 to 4096 [pid 5773] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] getdents64(3, [pid 5775] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5774] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5773] <... openat resumed>) = 4 [pid 5773] ioctl(4, LOOP_SET_FD, 3 [pid 5049] close(3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5049] <... close resumed>) = 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] rmdir("./119"./strace-static-x86_64: Process 5777 attached [pid 5777] set_robust_list(0x555556629660, 24 [pid 5049] <... rmdir resumed>) = 0 [pid 5777] <... set_robust_list resumed>) = 0 [pid 5049] mkdir("./120", 0777) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5777 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5777] chdir("./118" [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5777] <... chdir resumed>) = 0 [pid 5049] close(3) = 0 [pid 5777] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5778 attached [pid 5778] set_robust_list(0x555556629660, 24 [pid 5773] <... ioctl resumed>) = 0 [pid 5777] <... prctl resumed>) = 0 [pid 5778] <... set_robust_list resumed>) = 0 [pid 5777] setpgid(0, 0 [pid 5778] chdir("./120") = 0 [pid 5778] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5777] <... setpgid resumed>) = 0 [pid 5773] close(3 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5778 [pid 5777] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5773] <... close resumed>) = 0 [pid 5778] setpgid(0, 0 [pid 5773] mkdir("./file0", 0777 [pid 5778] <... setpgid resumed>) = 0 [pid 5777] <... openat resumed>) = 3 [pid 5773] <... mkdir resumed>) = 0 [pid 5778] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5777] write(3, "1000", 4 [pid 5773] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5777] <... write resumed>) = 4 [ 126.814486][ T5774] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 126.824535][ T5773] loop3: detected capacity change from 0 to 4096 [pid 5777] close(3 [pid 5778] <... openat resumed>) = 3 [pid 5777] <... close resumed>) = 0 [pid 5776] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5778] write(3, "1000", 4 [pid 5777] symlink("/dev/binderfs", "./binderfs" [pid 5778] <... write resumed>) = 4 [pid 5777] <... symlink resumed>) = 0 [pid 5778] close(3) = 0 [pid 5778] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5778] memfd_create("syzkaller", 0) = 3 [pid 5775] <... write resumed>) = 2097152 [pid 5778] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5777] memfd_create("syzkaller", 0 [ 126.868187][ T5773] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5775] munmap(0x7f3b887a1000, 138412032 [pid 5777] <... memfd_create resumed>) = 3 [pid 5775] <... munmap resumed>) = 0 [pid 5777] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5775] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5775] ioctl(4, LOOP_SET_FD, 3 [pid 5774] <... mount resumed>) = 0 [pid 5774] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5774] chdir("./file0") = 0 [pid 5774] ioctl(4, LOOP_CLR_FD) = 0 [pid 5774] close(4) = 0 [pid 5774] exit_group(0 [pid 5776] <... write resumed>) = 2097152 [pid 5774] <... exit_group resumed>) = ? [pid 5776] munmap(0x7f3b887a1000, 138412032 [pid 5774] +++ exited with 0 +++ [pid 5776] <... munmap resumed>) = 0 [pid 5775] <... ioctl resumed>) = 0 [pid 5773] <... mount resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5774, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5775] close(3 [pid 5773] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5775] <... close resumed>) = 0 [pid 5773] chdir("./file0" [pid 5775] mkdir("./file0", 0777 [pid 5773] <... chdir resumed>) = 0 [pid 5047] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5773] ioctl(4, LOOP_CLR_FD) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5773] close(4) = 0 [pid 5047] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", [pid 5776] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5775] <... mkdir resumed>) = 0 [pid 5773] exit_group(0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5776] <... openat resumed>) = 4 [pid 5047] getdents64(3, [pid 5776] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./120/binderfs") = 0 [pid 5775] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5773] <... exit_group resumed>) = ? [ 126.935373][ T5775] loop4: detected capacity change from 0 to 4096 [pid 5047] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5773] +++ exited with 0 +++ [pid 5047] <... umount2 resumed>) = 0 [pid 5047] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./120/file0" [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5773, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5047] <... rmdir resumed>) = 0 [pid 5050] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5047] getdents64(3, [pid 5777] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... close resumed>) = 0 [pid 5050] getdents64(3, [pid 5047] rmdir("./120") = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] mkdir("./121", 0777 [pid 5050] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... mkdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./117/binderfs", [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5050] unlink("./117/binderfs" [pid 5047] <... ioctl resumed>) = 0 [pid 5047] close(3 [pid 5778] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... close resumed>) = 0 [pid 5776] <... ioctl resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5779 attached [ 126.996308][ T5775] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 127.011113][ T5776] loop5: detected capacity change from 0 to 4096 [pid 5776] close(3 [pid 5779] set_robust_list(0x555556629660, 24 [pid 5776] <... close resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5779 [pid 5779] <... set_robust_list resumed>) = 0 [pid 5776] mkdir("./file0", 0777 [pid 5050] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5779] chdir("./121" [pid 5776] <... mkdir resumed>) = 0 [pid 5779] <... chdir resumed>) = 0 [pid 5776] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5779] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5775] <... mount resumed>) = 0 [pid 5779] <... prctl resumed>) = 0 [pid 5775] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5779] setpgid(0, 0 [pid 5777] <... write resumed>) = 2097152 [pid 5775] <... openat resumed>) = 3 [pid 5775] chdir("./file0" [pid 5777] munmap(0x7f3b887a1000, 138412032 [pid 5775] <... chdir resumed>) = 0 [pid 5775] ioctl(4, LOOP_CLR_FD [pid 5779] <... setpgid resumed>) = 0 [pid 5775] <... ioctl resumed>) = 0 [pid 5775] close(4 [pid 5777] <... munmap resumed>) = 0 [pid 5779] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5775] <... close resumed>) = 0 [pid 5775] exit_group(0) = ? [pid 5779] <... openat resumed>) = 3 [pid 5777] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5779] write(3, "1000", 4) = 4 [pid 5779] close(3) = 0 [pid 5777] <... openat resumed>) = 4 [pid 5779] symlink("/dev/binderfs", "./binderfs" [pid 5777] ioctl(4, LOOP_SET_FD, 3 [pid 5779] <... symlink resumed>) = 0 [ 127.075254][ T5776] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5778] <... write resumed>) = 2097152 [pid 5779] memfd_create("syzkaller", 0 [pid 5777] <... ioctl resumed>) = 0 [pid 5775] +++ exited with 0 +++ [pid 5050] <... umount2 resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5775, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5778] munmap(0x7f3b887a1000, 138412032 [pid 5777] close(3 [pid 5050] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5778] <... munmap resumed>) = 0 [pid 5777] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5777] mkdir("./file0", 0777 [pid 5051] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5777] <... mkdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./117/file0", [pid 5051] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5779] <... memfd_create resumed>) = 3 [pid 5051] <... openat resumed>) = 3 [pid 5050] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(3, "", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5777] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] getdents64(3, [pid 5050] <... openat resumed>) = 4 [ 127.119247][ T5777] loop1: detected capacity change from 0 to 4096 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] newfstatat(4, "", [pid 5779] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5779] <... mmap resumed>) = 0x7f3b887a1000 [pid 5778] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5778] <... openat resumed>) = 4 [pid 5051] newfstatat(AT_FDCWD, "./116/binderfs", [pid 5050] getdents64(4, [pid 5778] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5776] <... mount resumed>) = 0 [pid 5051] unlink("./116/binderfs" [pid 5050] getdents64(4, [pid 5776] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... unlink resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5776] <... openat resumed>) = 3 [pid 5050] close(4) = 0 [pid 5050] rmdir("./117/file0" [pid 5051] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... rmdir resumed>) = 0 [pid 5776] chdir("./file0") = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] getdents64(3, [pid 5776] ioctl(4, LOOP_CLR_FD) = 0 [pid 5051] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5776] close(4) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] close(3 [pid 5051] newfstatat(AT_FDCWD, "./116/file0", [pid 5050] <... close resumed>) = 0 [pid 5776] exit_group(0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] rmdir("./117" [pid 5776] <... exit_group resumed>) = ? [pid 5051] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... rmdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] mkdir("./118", 0777 [pid 5776] +++ exited with 0 +++ [pid 5051] getdents64(4, [pid 5050] <... mkdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5778] <... ioctl resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5776, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] getdents64(4, [pid 5050] <... openat resumed>) = 3 [pid 5778] close(3 [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5778] <... close resumed>) = 0 [pid 5052] <... restart_syscall resumed>) = 0 [pid 5051] close(4 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5778] mkdir("./file0", 0777 [pid 5051] <... close resumed>) = 0 [pid 5050] close(3 [pid 5778] <... mkdir resumed>) = 0 [pid 5051] rmdir("./116/file0" [pid 5050] <... close resumed>) = 0 [pid 5052] umount2("./116", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... rmdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(3, [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", [pid 5051] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5778] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] getdents64(3, [pid 5051] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [ 127.162272][ T5777] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 127.175515][ T5778] loop2: detected capacity change from 0 to 4096 [pid 5051] rmdir("./116"./strace-static-x86_64: Process 5780 attached [pid 5052] umount2("./116/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... rmdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5780] set_robust_list(0x555556629660, 24 [pid 5052] newfstatat(AT_FDCWD, "./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./116/binderfs") = 0 [pid 5052] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5780 [pid 5051] mkdir("./117", 0777) = 0 [pid 5780] <... set_robust_list resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5780] chdir("./118") = 0 [pid 5051] <... openat resumed>) = 3 [pid 5780] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5780] <... prctl resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5780] setpgid(0, 0 [pid 5051] close(3 [pid 5780] <... setpgid resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5780] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5779] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5781 attached [pid 5780] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = 0 [pid 5780] write(3, "1000", 4 [pid 5781] set_robust_list(0x555556629660, 24 [pid 5780] <... write resumed>) = 4 [ 127.223710][ T5778] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5780] close(3 [pid 5781] <... set_robust_list resumed>) = 0 [pid 5780] <... close resumed>) = 0 [pid 5781] chdir("./117" [pid 5780] symlink("/dev/binderfs", "./binderfs" [pid 5781] <... chdir resumed>) = 0 [pid 5780] <... symlink resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5781 [pid 5781] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5781] setpgid(0, 0 [pid 5780] memfd_create("syzkaller", 0) = 3 [pid 5780] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5781] <... setpgid resumed>) = 0 [pid 5781] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5780] <... mmap resumed>) = 0x7f3b887a1000 [pid 5781] write(3, "1000", 4) = 4 [pid 5781] close(3 [pid 5052] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5781] <... close resumed>) = 0 [pid 5781] symlink("/dev/binderfs", "./binderfs" [pid 5777] <... mount resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5781] <... symlink resumed>) = 0 [pid 5777] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] newfstatat(AT_FDCWD, "./116/file0", [pid 5781] memfd_create("syzkaller", 0 [pid 5777] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5777] chdir("./file0" [pid 5052] umount2("./116/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5777] <... chdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5777] ioctl(4, LOOP_CLR_FD [pid 5052] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5777] <... ioctl resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5781] <... memfd_create resumed>) = 3 [pid 5777] close(4 [pid 5052] newfstatat(4, "", [pid 5781] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5777] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5777] exit_group(0 [pid 5052] getdents64(4, [pid 5781] <... mmap resumed>) = 0x7f3b887a1000 [pid 5777] <... exit_group resumed>) = ? [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5779] <... write resumed>) = 2097152 [pid 5777] +++ exited with 0 +++ [pid 5052] getdents64(4, [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5777, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] close(4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] rmdir("./116/file0" [pid 5048] <... openat resumed>) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5048] newfstatat(3, "", [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] close(3 [pid 5048] getdents64(3, [pid 5052] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] rmdir("./116" [pid 5048] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... rmdir resumed>) = 0 [pid 5052] mkdir("./117", 0777 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... mkdir resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5048] unlink("./118/binderfs" [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5048] <... unlink resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5048] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5779] munmap(0x7f3b887a1000, 138412032./strace-static-x86_64: Process 5782 attached [pid 5780] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5779] <... munmap resumed>) = 0 [pid 5782] set_robust_list(0x555556629660, 24) = 0 [pid 5782] chdir("./117") = 0 [pid 5782] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5779] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5782 [pid 5782] setpgid(0, 0 [pid 5779] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5782] <... setpgid resumed>) = 0 [pid 5782] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5782] write(3, "1000", 4) = 4 [pid 5782] close(3) = 0 [pid 5781] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5779] close(3 [pid 5782] symlink("/dev/binderfs", "./binderfs" [pid 5778] <... mount resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5778] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5782] <... symlink resumed>) = 0 [pid 5778] chdir("./file0") = 0 [pid 5778] ioctl(4, LOOP_CLR_FD) = 0 [pid 5778] close(4 [pid 5780] <... write resumed>) = 2097152 [pid 5778] <... close resumed>) = 0 [pid 5778] exit_group(0 [pid 5782] memfd_create("syzkaller", 0 [pid 5779] <... close resumed>) = 0 [pid 5778] <... exit_group resumed>) = ? [pid 5780] munmap(0x7f3b887a1000, 138412032 [pid 5779] mkdir("./file0", 0777 [pid 5778] +++ exited with 0 +++ [pid 5048] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5782] <... memfd_create resumed>) = 3 [pid 5780] <... munmap resumed>) = 0 [pid 5779] <... mkdir resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5778, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./118/file0", [ 127.382586][ T5779] loop0: detected capacity change from 0 to 4096 [pid 5782] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5782] <... mmap resumed>) = 0x7f3b887a1000 [pid 5779] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5048] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 4 [pid 5049] <... openat resumed>) = 3 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, [pid 5780] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] newfstatat(3, "", [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5780] <... openat resumed>) = 4 [pid 5780] ioctl(4, LOOP_SET_FD, 3 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./118/file0" [pid 5781] <... write resumed>) = 2097152 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... close resumed>) = 0 [pid 5049] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5781] munmap(0x7f3b887a1000, 138412032 [pid 5048] rmdir("./118" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5781] <... munmap resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./120/binderfs", [pid 5048] <... rmdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] mkdir("./119", 0777 [pid 5049] unlink("./120/binderfs" [pid 5048] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5049] <... unlink resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5783 attached , child_tidptr=0x555556629650) = 5783 [pid 5783] set_robust_list(0x555556629660, 24 [pid 5781] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... umount2 resumed>) = 0 [pid 5783] <... set_robust_list resumed>) = 0 [pid 5781] <... openat resumed>) = 4 [pid 5780] <... ioctl resumed>) = 0 [pid 5783] chdir("./119" [ 127.448615][ T5779] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 127.464320][ T5780] loop3: detected capacity change from 0 to 4096 [pid 5781] ioctl(4, LOOP_SET_FD, 3 [pid 5780] close(3 [pid 5049] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5783] <... chdir resumed>) = 0 [pid 5783] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5780] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5783] <... prctl resumed>) = 0 [pid 5780] mkdir("./file0", 0777 [pid 5049] newfstatat(AT_FDCWD, "./120/file0", [pid 5783] setpgid(0, 0 [pid 5780] <... mkdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5783] <... setpgid resumed>) = 0 [pid 5049] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5783] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5779] <... mount resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5783] write(3, "1000", 4 [pid 5779] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5783] <... write resumed>) = 4 [pid 5780] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5779] <... openat resumed>) = 3 [pid 5783] close(3 [pid 5779] chdir("./file0" [pid 5049] <... openat resumed>) = 4 [pid 5783] <... close resumed>) = 0 [pid 5779] <... chdir resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5783] symlink("/dev/binderfs", "./binderfs" [pid 5779] ioctl(4, LOOP_CLR_FD [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5783] <... symlink resumed>) = 0 [pid 5779] <... ioctl resumed>) = 0 [pid 5049] getdents64(4, [pid 5781] <... ioctl resumed>) = 0 [pid 5781] close(3 [pid 5783] memfd_create("syzkaller", 0 [pid 5781] <... close resumed>) = 0 [pid 5779] close(4 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5779] <... close resumed>) = 0 [pid 5781] mkdir("./file0", 0777 [pid 5779] exit_group(0 [pid 5781] <... mkdir resumed>) = 0 [pid 5779] <... exit_group resumed>) = ? [pid 5049] getdents64(4, [pid 5781] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5782] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5779] +++ exited with 0 +++ [pid 5049] close(4 [pid 5783] <... memfd_create resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5779, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5049] rmdir("./120/file0" [pid 5783] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... close resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 127.495744][ T5781] loop4: detected capacity change from 0 to 4096 [ 127.518305][ T5780] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 127.535749][ T5781] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5049] rmdir("./120") = 0 [pid 5047] <... openat resumed>) = 3 [pid 5049] mkdir("./121", 0777 [pid 5047] newfstatat(3, "", [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] <... openat resumed>) = 3 [pid 5047] newfstatat(AT_FDCWD, "./121/binderfs", [pid 5049] ioctl(3, LOOP_CLR_FD) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./121/binderfs" [pid 5049] close(3 [pid 5047] <... unlink resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5784 attached [pid 5784] set_robust_list(0x555556629660, 24 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5784 [pid 5047] <... umount2 resumed>) = 0 [pid 5784] <... set_robust_list resumed>) = 0 [pid 5047] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5784] chdir("./121") = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5784] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5047] newfstatat(AT_FDCWD, "./121/file0", [pid 5784] setpgid(0, 0 [pid 5780] <... mount resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5784] <... setpgid resumed>) = 0 [pid 5784] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5782] <... write resumed>) = 2097152 [pid 5780] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5780] <... openat resumed>) = 3 [pid 5047] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5782] munmap(0x7f3b887a1000, 138412032 [pid 5780] chdir("./file0" [pid 5784] <... openat resumed>) = 3 [pid 5781] <... mount resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5781] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5047] newfstatat(4, "", [pid 5781] chdir("./file0") = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5781] ioctl(4, LOOP_CLR_FD) = 0 [pid 5047] getdents64(4, [pid 5784] write(3, "1000", 4 [pid 5781] close(4 [pid 5784] <... write resumed>) = 4 [pid 5783] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5782] <... munmap resumed>) = 0 [pid 5781] <... close resumed>) = 0 [pid 5780] <... chdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5784] close(3 [pid 5780] ioctl(4, LOOP_CLR_FD [pid 5047] getdents64(4, [pid 5784] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4 [pid 5780] <... ioctl resumed>) = 0 [pid 5781] exit_group(0 [pid 5047] <... close resumed>) = 0 [pid 5784] symlink("/dev/binderfs", "./binderfs" [pid 5781] <... exit_group resumed>) = ? [pid 5784] <... symlink resumed>) = 0 [pid 5782] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5781] +++ exited with 0 +++ [pid 5780] close(4 [pid 5047] rmdir("./121/file0") = 0 [pid 5782] <... openat resumed>) = 4 [pid 5780] <... close resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5781, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5047] getdents64(3, [pid 5782] ioctl(4, LOOP_SET_FD, 3 [pid 5780] exit_group(0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3 [pid 5780] <... exit_group resumed>) = ? [pid 5047] <... close resumed>) = 0 [pid 5780] +++ exited with 0 +++ [pid 5047] rmdir("./121") = 0 [pid 5784] memfd_create("syzkaller", 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5780, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5047] mkdir("./122", 0777 [pid 5051] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... mkdir resumed>) = 0 [pid 5050] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5784] <... memfd_create resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5784] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5782] <... ioctl resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, [pid 5047] <... openat resumed>) = 3 [pid 5782] close(3 [pid 5051] getdents64(3, [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5782] <... close resumed>) = 0 [pid 5782] mkdir("./file0", 0777) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(3 [ 127.681585][ T5782] loop5: detected capacity change from 0 to 4096 [pid 5782] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./118/binderfs", [pid 5783] <... write resumed>) = 2097152 [pid 5047] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5785 attached [pid 5051] newfstatat(AT_FDCWD, "./117/binderfs", [pid 5050] unlink("./118/binderfs" [pid 5785] set_robust_list(0x555556629660, 24 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5785 [pid 5050] <... unlink resumed>) = 0 [pid 5785] <... set_robust_list resumed>) = 0 [pid 5785] chdir("./122" [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5785] <... chdir resumed>) = 0 [pid 5051] unlink("./117/binderfs" [pid 5785] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... unlink resumed>) = 0 [pid 5785] <... prctl resumed>) = 0 [pid 5051] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = 0 [pid 5785] setpgid(0, 0) = 0 [pid 5783] munmap(0x7f3b887a1000, 138412032 [pid 5785] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./118/file0", [pid 5785] <... openat resumed>) = 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5785] write(3, "1000", 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5785] <... write resumed>) = 4 [pid 5784] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5783] <... munmap resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5785] close(3 [pid 5050] <... openat resumed>) = 4 [pid 5785] <... close resumed>) = 0 [pid 5783] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] newfstatat(4, "", [pid 5785] symlink("/dev/binderfs", "./binderfs" [pid 5783] <... openat resumed>) = 4 [ 127.731712][ T5782] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5051] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5785] <... symlink resumed>) = 0 [pid 5783] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] getdents64(4, [pid 5785] memfd_create("syzkaller", 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5783] <... ioctl resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./117/file0", [pid 5050] close(4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... close resumed>) = 0 [pid 5051] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] rmdir("./118/file0" [pid 5783] close(3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... rmdir resumed>) = 0 [pid 5783] <... close resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] getdents64(3, [pid 5783] mkdir("./file0", 0777 [pid 5051] <... openat resumed>) = 4 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5785] <... memfd_create resumed>) = 3 [pid 5783] <... mkdir resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5050] close(3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... close resumed>) = 0 [pid 5051] getdents64(4, [pid 5050] rmdir("./118" [pid 5785] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5783] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... rmdir resumed>) = 0 [pid 5785] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] getdents64(4, [pid 5050] mkdir("./119", 0777 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5051] close(4 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5051] <... close resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5051] rmdir("./117/file0" [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5051] <... rmdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5051] close(3 [pid 5050] <... close resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] rmdir("./117"./strace-static-x86_64: Process 5786 attached ) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5786 [pid 5786] set_robust_list(0x555556629660, 24 [pid 5784] <... write resumed>) = 2097152 [pid 5051] mkdir("./118", 0777 [pid 5786] <... set_robust_list resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5786] chdir("./119") = 0 [pid 5786] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5782] <... mount resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 5786] <... prctl resumed>) = 0 [pid 5782] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... close resumed>) = 0 [pid 5786] setpgid(0, 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5786] <... setpgid resumed>) = 0 [pid 5782] <... openat resumed>) = 3 [pid 5782] chdir("./file0" [pid 5786] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5782] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5787 attached [pid 5782] ioctl(4, LOOP_CLR_FD [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5787 [ 127.793678][ T5783] loop1: detected capacity change from 0 to 4096 [ 127.824792][ T5783] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5787] set_robust_list(0x555556629660, 24 [pid 5786] <... openat resumed>) = 3 [pid 5782] <... ioctl resumed>) = 0 [pid 5787] <... set_robust_list resumed>) = 0 [pid 5786] write(3, "1000", 4 [pid 5782] close(4 [pid 5787] chdir("./118" [pid 5786] <... write resumed>) = 4 [pid 5784] munmap(0x7f3b887a1000, 138412032 [pid 5782] <... close resumed>) = 0 [pid 5787] <... chdir resumed>) = 0 [pid 5786] close(3) = 0 [pid 5787] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5786] symlink("/dev/binderfs", "./binderfs" [pid 5782] exit_group(0 [pid 5787] <... prctl resumed>) = 0 [pid 5786] <... symlink resumed>) = 0 [pid 5785] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5784] <... munmap resumed>) = 0 [pid 5782] <... exit_group resumed>) = ? [pid 5787] setpgid(0, 0 [pid 5786] memfd_create("syzkaller", 0 [pid 5784] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5784] ioctl(4, LOOP_SET_FD, 3 [pid 5787] <... setpgid resumed>) = 0 [pid 5786] <... memfd_create resumed>) = 3 [pid 5782] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5782, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5787] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5786] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5787] <... openat resumed>) = 3 [pid 5052] umount2("./117", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5787] write(3, "1000", 4 [pid 5786] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./117/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./117/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./117/binderfs") = 0 [pid 5052] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5787] <... write resumed>) = 4 [pid 5783] <... mount resumed>) = 0 [pid 5787] close(3 [pid 5784] <... ioctl resumed>) = 0 [pid 5783] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5784] close(3 [pid 5787] <... close resumed>) = 0 [pid 5784] <... close resumed>) = 0 [pid 5784] mkdir("./file0", 0777 [pid 5787] symlink("/dev/binderfs", "./binderfs" [pid 5784] <... mkdir resumed>) = 0 [pid 5784] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5783] <... openat resumed>) = 3 [pid 5787] <... symlink resumed>) = 0 [pid 5783] chdir("./file0") = 0 [pid 5783] ioctl(4, LOOP_CLR_FD) = 0 [pid 5783] close(4) = 0 [pid 5783] exit_group(0) = ? [pid 5787] memfd_create("syzkaller", 0) = 3 [pid 5787] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5783] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5783, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5787] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5785] <... write resumed>) = 2097152 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5785] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... umount2 resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 127.903761][ T5784] loop2: detected capacity change from 0 to 4096 [ 127.942811][ T5784] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5048] unlink("./119/binderfs") = 0 [pid 5785] <... munmap resumed>) = 0 [pid 5048] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5048] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./119/file0", [pid 5052] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5785] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] newfstatat(AT_FDCWD, "./117/file0", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5785] <... openat resumed>) = 4 [pid 5052] umount2("./117/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] <... openat resumed>) = 4 [pid 5785] ioctl(4, LOOP_SET_FD, 3 [pid 5052] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5786] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... close resumed>) = 0 [pid 5048] getdents64(4, [pid 5052] rmdir("./117/file0" [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5048] close(4 [pid 5052] getdents64(3, [pid 5048] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] rmdir("./119/file0" [pid 5052] close(3 [pid 5784] <... mount resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5784] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] rmdir("./117" [pid 5048] getdents64(3, [pid 5784] <... openat resumed>) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5784] chdir("./file0" [pid 5052] mkdir("./118", 0777 [pid 5048] close(3 [pid 5784] <... chdir resumed>) = 0 [ 127.997505][ T5785] loop0: detected capacity change from 0 to 4096 [pid 5052] <... mkdir resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5785] <... ioctl resumed>) = 0 [pid 5784] ioctl(4, LOOP_CLR_FD [pid 5048] rmdir("./119" [pid 5784] <... ioctl resumed>) = 0 [pid 5784] close(4 [pid 5048] <... rmdir resumed>) = 0 [pid 5785] close(3 [pid 5784] <... close resumed>) = 0 [pid 5048] mkdir("./120", 0777 [pid 5785] <... close resumed>) = 0 [pid 5785] mkdir("./file0", 0777 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5785] <... mkdir resumed>) = 0 [pid 5784] exit_group(0 [pid 5052] <... openat resumed>) = 3 [pid 5048] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5784] <... exit_group resumed>) = ? [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5784] +++ exited with 0 +++ [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5784, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=1 /* 0.01 s */} --- [pid 5052] <... close resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5787] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5788 attached [pid 5785] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5788] set_robust_list(0x555556629660, 24 [pid 5049] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5788] <... set_robust_list resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5788 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5788] chdir("./118") = 0 [pid 5049] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5788] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5788] <... prctl resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./121/binderfs", [pid 5788] setpgid(0, 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5788] <... setpgid resumed>) = 0 [pid 5049] unlink("./121/binderfs" [pid 5788] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... unlink resumed>) = 0 [pid 5788] <... openat resumed>) = 3 [pid 5049] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5788] write(3, "1000", 4 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5788] <... write resumed>) = 4 [pid 5788] close(3 [pid 5048] <... close resumed>) = 0 [pid 5788] <... close resumed>) = 0 [pid 5788] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5786] <... write resumed>) = 2097152 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5788] memfd_create("syzkaller", 0) = 3 [pid 5788] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5789 ./strace-static-x86_64: Process 5789 attached [pid 5786] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... umount2 resumed>) = 0 [pid 5789] set_robust_list(0x555556629660, 24 [pid 5786] <... munmap resumed>) = 0 [pid 5789] <... set_robust_list resumed>) = 0 [pid 5789] chdir("./120") = 0 [pid 5789] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 128.061682][ T5785] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5789] setpgid(0, 0) = 0 [pid 5786] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5789] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5786] <... openat resumed>) = 4 [pid 5789] <... openat resumed>) = 3 [pid 5786] ioctl(4, LOOP_SET_FD, 3 [pid 5789] write(3, "1000", 4) = 4 [pid 5049] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5789] close(3 [pid 5787] <... write resumed>) = 2097152 [pid 5785] <... mount resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5789] <... close resumed>) = 0 [pid 5787] munmap(0x7f3b887a1000, 138412032 [pid 5789] symlink("/dev/binderfs", "./binderfs" [pid 5787] <... munmap resumed>) = 0 [pid 5785] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] newfstatat(AT_FDCWD, "./121/file0", [pid 5785] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5789] <... symlink resumed>) = 0 [pid 5049] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5785] chdir("./file0" [pid 5049] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5785] <... chdir resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5785] ioctl(4, LOOP_CLR_FD) = 0 [pid 5049] newfstatat(4, "", [pid 5785] close(4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5785] <... close resumed>) = 0 [pid 5049] getdents64(4, [pid 5785] exit_group(0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5785] <... exit_group resumed>) = ? [ 128.128236][ T5786] loop3: detected capacity change from 0 to 4096 [pid 5789] memfd_create("syzkaller", 0 [pid 5787] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5786] <... ioctl resumed>) = 0 [pid 5785] +++ exited with 0 +++ [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5785, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5049] close(4) = 0 [pid 5049] rmdir("./121/file0" [pid 5047] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5787] <... openat resumed>) = 4 [pid 5786] close(3 [pid 5047] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5787] ioctl(4, LOOP_SET_FD, 3 [pid 5786] <... close resumed>) = 0 [pid 5789] <... memfd_create resumed>) = 3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... close resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./122/binderfs", [pid 5049] rmdir("./121" [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5047] unlink("./122/binderfs" [pid 5049] mkdir("./122", 0777 [pid 5047] <... unlink resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5047] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5786] mkdir("./file0", 0777 [pid 5789] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5789] <... mmap resumed>) = 0x7f3b887a1000 [pid 5786] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5790 attached [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5790 [pid 5790] set_robust_list(0x555556629660, 24) = 0 [pid 5790] chdir("./122") = 0 [pid 5790] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5790] setpgid(0, 0) = 0 [pid 5790] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5786] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5790] <... openat resumed>) = 3 [pid 5790] write(3, "1000", 4) = 4 [pid 5790] close(3) = 0 [pid 5790] symlink("/dev/binderfs", "./binderfs" [pid 5788] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5787] <... ioctl resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5787] close(3 [pid 5047] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5787] <... close resumed>) = 0 [pid 5787] mkdir("./file0", 0777 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5790] <... symlink resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./122/file0", [pid 5787] <... mkdir resumed>) = 0 [pid 5790] memfd_create("syzkaller", 0 [pid 5787] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 128.173975][ T5787] loop4: detected capacity change from 0 to 4096 [ 128.194495][ T5786] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./122/file0" [pid 5790] <... memfd_create resumed>) = 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5790] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5790] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] rmdir("./122" [pid 5789] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] mkdir("./123", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5791 attached , child_tidptr=0x555556629650) = 5791 [pid 5791] set_robust_list(0x555556629660, 24) = 0 [ 128.227739][ T5787] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5791] chdir("./123") = 0 [pid 5786] <... mount resumed>) = 0 [pid 5791] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5788] <... write resumed>) = 2097152 [pid 5786] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5791] setpgid(0, 0) = 0 [pid 5791] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5791] write(3, "1000", 4 [pid 5788] munmap(0x7f3b887a1000, 138412032 [pid 5786] <... openat resumed>) = 3 [pid 5791] <... write resumed>) = 4 [pid 5788] <... munmap resumed>) = 0 [pid 5786] chdir("./file0" [pid 5791] close(3 [pid 5786] <... chdir resumed>) = 0 [pid 5791] <... close resumed>) = 0 [pid 5786] ioctl(4, LOOP_CLR_FD [pid 5791] symlink("/dev/binderfs", "./binderfs" [pid 5786] <... ioctl resumed>) = 0 [pid 5791] <... symlink resumed>) = 0 [pid 5788] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5786] close(4 [pid 5791] memfd_create("syzkaller", 0 [pid 5788] <... openat resumed>) = 4 [pid 5786] <... close resumed>) = 0 [pid 5788] ioctl(4, LOOP_SET_FD, 3 [pid 5786] exit_group(0 [pid 5791] <... memfd_create resumed>) = 3 [pid 5786] <... exit_group resumed>) = ? [pid 5791] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5789] <... write resumed>) = 2097152 [pid 5788] <... ioctl resumed>) = 0 [pid 5788] close(3) = 0 [pid 5788] mkdir("./file0", 0777 [pid 5786] +++ exited with 0 +++ [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5786, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5788] <... mkdir resumed>) = 0 [pid 5050] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5788] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5050] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5789] munmap(0x7f3b887a1000, 138412032 [pid 5050] unlink("./119/binderfs" [pid 5790] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... unlink resumed>) = 0 [pid 5789] <... munmap resumed>) = 0 [pid 5050] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5789] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] <... umount2 resumed>) = 0 [pid 5050] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5789] <... openat resumed>) = 4 [ 128.316471][ T5788] loop5: detected capacity change from 0 to 4096 [ 128.352860][ T5788] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5789] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./119/file0") = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./119") = 0 [pid 5050] mkdir("./120", 0777 [pid 5787] <... mount resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5787] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5787] chdir("./file0") = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5787] ioctl(4, LOOP_CLR_FD) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5787] close(4 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5787] <... close resumed>) = 0 [pid 5050] <... ioctl resumed>) = 0 [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5789] <... ioctl resumed>) = 0 [pid 5787] exit_group(0 [pid 5789] close(3 [pid 5787] <... exit_group resumed>) = ? [pid 5787] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5787, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5051] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5789] <... close resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 5789] mkdir("./file0", 0777 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5792 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5789] <... mkdir resumed>) = 0 [pid 5051] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./118/binderfs"./strace-static-x86_64: Process 5792 attached [pid 5791] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5789] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] <... unlink resumed>) = 0 [pid 5792] set_robust_list(0x555556629660, 24 [ 128.385122][ T5789] loop1: detected capacity change from 0 to 4096 [pid 5051] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5792] <... set_robust_list resumed>) = 0 [pid 5792] chdir("./120" [pid 5790] <... write resumed>) = 2097152 [pid 5792] <... chdir resumed>) = 0 [pid 5792] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5792] setpgid(0, 0) = 0 [pid 5792] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5792] write(3, "1000", 4) = 4 [pid 5790] munmap(0x7f3b887a1000, 138412032 [pid 5792] close(3) = 0 [pid 5792] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5792] memfd_create("syzkaller", 0 [pid 5790] <... munmap resumed>) = 0 [pid 5788] <... mount resumed>) = 0 [pid 5792] <... memfd_create resumed>) = 3 [pid 5790] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5792] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5790] <... openat resumed>) = 4 [pid 5792] <... mmap resumed>) = 0x7f3b887a1000 [pid 5790] ioctl(4, LOOP_SET_FD, 3 [pid 5788] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 128.435844][ T5789] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5788] chdir("./file0") = 0 [pid 5788] ioctl(4, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = 0 [pid 5788] <... ioctl resumed>) = 0 [pid 5790] <... ioctl resumed>) = 0 [pid 5788] close(4 [pid 5790] close(3) = 0 [pid 5788] <... close resumed>) = 0 [pid 5788] exit_group(0 [pid 5790] mkdir("./file0", 0777 [pid 5788] <... exit_group resumed>) = ? [pid 5790] <... mkdir resumed>) = 0 [pid 5788] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5788, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5790] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5052] umount2("./118", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] newfstatat(3, "", [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] newfstatat(AT_FDCWD, "./118/file0", [pid 5052] getdents64(3, [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] umount2("./118/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] newfstatat(AT_FDCWD, "./118/binderfs", [pid 5051] <... openat resumed>) = 4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./118/binderfs" [pid 5051] newfstatat(4, "", [pid 5052] <... unlink resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(4, [pid 5791] <... write resumed>) = 2097152 [pid 5789] <... mount resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [ 128.477121][ T5790] loop2: detected capacity change from 0 to 4096 [pid 5789] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5791] munmap(0x7f3b887a1000, 138412032 [pid 5789] <... openat resumed>) = 3 [pid 5051] getdents64(4, [pid 5789] chdir("./file0" [pid 5791] <... munmap resumed>) = 0 [pid 5789] <... chdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5789] ioctl(4, LOOP_CLR_FD) = 0 [pid 5051] close(4 [pid 5789] close(4 [pid 5051] <... close resumed>) = 0 [pid 5792] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5789] <... close resumed>) = 0 [pid 5051] rmdir("./118/file0" [pid 5791] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5789] exit_group(0 [pid 5051] <... rmdir resumed>) = 0 [pid 5791] <... openat resumed>) = 4 [pid 5789] <... exit_group resumed>) = ? [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5791] ioctl(4, LOOP_SET_FD, 3 [pid 5789] +++ exited with 0 +++ [pid 5051] close(3) = 0 [pid 5051] rmdir("./118") = 0 [pid 5051] mkdir("./119", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5789, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5052] <... umount2 resumed>) = 0 [pid 5048] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5048] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5791] <... ioctl resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5791] close(3 [pid 5048] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5791] <... close resumed>) = 0 [pid 5791] mkdir("./file0", 0777 [pid 5052] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5793 attached [ 128.528465][ T5790] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 128.563645][ T5791] loop0: detected capacity change from 0 to 4096 [pid 5791] <... mkdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(3, "", [pid 5791] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5052] newfstatat(AT_FDCWD, "./118/file0", [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5793 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] umount2("./118/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(3, [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5793] set_robust_list(0x555556629660, 24 [pid 5052] getdents64(4, [pid 5793] <... set_robust_list resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5793] chdir("./119") = 0 [pid 5793] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] getdents64(4, [pid 5793] <... prctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5793] setpgid(0, 0 [pid 5052] close(4 [pid 5793] <... setpgid resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5793] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] rmdir("./118/file0" [pid 5793] <... openat resumed>) = 3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5793] write(3, "1000", 4) = 4 [pid 5793] close(3) = 0 [pid 5793] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... rmdir resumed>) = 0 [pid 5048] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5793] <... symlink resumed>) = 0 [pid 5793] memfd_create("syzkaller", 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./118") = 0 [pid 5052] mkdir("./119", 0777) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5793] <... memfd_create resumed>) = 3 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5793] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... openat resumed>) = 3 [pid 5793] <... mmap resumed>) = 0x7f3b887a1000 [pid 5792] <... write resumed>) = 2097152 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5048] newfstatat(AT_FDCWD, "./120/binderfs", [pid 5790] <... mount resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./120/binderfs" [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... unlink resumed>) = 0 [pid 5052] close(3 [pid 5048] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5790] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... umount2 resumed>) = 0 [pid 5790] <... openat resumed>) = 3 [pid 5048] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5794 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5790] chdir("./file0" [pid 5048] newfstatat(AT_FDCWD, "./120/file0", ./strace-static-x86_64: Process 5794 attached [pid 5790] <... chdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 128.590280][ T5791] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5794] set_robust_list(0x555556629660, 24 [pid 5790] ioctl(4, LOOP_CLR_FD [pid 5048] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5794] <... set_robust_list resumed>) = 0 [pid 5790] <... ioctl resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5790] close(4 [pid 5794] chdir("./119" [pid 5790] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5794] <... chdir resumed>) = 0 [pid 5792] munmap(0x7f3b887a1000, 138412032 [pid 5790] exit_group(0 [pid 5048] newfstatat(4, "", [pid 5794] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5792] <... munmap resumed>) = 0 [pid 5790] <... exit_group resumed>) = ? [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5794] <... prctl resumed>) = 0 [pid 5794] setpgid(0, 0 [pid 5790] +++ exited with 0 +++ [pid 5048] getdents64(4, [pid 5794] <... setpgid resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5790, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5794] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] getdents64(4, [pid 5794] <... openat resumed>) = 3 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5794] write(3, "1000", 4 [pid 5048] close(4 [pid 5049] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... close resumed>) = 0 [pid 5794] <... write resumed>) = 4 [pid 5048] rmdir("./120/file0" [pid 5794] close(3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5794] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... rmdir resumed>) = 0 [pid 5794] symlink("/dev/binderfs", "./binderfs" [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, [pid 5794] <... symlink resumed>) = 0 [pid 5049] getdents64(3, [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5794] memfd_create("syzkaller", 0 [pid 5792] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] close(3 [pid 5792] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5792] ioctl(4, LOOP_SET_FD, 3 [pid 5049] newfstatat(AT_FDCWD, "./122/binderfs", [pid 5048] <... close resumed>) = 0 [pid 5794] <... memfd_create resumed>) = 3 [pid 5792] <... ioctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] rmdir("./120" [pid 5794] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] unlink("./122/binderfs" [pid 5048] <... rmdir resumed>) = 0 [pid 5794] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... unlink resumed>) = 0 [pid 5048] mkdir("./121", 0777 [pid 5049] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5049] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] rmdir("./122/file0" [pid 5048] close(3 [pid 5792] close(3 [pid 5048] <... close resumed>) = 0 [pid 5792] <... close resumed>) = 0 [pid 5792] mkdir("./file0", 0777 [pid 5049] <... rmdir resumed>) = 0 [pid 5792] <... mkdir resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5792] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [ 128.684292][ T5792] loop3: detected capacity change from 0 to 4096 ./strace-static-x86_64: Process 5795 attached [pid 5049] close(3 [pid 5795] set_robust_list(0x555556629660, 24 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./122" [pid 5795] <... set_robust_list resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5795 [pid 5049] mkdir("./123", 0777) = 0 [pid 5795] chdir("./121" [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5795] <... chdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = 0 [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5796 ./strace-static-x86_64: Process 5796 attached [pid 5796] set_robust_list(0x555556629660, 24 [pid 5795] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5796] <... set_robust_list resumed>) = 0 [pid 5796] chdir("./123" [pid 5791] <... mount resumed>) = 0 [pid 5796] <... chdir resumed>) = 0 [pid 5796] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5795] <... prctl resumed>) = 0 [pid 5796] setpgid(0, 0) = 0 [pid 5796] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5796] write(3, "1000", 4) = 4 [pid 5795] setpgid(0, 0 [pid 5793] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5791] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5795] <... setpgid resumed>) = 0 [pid 5796] close(3 [pid 5795] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5791] <... openat resumed>) = 3 [pid 5796] <... close resumed>) = 0 [pid 5796] symlink("/dev/binderfs", "./binderfs" [pid 5795] <... openat resumed>) = 3 [pid 5792] <... mount resumed>) = 0 [ 128.727399][ T5792] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5791] chdir("./file0" [pid 5796] <... symlink resumed>) = 0 [pid 5795] write(3, "1000", 4 [pid 5792] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5795] <... write resumed>) = 4 [pid 5792] <... openat resumed>) = 3 [pid 5792] chdir("./file0") = 0 [pid 5792] ioctl(4, LOOP_CLR_FD [pid 5796] memfd_create("syzkaller", 0 [pid 5792] <... ioctl resumed>) = 0 [pid 5795] close(3 [pid 5791] <... chdir resumed>) = 0 [pid 5795] <... close resumed>) = 0 [pid 5792] close(4) = 0 [pid 5795] symlink("/dev/binderfs", "./binderfs" [pid 5792] exit_group(0 [pid 5791] ioctl(4, LOOP_CLR_FD [pid 5792] <... exit_group resumed>) = ? [pid 5795] <... symlink resumed>) = 0 [pid 5792] +++ exited with 0 +++ [pid 5791] <... ioctl resumed>) = 0 [pid 5791] close(4 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5792, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5796] <... memfd_create resumed>) = 3 [pid 5791] <... close resumed>) = 0 [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5796] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5791] exit_group(0 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5796] <... mmap resumed>) = 0x7f3b887a1000 [pid 5795] memfd_create("syzkaller", 0 [pid 5791] <... exit_group resumed>) = ? [pid 5795] <... memfd_create resumed>) = 3 [pid 5791] +++ exited with 0 +++ [pid 5795] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5791, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5050] <... openat resumed>) = 3 [pid 5047] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5795] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] newfstatat(3, "", [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] getdents64(3, [pid 5047] <... openat resumed>) = 3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] newfstatat(3, "", [pid 5050] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(3, [pid 5050] newfstatat(AT_FDCWD, "./120/binderfs", [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./123/binderfs" [pid 5050] unlink("./120/binderfs" [pid 5047] <... unlink resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5047] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5794] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5793] <... write resumed>) = 2097152 [pid 5793] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5793] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5793] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5793] close(3) = 0 [pid 5793] mkdir("./file0", 0777 [pid 5047] <... umount2 resumed>) = 0 [pid 5793] <... mkdir resumed>) = 0 [pid 5793] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5050] <... umount2 resumed>) = 0 [pid 5047] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./123/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5796] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5794] <... write resumed>) = 2097152 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./120/file0", [pid 5047] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5794] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5050] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5795] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5794] <... munmap resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./123/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5047] rmdir("./123" [pid 5050] newfstatat(4, "", [pid 5047] <... rmdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5794] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] getdents64(4, [pid 5047] mkdir("./124", 0777 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5794] <... openat resumed>) = 4 [pid 5050] getdents64(4, [pid 5047] <... mkdir resumed>) = 0 [ 128.875475][ T5793] loop4: detected capacity change from 0 to 4096 [ 128.904491][ T5793] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5794] ioctl(4, LOOP_SET_FD, 3 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3 [pid 5050] close(4) = 0 [pid 5047] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] rmdir("./120/file0"./strace-static-x86_64: Process 5797 attached ) = 0 [pid 5797] set_robust_list(0x555556629660, 24) = 0 [pid 5797] chdir("./124") = 0 [pid 5793] <... mount resumed>) = 0 [pid 5050] getdents64(3, [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5797 [pid 5797] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5797] <... prctl resumed>) = 0 [pid 5050] close(3 [pid 5797] setpgid(0, 0 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./120" [pid 5797] <... setpgid resumed>) = 0 [pid 5794] <... ioctl resumed>) = 0 [pid 5793] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... rmdir resumed>) = 0 [pid 5797] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5797] write(3, "1000", 4) = 4 [pid 5797] close(3) = 0 [pid 5797] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5797] memfd_create("syzkaller", 0) = 3 [pid 5797] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5794] close(3 [pid 5793] <... openat resumed>) = 3 [pid 5050] mkdir("./121", 0777 [pid 5794] <... close resumed>) = 0 [pid 5793] chdir("./file0" [pid 5050] <... mkdir resumed>) = 0 [pid 5794] mkdir("./file0", 0777 [pid 5793] <... chdir resumed>) = 0 [pid 5794] <... mkdir resumed>) = 0 [pid 5793] ioctl(4, LOOP_CLR_FD) = 0 [ 128.949696][ T5794] loop5: detected capacity change from 0 to 4096 [pid 5793] close(4 [pid 5794] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5793] <... close resumed>) = 0 [pid 5793] exit_group(0) = ? [pid 5795] <... write resumed>) = 2097152 [pid 5796] <... write resumed>) = 2097152 [pid 5793] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5793, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5796] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... restart_syscall resumed>) = 0 [pid 5051] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5796] <... munmap resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5796] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./119/binderfs", [pid 5796] <... openat resumed>) = 4 [pid 5795] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5796] ioctl(4, LOOP_SET_FD, 3 [pid 5794] <... mount resumed>) = 0 [pid 5051] unlink("./119/binderfs" [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5795] <... munmap resumed>) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5051] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5795] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5795] ioctl(4, LOOP_SET_FD, 3 [pid 5796] <... ioctl resumed>) = 0 [pid 5794] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... openat resumed>) = 3 [pid 5794] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5796] close(3) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5796] mkdir("./file0", 0777 [pid 5050] close(3) = 0 [pid 5796] <... mkdir resumed>) = 0 [ 129.000879][ T5794] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 129.033691][ T5796] loop2: detected capacity change from 0 to 4096 [ 129.036823][ T5795] loop1: detected capacity change from 0 to 4096 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5796] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5794] chdir("./file0") = 0 ./strace-static-x86_64: Process 5798 attached [pid 5798] set_robust_list(0x555556629660, 24) = 0 [pid 5798] chdir("./121" [pid 5794] ioctl(4, LOOP_CLR_FD [pid 5798] <... chdir resumed>) = 0 [pid 5795] <... ioctl resumed>) = 0 [pid 5798] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5795] close(3 [pid 5798] <... prctl resumed>) = 0 [pid 5795] <... close resumed>) = 0 [pid 5798] setpgid(0, 0 [pid 5795] mkdir("./file0", 0777 [pid 5798] <... setpgid resumed>) = 0 [pid 5795] <... mkdir resumed>) = 0 [pid 5798] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5795] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5798] <... openat resumed>) = 3 [pid 5794] <... ioctl resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5798 [pid 5798] write(3, "1000", 4) = 4 [pid 5798] close(3) = 0 [pid 5798] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5798] memfd_create("syzkaller", 0) = 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5798] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5797] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5794] close(4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5794] <... close resumed>) = 0 [pid 5794] exit_group(0) = ? [pid 5051] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5794] +++ exited with 0 +++ [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5794, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./119/file0" [pid 5052] umount2("./119", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... rmdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(3, [pid 5052] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5051] close(3 [pid 5052] newfstatat(3, "", [pid 5051] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] rmdir("./119" [pid 5052] getdents64(3, [pid 5051] <... rmdir resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] mkdir("./120", 0777 [pid 5052] umount2("./119/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... mkdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] newfstatat(AT_FDCWD, "./119/binderfs", [pid 5051] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [ 129.079091][ T5795] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 129.083374][ T5796] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] unlink("./119/binderfs" [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... unlink resumed>) = 0 [pid 5051] close(3 [pid 5052] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 [pid 5796] <... mount resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5796] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 5799 attached ) = 3 [pid 5799] set_robust_list(0x555556629660, 24 [pid 5796] chdir("./file0" [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5799 [pid 5796] <... chdir resumed>) = 0 [pid 5799] <... set_robust_list resumed>) = 0 [pid 5799] chdir("./120" [pid 5796] ioctl(4, LOOP_CLR_FD) = 0 [pid 5795] <... mount resumed>) = 0 [pid 5796] close(4 [pid 5799] <... chdir resumed>) = 0 [pid 5797] <... write resumed>) = 2097152 [pid 5796] <... close resumed>) = 0 [pid 5795] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5799] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5796] exit_group(0) = ? [pid 5795] <... openat resumed>) = 3 [pid 5799] <... prctl resumed>) = 0 [pid 5799] setpgid(0, 0) = 0 [pid 5799] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5795] chdir("./file0") = 0 [pid 5795] ioctl(4, LOOP_CLR_FD [pid 5799] <... openat resumed>) = 3 [pid 5799] write(3, "1000", 4) = 4 [pid 5797] munmap(0x7f3b887a1000, 138412032 [pid 5799] close(3 [pid 5796] +++ exited with 0 +++ [pid 5795] <... ioctl resumed>) = 0 [pid 5799] <... close resumed>) = 0 [pid 5795] close(4 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5796, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5799] symlink("/dev/binderfs", "./binderfs" [pid 5795] <... close resumed>) = 0 [pid 5799] <... symlink resumed>) = 0 [pid 5799] memfd_create("syzkaller", 0 [pid 5795] exit_group(0) = ? [pid 5049] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5799] <... memfd_create resumed>) = 3 [pid 5797] <... munmap resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5799] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5797] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5799] <... mmap resumed>) = 0x7f3b887a1000 [pid 5797] <... openat resumed>) = 4 [pid 5049] <... openat resumed>) = 3 [pid 5049] newfstatat(3, "", [pid 5797] ioctl(4, LOOP_SET_FD, 3 [pid 5052] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5798] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5795] +++ exited with 0 +++ [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5795, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5049] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./123/binderfs") = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./119/file0", [pid 5049] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] umount2("./119/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5052] <... openat resumed>) = 4 [pid 5048] newfstatat(3, "", [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./119/file0") = 0 [pid 5052] getdents64(3, [pid 5049] <... umount2 resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(3, [pid 5052] close(3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5797] <... ioctl resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./123/file0", [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5797] close(3 [pid 5052] rmdir("./119" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5797] <... close resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5798] <... write resumed>) = 2097152 [pid 5052] mkdir("./120", 0777 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5797] mkdir("./file0", 0777 [pid 5049] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] newfstatat(AT_FDCWD, "./121/binderfs", [pid 5049] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", [pid 5797] <... mkdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./121/binderfs" [pid 5052] <... mkdir resumed>) = 0 [pid 5049] getdents64(4, [pid 5797] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... unlink resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] getdents64(4, [pid 5048] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(4 [pid 5052] close(3 [pid 5049] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] rmdir("./123/file0" [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... rmdir resumed>) = 0 [ 129.217481][ T5797] loop0: detected capacity change from 0 to 4096 [pid 5049] getdents64(3, [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5800 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./123") = 0 [pid 5049] mkdir("./124", 0777) = 0 ./strace-static-x86_64: Process 5800 attached [pid 5799] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... umount2 resumed>) = 0 [pid 5800] set_robust_list(0x555556629660, 24 [pid 5048] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./121/file0", [pid 5800] <... set_robust_list resumed>) = 0 [pid 5798] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5800] chdir("./120" [pid 5798] <... munmap resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5800] <... chdir resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5800] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5800] setpgid(0, 0 [pid 5049] close(3 [pid 5048] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5800] <... setpgid resumed>) = 0 [pid 5800] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5798] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5800] <... openat resumed>) = 3 [pid 5798] <... openat resumed>) = 4 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] newfstatat(4, "", [pid 5800] write(3, "1000", 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5800] <... write resumed>) = 4 [pid 5798] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5801 attached [pid 5800] close(3 [pid 5798] <... ioctl resumed>) = 0 [pid 5048] getdents64(4, [pid 5800] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5801] set_robust_list(0x555556629660, 24 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5801 [pid 5048] getdents64(4, [pid 5800] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5801] <... set_robust_list resumed>) = 0 [pid 5800] <... symlink resumed>) = 0 [pid 5048] close(4 [pid 5800] memfd_create("syzkaller", 0 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./121/file0" [pid 5801] chdir("./124") = 0 [pid 5800] <... memfd_create resumed>) = 3 [pid 5048] <... rmdir resumed>) = 0 [pid 5801] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] getdents64(3, [pid 5801] <... prctl resumed>) = 0 [pid 5800] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5801] setpgid(0, 0 [pid 5800] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] close(3 [pid 5801] <... setpgid resumed>) = 0 [pid 5798] close(3 [pid 5801] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... close resumed>) = 0 [ 129.272042][ T5797] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 129.304657][ T5798] loop3: detected capacity change from 0 to 4096 [pid 5801] <... openat resumed>) = 3 [pid 5048] rmdir("./121" [pid 5801] write(3, "1000", 4) = 4 [pid 5798] <... close resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] mkdir("./122", 0777 [pid 5801] close(3) = 0 [pid 5801] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5798] mkdir("./file0", 0777 [pid 5048] <... mkdir resumed>) = 0 [pid 5801] memfd_create("syzkaller", 0 [pid 5798] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5801] <... memfd_create resumed>) = 3 [pid 5798] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5048] <... openat resumed>) = 3 [pid 5801] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5801] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5802 attached [pid 5797] <... mount resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5802 [pid 5802] set_robust_list(0x555556629660, 24 [pid 5797] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5802] <... set_robust_list resumed>) = 0 [pid 5797] <... openat resumed>) = 3 [pid 5797] chdir("./file0" [pid 5802] chdir("./122" [pid 5797] <... chdir resumed>) = 0 [pid 5802] <... chdir resumed>) = 0 [pid 5797] ioctl(4, LOOP_CLR_FD [pid 5802] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5797] <... ioctl resumed>) = 0 [pid 5797] close(4) = 0 [pid 5797] exit_group(0) = ? [pid 5797] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5797, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5799] <... write resumed>) = 2097152 [pid 5802] <... prctl resumed>) = 0 [pid 5047] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5802] setpgid(0, 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", [pid 5799] munmap(0x7f3b887a1000, 138412032 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./124/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./124/binderfs" [pid 5799] <... munmap resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5802] <... setpgid resumed>) = 0 [pid 5047] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 129.364332][ T5798] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5802] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5799] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5799] ioctl(4, LOOP_SET_FD, 3 [pid 5802] write(3, "1000", 4) = 4 [pid 5802] close(3) = 0 [pid 5802] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5802] memfd_create("syzkaller", 0 [pid 5800] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5802] <... memfd_create resumed>) = 3 [pid 5801] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5802] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] <... umount2 resumed>) = 0 [pid 5047] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5799] <... ioctl resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5799] close(3) = 0 [pid 5798] <... mount resumed>) = 0 [pid 5799] mkdir("./file0", 0777 [pid 5798] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 129.430375][ T5799] loop4: detected capacity change from 0 to 4096 [pid 5799] <... mkdir resumed>) = 0 [pid 5798] chdir("./file0" [pid 5047] newfstatat(AT_FDCWD, "./124/file0", [pid 5798] <... chdir resumed>) = 0 [pid 5798] ioctl(4, LOOP_CLR_FD) = 0 [pid 5798] close(4) = 0 [pid 5798] exit_group(0 [pid 5799] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5798] <... exit_group resumed>) = ? [pid 5798] +++ exited with 0 +++ [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5798, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5047] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] <... openat resumed>) = 4 [pid 5050] newfstatat(AT_FDCWD, "./121/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./121/binderfs" [pid 5047] newfstatat(4, "", [pid 5050] <... unlink resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(4, [pid 5801] <... write resumed>) = 2097152 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./124/file0") = 0 [pid 5047] getdents64(3, [pid 5801] munmap(0x7f3b887a1000, 138412032 [pid 5800] <... write resumed>) = 2097152 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3 [pid 5801] <... munmap resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./124") = 0 [pid 5047] mkdir("./125", 0777 [pid 5801] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5047] <... mkdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5801] <... openat resumed>) = 4 [pid 5047] <... openat resumed>) = 3 [ 129.481871][ T5799] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5803 ./strace-static-x86_64: Process 5803 attached [pid 5803] set_robust_list(0x555556629660, 24 [pid 5802] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5801] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... umount2 resumed>) = 0 [pid 5803] <... set_robust_list resumed>) = 0 [pid 5800] munmap(0x7f3b887a1000, 138412032 [pid 5803] chdir("./125" [pid 5800] <... munmap resumed>) = 0 [pid 5799] <... mount resumed>) = 0 [pid 5799] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5799] chdir("./file0") = 0 [pid 5799] ioctl(4, LOOP_CLR_FD) = 0 [pid 5800] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5799] close(4 [pid 5800] <... openat resumed>) = 4 [pid 5799] <... close resumed>) = 0 [pid 5800] ioctl(4, LOOP_SET_FD, 3 [pid 5799] exit_group(0 [pid 5803] <... chdir resumed>) = 0 [pid 5050] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5803] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5799] <... exit_group resumed>) = ? [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5803] <... prctl resumed>) = 0 [pid 5799] +++ exited with 0 +++ [pid 5050] newfstatat(AT_FDCWD, "./121/file0", [pid 5803] setpgid(0, 0) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5803] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5799, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5050] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... restart_syscall resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", [pid 5051] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] getdents64(4, [pid 5051] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... openat resumed>) = 3 [pid 5050] getdents64(4, [pid 5051] newfstatat(3, "", [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] close(4 [pid 5051] getdents64(3, [pid 5050] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] rmdir("./121/file0" [pid 5051] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... rmdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] getdents64(3, [pid 5051] newfstatat(AT_FDCWD, "./120/binderfs", [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] close(3 [pid 5051] unlink("./120/binderfs" [pid 5050] <... close resumed>) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5050] rmdir("./121" [pid 5051] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... rmdir resumed>) = 0 [pid 5050] mkdir("./122", 0777 [pid 5803] <... openat resumed>) = 3 [pid 5050] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5800] <... ioctl resumed>) = 0 [pid 5050] close(3 [pid 5803] write(3, "1000", 4 [pid 5801] <... ioctl resumed>) = 0 [pid 5800] close(3 [pid 5801] close(3) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5803] <... write resumed>) = 4 [pid 5801] mkdir("./file0", 0777 [pid 5800] <... close resumed>) = 0 [pid 5800] mkdir("./file0", 0777 [pid 5803] close(3 [pid 5801] <... mkdir resumed>) = 0 [pid 5800] <... mkdir resumed>) = 0 [pid 5803] <... close resumed>) = 0 [pid 5800] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5804 [ 129.560860][ T5801] loop2: detected capacity change from 0 to 4096 [ 129.564892][ T5800] loop5: detected capacity change from 0 to 4096 [pid 5803] symlink("/dev/binderfs", "./binderfs" [pid 5801] mount("/dev/loop2", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 5804 attached [pid 5803] <... symlink resumed>) = 0 [pid 5804] set_robust_list(0x555556629660, 24 [pid 5803] memfd_create("syzkaller", 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5804] <... set_robust_list resumed>) = 0 [pid 5804] chdir("./122") = 0 [pid 5804] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5804] setpgid(0, 0) = 0 [pid 5804] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5803] <... memfd_create resumed>) = 3 [pid 5804] write(3, "1000", 4 [pid 5803] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5804] <... write resumed>) = 4 [pid 5804] close(3 [pid 5803] <... mmap resumed>) = 0x7f3b887a1000 [pid 5804] <... close resumed>) = 0 [pid 5804] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5804] memfd_create("syzkaller", 0 [pid 5051] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./120/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5804] <... memfd_create resumed>) = 3 [pid 5051] <... openat resumed>) = 4 [pid 5802] <... write resumed>) = 2097152 [pid 5051] newfstatat(4, "", [pid 5804] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5802] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5802] <... munmap resumed>) = 0 [pid 5804] <... mmap resumed>) = 0x7f3b887a1000 [ 129.615489][ T5800] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 129.624660][ T5801] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5051] getdents64(4, [pid 5802] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5802] <... openat resumed>) = 4 [pid 5051] getdents64(4, [pid 5800] <... mount resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5800] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] close(4 [pid 5800] <... openat resumed>) = 3 [pid 5051] <... close resumed>) = 0 [pid 5800] chdir("./file0" [pid 5051] rmdir("./120/file0" [pid 5800] <... chdir resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5802] ioctl(4, LOOP_SET_FD, 3 [pid 5800] ioctl(4, LOOP_CLR_FD [pid 5051] getdents64(3, [pid 5800] <... ioctl resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5800] close(4 [pid 5051] close(3) = 0 [pid 5051] rmdir("./120") = 0 [pid 5800] <... close resumed>) = 0 [pid 5051] mkdir("./121", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5802] <... ioctl resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5802] close(3) = 0 [pid 5802] mkdir("./file0", 0777 [pid 5800] exit_group(0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5800] <... exit_group resumed>) = ? [pid 5802] <... mkdir resumed>) = 0 [pid 5802] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5800] +++ exited with 0 +++ [pid 5051] close(3 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5800, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] umount2("./120", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5805 attached ) = -1 EINVAL (Invalid argument) [pid 5803] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5805 [pid 5805] set_robust_list(0x555556629660, 24) = 0 [pid 5052] openat(AT_FDCWD, "./120", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5805] chdir("./121" [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./120/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5805] <... chdir resumed>) = 0 [pid 5804] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] newfstatat(AT_FDCWD, "./120/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./120/binderfs" [pid 5805] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... unlink resumed>) = 0 [pid 5805] <... prctl resumed>) = 0 [pid 5805] setpgid(0, 0) = 0 [pid 5052] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5805] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... umount2 resumed>) = 0 [pid 5805] <... openat resumed>) = 3 [ 129.682758][ T5802] loop1: detected capacity change from 0 to 4096 [ 129.717542][ T5802] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5805] write(3, "1000", 4 [pid 5052] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5805] <... write resumed>) = 4 [pid 5805] close(3) = 0 [pid 5805] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./120/file0", [pid 5805] <... symlink resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./120/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./120/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", [pid 5805] memfd_create("syzkaller", 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5805] <... memfd_create resumed>) = 3 [pid 5052] getdents64(4, [pid 5805] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5805] <... mmap resumed>) = 0x7f3b887a1000 [pid 5803] <... write resumed>) = 2097152 [pid 5801] <... mount resumed>) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./120/file0") = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3 [pid 5801] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... close resumed>) = 0 [pid 5803] munmap(0x7f3b887a1000, 138412032 [pid 5052] rmdir("./120") = 0 [pid 5804] <... write resumed>) = 2097152 [pid 5803] <... munmap resumed>) = 0 [pid 5801] <... openat resumed>) = 3 [pid 5052] mkdir("./121", 0777 [pid 5804] munmap(0x7f3b887a1000, 138412032 [pid 5803] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5801] chdir("./file0" [pid 5052] <... mkdir resumed>) = 0 [pid 5801] <... chdir resumed>) = 0 [pid 5801] ioctl(4, LOOP_CLR_FD [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5804] <... munmap resumed>) = 0 [pid 5803] <... openat resumed>) = 4 [pid 5801] <... ioctl resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5801] close(4) = 0 [pid 5801] exit_group(0) = ? [pid 5803] ioctl(4, LOOP_SET_FD, 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5801] +++ exited with 0 +++ [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5805] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5802] <... mount resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5801, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5802] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5802] <... openat resumed>) = 3 [pid 5802] chdir("./file0" [pid 5049] <... restart_syscall resumed>) = 0 [pid 5802] <... chdir resumed>) = 0 [pid 5052] close(3) = 0 [pid 5802] ioctl(4, LOOP_CLR_FD [pid 5049] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5802] <... ioctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5802] close(4 [pid 5049] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5802] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5802] exit_group(0 [pid 5049] newfstatat(3, "", [pid 5802] <... exit_group resumed>) = ? [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5804] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5804] <... openat resumed>) = 4 [pid 5049] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5804] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./124/binderfs", ./strace-static-x86_64: Process 5806 attached [pid 5802] +++ exited with 0 +++ [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5806 [pid 5803] <... ioctl resumed>) = 0 [pid 5803] close(3) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5806] set_robust_list(0x555556629660, 24 [pid 5049] unlink("./124/binderfs" [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5802, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5803] mkdir("./file0", 0777 [pid 5049] <... unlink resumed>) = 0 [pid 5806] <... set_robust_list resumed>) = 0 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5806] chdir("./121" [pid 5803] <... mkdir resumed>) = 0 [pid 5049] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5806] <... chdir resumed>) = 0 [pid 5803] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5806] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5804] <... ioctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5048] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5806] <... prctl resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5806] setpgid(0, 0 [pid 5048] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5806] <... setpgid resumed>) = 0 [pid 5804] close(3 [pid 5048] <... openat resumed>) = 3 [pid 5806] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5804] <... close resumed>) = 0 [pid 5049] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(3, "", [pid 5806] <... openat resumed>) = 3 [pid 5804] mkdir("./file0", 0777 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5806] write(3, "1000", 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5806] <... write resumed>) = 4 [pid 5049] newfstatat(AT_FDCWD, "./124/file0", [pid 5048] getdents64(3, [pid 5806] close(3) = 0 [pid 5804] <... mkdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5806] symlink("/dev/binderfs", "./binderfs" [pid 5049] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5806] <... symlink resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./122/binderfs", [pid 5049] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 129.826575][ T5803] loop0: detected capacity change from 0 to 4096 [ 129.847602][ T5804] loop3: detected capacity change from 0 to 4096 [ 129.865346][ T5803] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5804] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] <... openat resumed>) = 4 [pid 5048] unlink("./122/binderfs" [pid 5806] memfd_create("syzkaller", 0 [pid 5048] <... unlink resumed>) = 0 [pid 5806] <... memfd_create resumed>) = 3 [pid 5048] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5806] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5803] <... mount resumed>) = 0 [pid 5803] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5803] chdir("./file0") = 0 [pid 5049] newfstatat(4, "", [pid 5048] <... umount2 resumed>) = 0 [pid 5803] ioctl(4, LOOP_CLR_FD [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [ 129.883786][ T5804] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5803] <... ioctl resumed>) = 0 [pid 5049] getdents64(4, [pid 5803] close(4 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5803] <... close resumed>) = 0 [pid 5803] exit_group(0 [pid 5049] <... close resumed>) = 0 [pid 5803] <... exit_group resumed>) = ? [pid 5049] rmdir("./124/file0" [pid 5803] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5803, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5047] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5805] <... write resumed>) = 2097152 [pid 5049] getdents64(3, [pid 5047] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(3, "", [pid 5805] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5804] <... mount resumed>) = 0 [pid 5049] close(3 [pid 5048] newfstatat(AT_FDCWD, "./122/file0", [pid 5047] getdents64(3, [pid 5049] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] rmdir("./124" [pid 5047] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5804] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... rmdir resumed>) = 0 [pid 5048] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(AT_FDCWD, "./125/binderfs", [pid 5804] <... openat resumed>) = 3 [pid 5049] mkdir("./125", 0777 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5804] chdir("./file0" [pid 5048] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5804] <... chdir resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5047] unlink("./125/binderfs" [pid 5804] ioctl(4, LOOP_CLR_FD [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] newfstatat(4, "", [pid 5047] <... unlink resumed>) = 0 [pid 5804] <... ioctl resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5804] close(4 [pid 5048] getdents64(4, [pid 5805] <... munmap resumed>) = 0 [pid 5804] <... close resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5806] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5805] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5804] exit_group(0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5805] <... openat resumed>) = 4 [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5804] <... exit_group resumed>) = ? [pid 5048] <... close resumed>) = 0 [pid 5804] +++ exited with 0 +++ [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5807 ./strace-static-x86_64: Process 5807 attached [pid 5805] ioctl(4, LOOP_SET_FD, 3 [pid 5807] set_robust_list(0x555556629660, 24 [pid 5048] rmdir("./122/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5804, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5048] close(3) = 0 [pid 5048] rmdir("./122" [pid 5050] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... rmdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] mkdir("./123", 0777 [pid 5050] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5807] <... set_robust_list resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5807] chdir("./125" [pid 5050] newfstatat(3, "", [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5807] <... chdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5807] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] getdents64(3, [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./122/binderfs", [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./122/binderfs") = 0 [pid 5807] <... prctl resumed>) = 0 [pid 5050] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5808 attached [pid 5807] setpgid(0, 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5808 [pid 5808] set_robust_list(0x555556629660, 24 [pid 5807] <... setpgid resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5808] <... set_robust_list resumed>) = 0 [pid 5807] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5805] <... ioctl resumed>) = 0 [pid 5808] chdir("./123" [pid 5807] <... openat resumed>) = 3 [pid 5805] close(3 [pid 5808] <... chdir resumed>) = 0 [pid 5805] <... close resumed>) = 0 [pid 5808] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5808] <... prctl resumed>) = 0 [pid 5805] mkdir("./file0", 0777 [pid 5808] setpgid(0, 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5808] <... setpgid resumed>) = 0 [pid 5808] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5805] <... mkdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./125/file0", [pid 5808] <... openat resumed>) = 3 [pid 5807] write(3, "1000", 4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5808] write(3, "1000", 4 [pid 5807] <... write resumed>) = 4 [pid 5805] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5047] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5808] <... write resumed>) = 4 [ 129.997495][ T5805] loop4: detected capacity change from 0 to 4096 [pid 5807] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5808] close(3 [pid 5047] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5808] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5808] symlink("/dev/binderfs", "./binderfs" [pid 5047] newfstatat(4, "", [pid 5808] <... symlink resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5808] memfd_create("syzkaller", 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, [pid 5808] <... memfd_create resumed>) = 3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5808] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] close(4 [pid 5808] <... mmap resumed>) = 0x7f3b887a1000 [pid 5807] <... close resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5807] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... umount2 resumed>) = 0 [pid 5807] <... symlink resumed>) = 0 [pid 5806] <... write resumed>) = 2097152 [pid 5047] rmdir("./125/file0" [pid 5807] memfd_create("syzkaller", 0 [pid 5050] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... rmdir resumed>) = 0 [pid 5807] <... memfd_create resumed>) = 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(3, [pid 5050] newfstatat(AT_FDCWD, "./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... close resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5047] rmdir("./125" [pid 5807] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5806] munmap(0x7f3b887a1000, 138412032 [pid 5050] newfstatat(4, "", [pid 5047] <... rmdir resumed>) = 0 [pid 5807] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5806] <... munmap resumed>) = 0 [pid 5047] mkdir("./126", 0777 [pid 5050] getdents64(4, [pid 5047] <... mkdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5050] close(4 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5050] <... close resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 130.041685][ T5805] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5050] rmdir("./122/file0" [pid 5047] close(3 [pid 5050] <... rmdir resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5050] getdents64(3, [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./122"./strace-static-x86_64: Process 5809 attached ) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5809 [pid 5809] set_robust_list(0x555556629660, 24) = 0 [pid 5050] mkdir("./123", 0777 [pid 5809] chdir("./126" [pid 5050] <... mkdir resumed>) = 0 [pid 5809] <... chdir resumed>) = 0 [pid 5809] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5806] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5809] <... prctl resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5809] setpgid(0, 0 [pid 5806] <... openat resumed>) = 4 [pid 5050] <... openat resumed>) = 3 [pid 5809] <... setpgid resumed>) = 0 [pid 5806] ioctl(4, LOOP_SET_FD, 3 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5809] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5809] <... openat resumed>) = 3 [pid 5050] close(3 [pid 5809] write(3, "1000", 4 [pid 5050] <... close resumed>) = 0 [pid 5809] <... write resumed>) = 4 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5809] close(3./strace-static-x86_64: Process 5810 attached ) = 0 [pid 5809] symlink("/dev/binderfs", "./binderfs" [pid 5810] set_robust_list(0x555556629660, 24 [pid 5809] <... symlink resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5810 [pid 5810] <... set_robust_list resumed>) = 0 [pid 5810] chdir("./123") = 0 [pid 5808] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5810] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5809] memfd_create("syzkaller", 0 [pid 5810] <... prctl resumed>) = 0 [pid 5810] setpgid(0, 0) = 0 [pid 5810] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5805] <... mount resumed>) = 0 [pid 5810] <... openat resumed>) = 3 [pid 5810] write(3, "1000", 4 [pid 5805] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5810] <... write resumed>) = 4 [pid 5809] <... memfd_create resumed>) = 3 [pid 5806] <... ioctl resumed>) = 0 [pid 5805] <... openat resumed>) = 3 [pid 5810] close(3 [pid 5809] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5806] close(3 [pid 5805] chdir("./file0" [pid 5810] <... close resumed>) = 0 [pid 5809] <... mmap resumed>) = 0x7f3b887a1000 [pid 5806] <... close resumed>) = 0 [pid 5805] <... chdir resumed>) = 0 [pid 5810] symlink("/dev/binderfs", "./binderfs") = 0 [ 130.121893][ T5806] loop5: detected capacity change from 0 to 4096 [pid 5810] memfd_create("syzkaller", 0 [pid 5806] mkdir("./file0", 0777 [pid 5805] ioctl(4, LOOP_CLR_FD [pid 5810] <... memfd_create resumed>) = 3 [pid 5805] <... ioctl resumed>) = 0 [pid 5810] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5807] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5806] <... mkdir resumed>) = 0 [pid 5805] close(4) = 0 [pid 5806] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5810] <... mmap resumed>) = 0x7f3b887a1000 [pid 5805] exit_group(0) = ? [pid 5805] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5805, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5051] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5806] <... mount resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5806] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5806] chdir("./file0" [pid 5808] <... write resumed>) = 2097152 [pid 5806] <... chdir resumed>) = 0 [ 130.193983][ T5806] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5051] getdents64(3, [pid 5806] ioctl(4, LOOP_CLR_FD [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5806] <... ioctl resumed>) = 0 [pid 5806] close(4 [pid 5051] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5806] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./121/binderfs", [pid 5806] exit_group(0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./121/binderfs") = 0 [pid 5051] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5806] <... exit_group resumed>) = ? [pid 5808] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5807] <... write resumed>) = 2097152 [pid 5806] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5806, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] <... umount2 resumed>) = 0 [pid 5051] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5808] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5808] <... openat resumed>) = 4 [pid 5051] newfstatat(AT_FDCWD, "./121/file0", [pid 5808] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5808] <... ioctl resumed>) = 0 [pid 5052] umount2("./121", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5809] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] openat(AT_FDCWD, "./121", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... openat resumed>) = 4 [pid 5807] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... openat resumed>) = 3 [pid 5051] newfstatat(4, "", [pid 5807] <... munmap resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5052] getdents64(3, [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] getdents64(4, [pid 5052] umount2("./121/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] close(4 [pid 5052] newfstatat(AT_FDCWD, "./121/binderfs", [pid 5051] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] rmdir("./121/file0" [pid 5807] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] unlink("./121/binderfs" [pid 5051] <... rmdir resumed>) = 0 [pid 5807] <... openat resumed>) = 4 [pid 5052] <... unlink resumed>) = 0 [pid 5051] getdents64(3, [pid 5807] ioctl(4, LOOP_SET_FD, 3 [pid 5808] close(3) = 0 [pid 5052] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5808] mkdir("./file0", 0777 [pid 5051] close(3) = 0 [pid 5808] <... mkdir resumed>) = 0 [pid 5051] rmdir("./121" [pid 5808] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] <... rmdir resumed>) = 0 [pid 5051] mkdir("./122", 0777) = 0 [ 130.284198][ T5808] loop1: detected capacity change from 0 to 4096 [ 130.313159][ T5807] loop2: detected capacity change from 0 to 4096 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5810] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] close(3 [pid 5807] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5807] close(3 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5807] <... close resumed>) = 0 [pid 5807] mkdir("./file0", 0777) = 0 [pid 5807] mount("/dev/loop2", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 5811 attached [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5811 [pid 5811] set_robust_list(0x555556629660, 24) = 0 [pid 5811] chdir("./122") = 0 [pid 5809] <... write resumed>) = 2097152 [pid 5808] <... mount resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5811] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5808] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5811] <... prctl resumed>) = 0 [pid 5808] <... openat resumed>) = 3 [pid 5811] setpgid(0, 0 [pid 5808] chdir("./file0" [pid 5811] <... setpgid resumed>) = 0 [pid 5808] <... chdir resumed>) = 0 [pid 5811] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5808] ioctl(4, LOOP_CLR_FD [pid 5052] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5811] <... openat resumed>) = 3 [pid 5808] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5811] write(3, "1000", 4 [pid 5808] close(4 [pid 5811] <... write resumed>) = 4 [pid 5809] munmap(0x7f3b887a1000, 138412032 [pid 5808] <... close resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./121/file0", [pid 5811] close(3 [pid 5808] exit_group(0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5811] <... close resumed>) = 0 [pid 5809] <... munmap resumed>) = 0 [pid 5808] <... exit_group resumed>) = ? [pid 5052] umount2("./121/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./121/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5808] +++ exited with 0 +++ [pid 5052] newfstatat(4, "", [pid 5811] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5808, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5811] <... symlink resumed>) = 0 [pid 5052] getdents64(4, [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5807] <... mount resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [ 130.335115][ T5808] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 130.364006][ T5807] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5048] <... restart_syscall resumed>) = 0 [pid 5811] memfd_create("syzkaller", 0 [pid 5809] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5809] <... openat resumed>) = 4 [pid 5052] close(4 [pid 5048] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5811] <... memfd_create resumed>) = 3 [pid 5809] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... close resumed>) = 0 [pid 5807] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] rmdir("./121/file0" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5807] <... openat resumed>) = 3 [pid 5811] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5810] <... write resumed>) = 2097152 [pid 5807] chdir("./file0" [pid 5052] <... rmdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5811] <... mmap resumed>) = 0x7f3b887a1000 [pid 5810] munmap(0x7f3b887a1000, 138412032 [pid 5807] <... chdir resumed>) = 0 [pid 5809] <... ioctl resumed>) = 0 [pid 5052] getdents64(3, [pid 5048] <... openat resumed>) = 3 [pid 5809] close(3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] newfstatat(3, "", [pid 5809] <... close resumed>) = 0 [pid 5052] close(3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5809] mkdir("./file0", 0777 [pid 5052] <... close resumed>) = 0 [pid 5809] <... mkdir resumed>) = 0 [pid 5807] ioctl(4, LOOP_CLR_FD [pid 5052] rmdir("./121" [pid 5048] getdents64(3, [pid 5809] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5807] <... ioctl resumed>) = 0 [pid 5807] close(4 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5807] <... close resumed>) = 0 [pid 5807] exit_group(0) = ? [pid 5807] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5807, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5810] <... munmap resumed>) = 0 [pid 5049] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5810] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5810] <... openat resumed>) = 4 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5810] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] mkdir("./122", 0777 [pid 5049] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5810] <... ioctl resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./123/binderfs", [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] newfstatat(AT_FDCWD, "./125/binderfs", [pid 5052] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5810] close(3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] unlink("./125/binderfs" [pid 5048] unlink("./123/binderfs" [pid 5810] <... close resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5810] mkdir("./file0", 0777 [pid 5049] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... unlink resumed>) = 0 [pid 5810] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5048] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5810] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./125/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5048] <... umount2 resumed>) = 0 [ 130.424390][ T5809] loop0: detected capacity change from 0 to 4096 [ 130.438294][ T5809] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 130.454015][ T5810] loop3: detected capacity change from 0 to 4096 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./125/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./125") = 0 [pid 5049] mkdir("./126", 0777) = 0 [pid 5048] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5809] <... mount resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5809] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] close(3 [pid 5048] newfstatat(AT_FDCWD, "./123/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... close resumed>) = 0 [pid 5048] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5809] <... openat resumed>) = 3 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5812 [pid 5809] chdir("./file0" [pid 5048] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5809] <... chdir resumed>) = 0 [pid 5809] ioctl(4, LOOP_CLR_FD [pid 5048] <... openat resumed>) = 4 [pid 5809] <... ioctl resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5809] close(4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5809] <... close resumed>) = 0 [pid 5048] getdents64(4, ./strace-static-x86_64: Process 5812 attached [pid 5809] exit_group(0 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5812] set_robust_list(0x555556629660, 24 [pid 5809] <... exit_group resumed>) = ? [pid 5048] getdents64(4, [pid 5812] <... set_robust_list resumed>) = 0 [pid 5812] chdir("./122" [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5812] <... chdir resumed>) = 0 [pid 5048] close(4 [pid 5812] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5812] setpgid(0, 0) = 0 [pid 5812] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5809] +++ exited with 0 +++ [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... close resumed>) = 0 [pid 5812] write(3, "1000", 4 [pid 5049] <... ioctl resumed>) = 0 [pid 5048] rmdir("./123/file0" [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5809, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5049] close(3 [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5049] <... close resumed>) = 0 [pid 5047] <... restart_syscall resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5813 attached [pid 5812] <... write resumed>) = 4 [pid 5811] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5813 [pid 5048] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5813] set_robust_list(0x555556629660, 24 [pid 5812] close(3 [pid 5048] <... close resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5813] <... set_robust_list resumed>) = 0 [pid 5812] <... close resumed>) = 0 [pid 5048] rmdir("./123" [pid 5047] <... openat resumed>) = 3 [ 130.480884][ T5810] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5812] symlink("/dev/binderfs", "./binderfs" [pid 5047] newfstatat(3, "", [pid 5812] <... symlink resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5813] chdir("./126" [pid 5812] memfd_create("syzkaller", 0 [pid 5048] mkdir("./124", 0777 [pid 5047] getdents64(3, [pid 5813] <... chdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] <... mkdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./126/binderfs", [pid 5813] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5810] <... mount resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5813] <... prctl resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5047] unlink("./126/binderfs" [pid 5813] setpgid(0, 0 [pid 5812] <... memfd_create resumed>) = 3 [pid 5810] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5047] <... unlink resumed>) = 0 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5813] <... setpgid resumed>) = 0 [pid 5810] <... openat resumed>) = 3 [pid 5048] close(3 [pid 5810] chdir("./file0" [pid 5048] <... close resumed>) = 0 [pid 5813] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5812] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5810] <... chdir resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5812] <... mmap resumed>) = 0x7f3b887a1000 ./strace-static-x86_64: Process 5814 attached [pid 5813] <... openat resumed>) = 3 [pid 5810] ioctl(4, LOOP_CLR_FD [pid 5814] set_robust_list(0x555556629660, 24 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5814 [pid 5814] <... set_robust_list resumed>) = 0 [pid 5813] write(3, "1000", 4 [pid 5811] <... write resumed>) = 2097152 [pid 5810] <... ioctl resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5814] chdir("./124" [pid 5813] <... write resumed>) = 4 [pid 5811] munmap(0x7f3b887a1000, 138412032 [pid 5810] close(4 [pid 5814] <... chdir resumed>) = 0 [pid 5813] close(3 [pid 5810] <... close resumed>) = 0 [pid 5813] <... close resumed>) = 0 [pid 5047] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5813] symlink("/dev/binderfs", "./binderfs" [pid 5814] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5814] setpgid(0, 0 [pid 5813] <... symlink resumed>) = 0 [pid 5810] exit_group(0 [pid 5811] <... munmap resumed>) = 0 [pid 5814] <... setpgid resumed>) = 0 [pid 5811] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5810] <... exit_group resumed>) = ? [pid 5047] newfstatat(AT_FDCWD, "./126/file0", [pid 5811] <... openat resumed>) = 4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5811] ioctl(4, LOOP_SET_FD, 3 [pid 5047] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5814] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5810] +++ exited with 0 +++ [pid 5047] close(4) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5810, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5047] rmdir("./126/file0" [pid 5814] write(3, "1000", 4 [pid 5813] memfd_create("syzkaller", 0 [pid 5811] <... ioctl resumed>) = 0 [pid 5050] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... rmdir resumed>) = 0 [pid 5814] <... write resumed>) = 4 [pid 5813] <... memfd_create resumed>) = 3 [pid 5811] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(3, [pid 5814] close(3 [pid 5813] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5811] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5814] <... close resumed>) = 0 [pid 5813] <... mmap resumed>) = 0x7f3b887a1000 [pid 5811] mkdir("./file0", 0777 [pid 5050] <... openat resumed>) = 3 [pid 5047] close(3 [pid 5814] symlink("/dev/binderfs", "./binderfs" [pid 5811] <... mkdir resumed>) = 0 [pid 5050] newfstatat(3, "", [pid 5047] <... close resumed>) = 0 [pid 5814] <... symlink resumed>) = 0 [pid 5811] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] rmdir("./126" [pid 5814] memfd_create("syzkaller", 0 [pid 5050] getdents64(3, [pid 5047] <... rmdir resumed>) = 0 [pid 5047] mkdir("./127", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5815 attached [pid 5815] set_robust_list(0x555556629660, 24) = 0 [pid 5815] chdir("./127") = 0 [pid 5815] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5815] setpgid(0, 0) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5815 [pid 5815] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5815] write(3, "1000", 4 [pid 5812] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5814] <... memfd_create resumed>) = 3 [pid 5815] <... write resumed>) = 4 [pid 5815] close(3 [pid 5814] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5814] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] newfstatat(AT_FDCWD, "./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5815] <... close resumed>) = 0 [pid 5815] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5815] memfd_create("syzkaller", 0 [ 130.597870][ T5811] loop4: detected capacity change from 0 to 4096 [ 130.632461][ T5811] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5050] unlink("./123/binderfs") = 0 [pid 5050] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5815] <... memfd_create resumed>) = 3 [pid 5815] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5813] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... umount2 resumed>) = 0 [pid 5050] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./123/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", [pid 5811] <... mount resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5812] <... write resumed>) = 2097152 [pid 5811] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5811] chdir("./file0" [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, [pid 5811] <... chdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5815] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5811] ioctl(4, LOOP_CLR_FD [pid 5050] close(4 [pid 5811] <... ioctl resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./123/file0" [pid 5814] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5812] munmap(0x7f3b887a1000, 138412032 [pid 5811] close(4 [pid 5050] <... rmdir resumed>) = 0 [pid 5811] <... close resumed>) = 0 [pid 5812] <... munmap resumed>) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./123") = 0 [pid 5050] mkdir("./124", 0777) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5816 [pid 5811] exit_group(0./strace-static-x86_64: Process 5816 attached [pid 5812] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5811] <... exit_group resumed>) = ? [pid 5816] set_robust_list(0x555556629660, 24) = 0 [pid 5812] <... openat resumed>) = 4 [pid 5811] +++ exited with 0 +++ [pid 5816] chdir("./124") = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5811, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5816] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5051] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5813] <... write resumed>) = 2097152 [pid 5812] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5816] setpgid(0, 0) = 0 [pid 5816] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5816] write(3, "1000", 4) = 4 [pid 5816] close(3) = 0 [pid 5816] symlink("/dev/binderfs", "./binderfs" [pid 5812] <... ioctl resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5816] <... symlink resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5816] memfd_create("syzkaller", 0 [pid 5813] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5813] <... munmap resumed>) = 0 [pid 5051] getdents64(3, [pid 5816] <... memfd_create resumed>) = 3 [pid 5816] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5814] <... write resumed>) = 2097152 [pid 5813] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5812] close(3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5815] <... write resumed>) = 2097152 [pid 5814] munmap(0x7f3b887a1000, 138412032 [pid 5813] <... openat resumed>) = 4 [pid 5812] <... close resumed>) = 0 [pid 5051] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5815] munmap(0x7f3b887a1000, 138412032 [pid 5812] mkdir("./file0", 0777 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5815] <... munmap resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./122/binderfs", [pid 5812] <... mkdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5815] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5814] <... munmap resumed>) = 0 [pid 5812] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [ 130.833122][ T5812] loop5: detected capacity change from 0 to 4096 [pid 5051] unlink("./122/binderfs" [pid 5815] <... openat resumed>) = 4 [pid 5813] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... unlink resumed>) = 0 [pid 5051] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5815] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5051] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./122/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./122/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./122") = 0 [pid 5051] mkdir("./123", 0777) = 0 [pid 5814] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5814] <... openat resumed>) = 4 [pid 5051] <... openat resumed>) = 3 [pid 5814] ioctl(4, LOOP_SET_FD, 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = 0 [pid 5051] close(3 [pid 5815] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5815] close(3) = 0 [pid 5815] mkdir("./file0", 0777 [pid 5813] <... ioctl resumed>) = 0 [pid 5813] close(3 [pid 5815] <... mkdir resumed>) = 0 [pid 5813] <... close resumed>) = 0 ./strace-static-x86_64: Process 5817 attached [pid 5813] mkdir("./file0", 0777 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5817 [pid 5817] set_robust_list(0x555556629660, 24) = 0 [pid 5817] chdir("./123" [pid 5813] <... mkdir resumed>) = 0 [pid 5817] <... chdir resumed>) = 0 [pid 5815] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [ 130.877171][ T5813] loop2: detected capacity change from 0 to 4096 [ 130.881171][ T5815] loop0: detected capacity change from 0 to 4096 [ 130.884583][ T5812] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 130.901847][ T5814] loop1: detected capacity change from 0 to 4096 [pid 5816] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5817] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5813] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5817] <... prctl resumed>) = 0 [pid 5817] setpgid(0, 0) = 0 [pid 5817] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5814] <... ioctl resumed>) = 0 [pid 5817] <... openat resumed>) = 3 [pid 5814] close(3) = 0 [pid 5817] write(3, "1000", 4 [pid 5814] mkdir("./file0", 0777) = 0 [pid 5817] <... write resumed>) = 4 [pid 5817] close(3) = 0 [pid 5817] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5814] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5817] memfd_create("syzkaller", 0) = 3 [pid 5817] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5812] <... mount resumed>) = 0 [pid 5816] <... write resumed>) = 2097152 [pid 5812] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5812] chdir("./file0" [pid 5816] munmap(0x7f3b887a1000, 138412032 [pid 5812] <... chdir resumed>) = 0 [pid 5812] ioctl(4, LOOP_CLR_FD) = 0 [pid 5812] close(4 [pid 5813] <... mount resumed>) = 0 [pid 5812] <... close resumed>) = 0 [pid 5812] exit_group(0) = ? [pid 5813] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 130.922291][ T5815] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 130.935740][ T5813] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 130.955401][ T5814] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5816] <... munmap resumed>) = 0 [pid 5813] chdir("./file0" [pid 5812] +++ exited with 0 +++ [pid 5816] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5814] <... mount resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5812, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5816] <... openat resumed>) = 4 [pid 5815] <... mount resumed>) = 0 [pid 5814] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5813] <... chdir resumed>) = 0 [pid 5816] ioctl(4, LOOP_SET_FD, 3 [pid 5814] <... openat resumed>) = 3 [pid 5813] ioctl(4, LOOP_CLR_FD [pid 5817] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5816] <... ioctl resumed>) = 0 [pid 5815] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5814] chdir("./file0" [pid 5052] umount2("./122", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5813] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./122", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./122/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./122/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./122/binderfs") = 0 [pid 5813] close(4 [pid 5052] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5813] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5052] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5813] exit_group(0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5814] <... chdir resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./122/file0", [pid 5815] <... openat resumed>) = 3 [pid 5814] ioctl(4, LOOP_CLR_FD [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5815] chdir("./file0" [pid 5814] <... ioctl resumed>) = 0 [pid 5052] umount2("./122/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5815] <... chdir resumed>) = 0 [pid 5814] close(4 [pid 5813] <... exit_group resumed>) = ? [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5815] ioctl(4, LOOP_CLR_FD [pid 5814] <... close resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./122/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5815] <... ioctl resumed>) = 0 [pid 5814] exit_group(0 [pid 5052] <... openat resumed>) = 4 [pid 5815] close(4 [pid 5814] <... exit_group resumed>) = ? [pid 5052] newfstatat(4, "", [pid 5815] <... close resumed>) = 0 [pid 5814] +++ exited with 0 +++ [pid 5813] +++ exited with 0 +++ [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5815] exit_group(0 [pid 5052] getdents64(4, [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5814, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5816] close(3 [pid 5815] <... exit_group resumed>) = ? [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5813, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5816] <... close resumed>) = 0 [pid 5815] +++ exited with 0 +++ [pid 5052] getdents64(4, [pid 5816] mkdir("./file0", 0777 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5816] <... mkdir resumed>) = 0 [pid 5052] close(4 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5815, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5816] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... restart_syscall resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5052] rmdir("./122/file0" [pid 5049] newfstatat(3, "", [ 131.022766][ T5816] loop3: detected capacity change from 0 to 4096 [pid 5048] newfstatat(3, "", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] rmdir("./122" [pid 5047] <... openat resumed>) = 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5048] getdents64(3, [pid 5047] newfstatat(3, "", [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(3, [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] mkdir("./123", 0777 [pid 5048] newfstatat(AT_FDCWD, "./124/binderfs", [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] unlink("./124/binderfs" [pid 5047] newfstatat(AT_FDCWD, "./127/binderfs", [pid 5052] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5047] unlink("./127/binderfs" [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] <... unlink resumed>) = 0 [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5818 attached [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./126/binderfs", [pid 5817] <... write resumed>) = 2097152 [pid 5048] <... umount2 resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5818 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] unlink("./126/binderfs" [pid 5048] newfstatat(AT_FDCWD, "./124/file0", [pid 5817] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... unlink resumed>) = 0 [ 131.074483][ T5816] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5049] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5817] <... munmap resumed>) = 0 [pid 5048] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5816] <... mount resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5816] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5817] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5816] <... openat resumed>) = 3 [pid 5817] <... openat resumed>) = 4 [pid 5816] chdir("./file0") = 0 [pid 5817] ioctl(4, LOOP_SET_FD, 3 [pid 5816] ioctl(4, LOOP_CLR_FD [pid 5048] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5816] <... ioctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5816] close(4 [pid 5048] <... openat resumed>) = 4 [pid 5049] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(4, "", [pid 5816] <... close resumed>) = 0 [pid 5816] exit_group(0) = ? [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5818] set_robust_list(0x555556629660, 24 [pid 5816] +++ exited with 0 +++ [pid 5049] newfstatat(AT_FDCWD, "./126/file0", [pid 5048] getdents64(4, [pid 5047] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5816, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] getdents64(4, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5048] close(4 [pid 5047] newfstatat(AT_FDCWD, "./127/file0", [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... close resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] rmdir("./124/file0") = 0 [pid 5817] <... ioctl resumed>) = 0 [pid 5818] <... set_robust_list resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5048] getdents64(3, [pid 5047] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(4, "", [pid 5818] chdir("./123" [pid 5050] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] close(3 [pid 5047] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... close resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5049] getdents64(4, [pid 5818] <... chdir resumed>) = 0 [pid 5048] rmdir("./124" [pid 5047] <... openat resumed>) = 4 [pid 5818] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5817] close(3 [pid 5050] newfstatat(3, "", [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5818] <... prctl resumed>) = 0 [pid 5048] mkdir("./125", 0777 [pid 5047] getdents64(4, [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5818] setpgid(0, 0 [pid 5050] getdents64(3, [pid 5049] close(4 [pid 5818] <... setpgid resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... close resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [ 131.150428][ T5817] loop4: detected capacity change from 0 to 4096 [pid 5818] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5817] <... close resumed>) = 0 [pid 5050] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] rmdir("./126/file0" [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] getdents64(4, [pid 5818] <... openat resumed>) = 3 [pid 5817] mkdir("./file0", 0777 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5818] write(3, "1000", 4 [pid 5817] <... mkdir resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./124/binderfs", [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5818] <... write resumed>) = 4 [pid 5817] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] close(4 [pid 5818] close(3 [pid 5049] getdents64(3, [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5818] <... close resumed>) = 0 [pid 5050] unlink("./124/binderfs" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... close resumed>) = 0 [pid 5818] symlink("/dev/binderfs", "./binderfs" [pid 5049] close(3 [pid 5047] rmdir("./127/file0" [pid 5050] <... unlink resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5818] <... symlink resumed>) = 0 [pid 5047] getdents64(3, [pid 5049] <... close resumed>) = 0 [pid 5818] memfd_create("syzkaller", 0 [pid 5049] rmdir("./126" [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3 [pid 5049] <... rmdir resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5050] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] mkdir("./127", 0777 [pid 5047] rmdir("./127" [pid 5049] <... mkdir resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5047] mkdir("./128", 0777 [pid 5818] <... memfd_create resumed>) = 3 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5047] <... mkdir resumed>) = 0 [pid 5818] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5050] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] newfstatat(AT_FDCWD, "./124/file0", [pid 5049] close(3 [pid 5047] close(3) = 0 [pid 5049] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 131.207682][ T5817] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5050] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5819 attached [pid 5819] set_robust_list(0x555556629660, 24) = 0 [pid 5819] chdir("./128") = 0 [pid 5819] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5819] setpgid(0, 0) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5819 ./strace-static-x86_64: Process 5820 attached [pid 5819] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5820 [pid 5819] <... openat resumed>) = 3 [pid 5819] write(3, "1000", 4 [pid 5820] set_robust_list(0x555556629660, 24 [pid 5050] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5819] <... write resumed>) = 4 [pid 5819] close(3) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5819] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5820] <... set_robust_list resumed>) = 0 [pid 5050] newfstatat(4, "", [pid 5820] chdir("./127" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5819] memfd_create("syzkaller", 0 [pid 5820] <... chdir resumed>) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5819] <... memfd_create resumed>) = 3 [pid 5819] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5820] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] close(4 [pid 5820] <... prctl resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5820] setpgid(0, 0 [pid 5048] <... ioctl resumed>) = 0 [pid 5050] rmdir("./124/file0" [pid 5820] <... setpgid resumed>) = 0 [pid 5048] close(3 [pid 5820] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5818] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5820] <... openat resumed>) = 3 [pid 5820] write(3, "1000", 4./strace-static-x86_64: Process 5821 attached ) = 4 [pid 5817] <... mount resumed>) = 0 [pid 5050] getdents64(3, [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5821 [pid 5821] set_robust_list(0x555556629660, 24 [pid 5820] close(3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5820] <... close resumed>) = 0 [pid 5821] <... set_robust_list resumed>) = 0 [pid 5050] close(3 [pid 5820] symlink("/dev/binderfs", "./binderfs" [pid 5817] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5817] chdir("./file0" [pid 5820] <... symlink resumed>) = 0 [pid 5821] chdir("./125" [pid 5820] memfd_create("syzkaller", 0 [pid 5817] <... chdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5821] <... chdir resumed>) = 0 [pid 5820] <... memfd_create resumed>) = 3 [pid 5817] ioctl(4, LOOP_CLR_FD [pid 5050] rmdir("./124" [pid 5817] <... ioctl resumed>) = 0 [pid 5817] close(4 [pid 5821] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5817] <... close resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5817] exit_group(0) = ? [pid 5817] +++ exited with 0 +++ [pid 5821] <... prctl resumed>) = 0 [pid 5820] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5817, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5050] mkdir("./125", 0777 [pid 5051] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5821] setpgid(0, 0 [pid 5051] newfstatat(AT_FDCWD, "./123/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5821] <... setpgid resumed>) = 0 [pid 5051] unlink("./123/binderfs" [pid 5050] <... mkdir resumed>) = 0 [pid 5821] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5820] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... unlink resumed>) = 0 [pid 5051] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5821] <... openat resumed>) = 3 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5821] write(3, "1000", 4) = 4 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5821] close(3) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5821] symlink("/dev/binderfs", "./binderfs" [pid 5050] close(3 [pid 5821] <... symlink resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5821] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5822 attached [pid 5822] set_robust_list(0x555556629660, 24) = 0 [pid 5822] chdir("./125") = 0 [pid 5822] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5822] setpgid(0, 0) = 0 [pid 5822] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5818] <... write resumed>) = 2097152 [pid 5822] <... openat resumed>) = 3 [pid 5822] write(3, "1000", 4 [pid 5821] <... memfd_create resumed>) = 3 [pid 5819] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5818] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5822 [pid 5822] <... write resumed>) = 4 [pid 5821] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5818] <... munmap resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5821] <... mmap resumed>) = 0x7f3b887a1000 [pid 5822] close(3) = 0 [pid 5822] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5822] memfd_create("syzkaller", 0 [pid 5051] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5818] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./123/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5822] <... memfd_create resumed>) = 3 [pid 5818] <... openat resumed>) = 4 [pid 5051] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5822] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] newfstatat(4, "", [pid 5822] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5818] ioctl(4, LOOP_SET_FD, 3 [pid 5820] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./123/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./123") = 0 [pid 5051] mkdir("./124", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5818] <... ioctl resumed>) = 0 [pid 5818] close(3) = 0 [pid 5818] mkdir("./file0", 0777./strace-static-x86_64: Process 5823 attached [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5823 [pid 5823] set_robust_list(0x555556629660, 24) = 0 [pid 5823] chdir("./124") = 0 [pid 5818] <... mkdir resumed>) = 0 [pid 5823] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5823] setpgid(0, 0) = 0 [pid 5818] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5823] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5823] write(3, "1000", 4) = 4 [pid 5823] close(3) = 0 [pid 5823] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5823] memfd_create("syzkaller", 0 [pid 5819] <... write resumed>) = 2097152 [pid 5823] <... memfd_create resumed>) = 3 [pid 5823] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5821] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5819] munmap(0x7f3b887a1000, 138412032) = 0 [ 131.459114][ T5818] loop5: detected capacity change from 0 to 4096 [ 131.495739][ T5818] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5819] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5819] ioctl(4, LOOP_SET_FD, 3 [pid 5822] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5820] <... write resumed>) = 2097152 [pid 5819] <... ioctl resumed>) = 0 [pid 5821] <... write resumed>) = 2097152 [pid 5820] munmap(0x7f3b887a1000, 138412032 [pid 5819] close(3) = 0 [ 131.533869][ T5819] loop0: detected capacity change from 0 to 4096 [pid 5819] mkdir("./file0", 0777) = 0 [pid 5821] munmap(0x7f3b887a1000, 138412032 [pid 5819] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5823] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5821] <... munmap resumed>) = 0 [pid 5820] <... munmap resumed>) = 0 [pid 5820] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5820] ioctl(4, LOOP_SET_FD, 3 [pid 5821] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5821] ioctl(4, LOOP_SET_FD, 3 [pid 5819] <... mount resumed>) = 0 [pid 5819] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5819] chdir("./file0") = 0 [pid 5820] <... ioctl resumed>) = 0 [pid 5819] ioctl(4, LOOP_CLR_FD [pid 5820] close(3 [pid 5819] <... ioctl resumed>) = 0 [pid 5820] <... close resumed>) = 0 [pid 5819] close(4 [pid 5820] mkdir("./file0", 0777 [pid 5819] <... close resumed>) = 0 [pid 5819] exit_group(0 [pid 5822] <... write resumed>) = 2097152 [pid 5819] <... exit_group resumed>) = ? [pid 5820] <... mkdir resumed>) = 0 [pid 5821] <... ioctl resumed>) = 0 [ 131.575521][ T5819] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 131.588368][ T5820] loop2: detected capacity change from 0 to 4096 [ 131.602845][ T5821] loop1: detected capacity change from 0 to 4096 [pid 5820] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5821] close(3 [pid 5819] +++ exited with 0 +++ [pid 5821] <... close resumed>) = 0 [pid 5821] mkdir("./file0", 0777 [pid 5822] munmap(0x7f3b887a1000, 138412032 [pid 5821] <... mkdir resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5819, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5821] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5047] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5822] <... munmap resumed>) = 0 [pid 5047] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5818] <... mount resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5818] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5822] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5818] <... openat resumed>) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5818] chdir("./file0" [pid 5047] newfstatat(3, "", [pid 5822] <... openat resumed>) = 4 [pid 5818] <... chdir resumed>) = 0 [ 131.623857][ T5820] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 131.641623][ T5821] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5822] ioctl(4, LOOP_SET_FD, 3 [pid 5818] ioctl(4, LOOP_CLR_FD [pid 5047] getdents64(3, [pid 5818] <... ioctl resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5818] close(4 [pid 5047] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5818] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5818] exit_group(0 [pid 5823] <... write resumed>) = 2097152 [pid 5818] <... exit_group resumed>) = ? [pid 5047] newfstatat(AT_FDCWD, "./128/binderfs", [pid 5823] munmap(0x7f3b887a1000, 138412032 [pid 5822] <... ioctl resumed>) = 0 [pid 5821] <... mount resumed>) = 0 [pid 5818] +++ exited with 0 +++ [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5821] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] unlink("./128/binderfs" [pid 5821] <... openat resumed>) = 3 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5818, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5047] <... unlink resumed>) = 0 [pid 5821] chdir("./file0") = 0 [pid 5047] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5821] ioctl(4, LOOP_CLR_FD) = 0 [pid 5823] <... munmap resumed>) = 0 [pid 5821] close(4 [pid 5822] close(3 [pid 5821] <... close resumed>) = 0 [pid 5822] <... close resumed>) = 0 [pid 5821] exit_group(0 [pid 5822] mkdir("./file0", 0777 [pid 5821] <... exit_group resumed>) = ? [pid 5052] umount2("./123", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5822] <... mkdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./123", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5820] <... mount resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5821] +++ exited with 0 +++ [pid 5052] newfstatat(3, "", [pid 5820] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5823] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5820] chdir("./file0" [pid 5822] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5823] <... openat resumed>) = 4 [pid 5820] <... chdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5821, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5820] ioctl(4, LOOP_CLR_FD) = 0 [pid 5048] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5820] close(4 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [ 131.665968][ T5822] loop3: detected capacity change from 0 to 4096 [pid 5820] <... close resumed>) = 0 [pid 5052] umount2("./123/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5820] exit_group(0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5820] <... exit_group resumed>) = ? [pid 5052] newfstatat(AT_FDCWD, "./123/binderfs", [pid 5048] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5820] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5820, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5049] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5823] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5049] newfstatat(AT_FDCWD, "./127/binderfs", [pid 5052] unlink("./123/binderfs" [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(3, "", [pid 5052] <... unlink resumed>) = 0 [pid 5049] unlink("./127/binderfs" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5052] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... unlink resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5049] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(3, [pid 5052] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./128/file0", [pid 5052] newfstatat(AT_FDCWD, "./123/file0", [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(AT_FDCWD, "./125/binderfs", [pid 5047] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] umount2("./123/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] unlink("./125/binderfs" [pid 5047] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5823] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5823] close(3 [ 131.706958][ T5822] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 131.713813][ T5823] loop4: detected capacity change from 0 to 4096 [pid 5047] newfstatat(4, "", [pid 5052] openat(AT_FDCWD, "./123/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5047] getdents64(4, [pid 5823] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5823] mkdir("./file0", 0777 [pid 5047] getdents64(4, [pid 5823] <... mkdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./128/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./128") = 0 [pid 5047] mkdir("./129", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5824 ./strace-static-x86_64: Process 5824 attached [pid 5824] set_robust_list(0x555556629660, 24) = 0 [pid 5823] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5824] chdir("./129" [pid 5052] newfstatat(4, "", [pid 5824] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, [pid 5824] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./127/file0", [pid 5824] <... prctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] setpgid(0, 0 [pid 5049] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5824] <... setpgid resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] <... openat resumed>) = 3 [pid 5822] <... mount resumed>) = 0 [pid 5052] close(4 [pid 5049] getdents64(4, [pid 5052] <... close resumed>) = 0 [pid 5822] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] rmdir("./123/file0" [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5824] write(3, "1000", 4 [pid 5049] <... close resumed>) = 0 [pid 5824] <... write resumed>) = 4 [pid 5049] rmdir("./127/file0" [pid 5052] <... rmdir resumed>) = 0 [pid 5824] close(3 [pid 5822] <... openat resumed>) = 3 [pid 5052] getdents64(3, [pid 5049] <... rmdir resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5049] getdents64(3, [pid 5824] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5824] <... symlink resumed>) = 0 [pid 5822] chdir("./file0" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3 [pid 5822] <... chdir resumed>) = 0 [pid 5052] close(3 [pid 5049] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] rmdir("./127" [pid 5822] ioctl(4, LOOP_CLR_FD [pid 5824] memfd_create("syzkaller", 0 [pid 5052] rmdir("./123" [pid 5049] <... rmdir resumed>) = 0 [pid 5822] <... ioctl resumed>) = 0 [pid 5049] mkdir("./128", 0777 [pid 5822] close(4 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5822] <... close resumed>) = 0 [pid 5824] <... memfd_create resumed>) = 3 [pid 5822] exit_group(0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5824] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... openat resumed>) = 3 [pid 5824] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... umount2 resumed>) = 0 [pid 5822] <... exit_group resumed>) = ? [pid 5052] mkdir("./124", 0777 [pid 5048] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5822] +++ exited with 0 +++ [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5822, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5049] close(3 [pid 5048] newfstatat(AT_FDCWD, "./125/file0", [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5825 attached [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] set_robust_list(0x555556629660, 24 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5825 [pid 5048] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 131.774652][ T5823] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5825] <... set_robust_list resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 4 [pid 5052] close(3 [pid 5050] <... openat resumed>) = 3 [pid 5048] newfstatat(4, "", [pid 5050] newfstatat(3, "", [pid 5825] chdir("./128" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... chdir resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] getdents64(3, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] getdents64(4, [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./125/binderfs", [pid 5825] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... prctl resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5825] setpgid(0, 0 [pid 5050] unlink("./125/binderfs" [pid 5825] <... setpgid resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(4, ./strace-static-x86_64: Process 5826 attached [pid 5825] <... openat resumed>) = 3 [pid 5826] set_robust_list(0x555556629660, 24 [pid 5825] write(3, "1000", 4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5826] <... set_robust_list resumed>) = 0 [pid 5048] close(4 [pid 5825] <... write resumed>) = 4 [pid 5825] close(3 [pid 5826] chdir("./124" [pid 5048] <... close resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5048] rmdir("./125/file0" [pid 5826] <... chdir resumed>) = 0 [pid 5825] symlink("/dev/binderfs", "./binderfs" [pid 5826] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] <... symlink resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5826] <... prctl resumed>) = 0 [pid 5826] setpgid(0, 0 [pid 5048] getdents64(3, [pid 5826] <... setpgid resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5826] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] memfd_create("syzkaller", 0 [pid 5823] <... mount resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5826 [pid 5048] close(3) = 0 [pid 5048] rmdir("./125" [pid 5826] <... openat resumed>) = 3 [pid 5825] <... memfd_create resumed>) = 3 [pid 5048] <... rmdir resumed>) = 0 [pid 5826] write(3, "1000", 4 [pid 5825] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] mkdir("./126", 0777 [pid 5826] <... write resumed>) = 4 [pid 5825] <... mmap resumed>) = 0x7f3b887a1000 [pid 5826] close(3 [pid 5048] <... mkdir resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5826] symlink("/dev/binderfs", "./binderfs" [pid 5823] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5826] <... symlink resumed>) = 0 [pid 5823] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5826] memfd_create("syzkaller", 0 [pid 5823] chdir("./file0" [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5823] <... chdir resumed>) = 0 [pid 5823] ioctl(4, LOOP_CLR_FD [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5823] <... ioctl resumed>) = 0 [pid 5823] close(4 [pid 5048] <... close resumed>) = 0 [pid 5823] <... close resumed>) = 0 [pid 5823] exit_group(0 [pid 5050] <... umount2 resumed>) = 0 [pid 5823] <... exit_group resumed>) = ? [pid 5823] +++ exited with 0 +++ [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5823, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5827 ./strace-static-x86_64: Process 5827 attached [pid 5827] set_robust_list(0x555556629660, 24) = 0 [pid 5827] chdir("./126") = 0 [pid 5827] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5827] setpgid(0, 0 [pid 5826] <... memfd_create resumed>) = 3 [pid 5827] <... setpgid resumed>) = 0 [pid 5826] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5827] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] <... mmap resumed>) = 0x7f3b887a1000 [pid 5824] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./125/file0", [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5051] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] getdents64(4, [pid 5051] <... openat resumed>) = 3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] newfstatat(3, "", [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... close resumed>) = 0 [pid 5051] getdents64(3, [pid 5050] rmdir("./125/file0") = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] getdents64(3, [pid 5827] write(3, "1000", 4 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5827] <... write resumed>) = 4 [pid 5051] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] close(3) = 0 [pid 5050] rmdir("./125" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./124/binderfs", [pid 5827] close(3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5051] unlink("./124/binderfs" [pid 5827] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... unlink resumed>) = 0 [pid 5050] mkdir("./126", 0777 [pid 5051] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... mkdir resumed>) = 0 [pid 5827] <... symlink resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] memfd_create("syzkaller", 0 [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5828 attached [pid 5828] set_robust_list(0x555556629660, 24) = 0 [pid 5828] chdir("./126") = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5828 [pid 5828] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5828] setpgid(0, 0) = 0 [pid 5827] <... memfd_create resumed>) = 3 [pid 5828] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] <... openat resumed>) = 3 [pid 5827] <... mmap resumed>) = 0x7f3b887a1000 [pid 5828] write(3, "1000", 4 [pid 5824] <... write resumed>) = 2097152 [pid 5828] <... write resumed>) = 4 [pid 5828] close(3) = 0 [pid 5828] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5828] memfd_create("syzkaller", 0 [pid 5825] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5824] munmap(0x7f3b887a1000, 138412032 [pid 5828] <... memfd_create resumed>) = 3 [pid 5828] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5824] <... munmap resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5826] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... openat resumed>) = 4 [pid 5051] newfstatat(AT_FDCWD, "./124/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] ioctl(4, LOOP_SET_FD, 3 [pid 5051] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5826] <... write resumed>) = 2097152 [pid 5824] <... ioctl resumed>) = 0 [pid 5051] getdents64(4, [pid 5824] close(3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5826] munmap(0x7f3b887a1000, 138412032 [pid 5824] <... close resumed>) = 0 [pid 5051] close(4 [pid 5824] mkdir("./file0", 0777 [pid 5051] <... close resumed>) = 0 [pid 5824] <... mkdir resumed>) = 0 [pid 5051] rmdir("./124/file0" [pid 5826] <... munmap resumed>) = 0 [pid 5825] <... write resumed>) = 2097152 [pid 5824] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5051] <... rmdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [ 132.050181][ T5824] loop0: detected capacity change from 0 to 4096 [pid 5827] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] <... openat resumed>) = 4 [pid 5051] close(3) = 0 [pid 5826] ioctl(4, LOOP_SET_FD, 3 [pid 5825] munmap(0x7f3b887a1000, 138412032 [pid 5051] rmdir("./124" [pid 5828] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] <... munmap resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] mkdir("./125", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] <... openat resumed>) = 4 [pid 5051] <... openat resumed>) = 3 [pid 5825] ioctl(4, LOOP_SET_FD, 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5826] <... ioctl resumed>) = 0 [pid 5825] <... ioctl resumed>) = 0 [pid 5824] <... mount resumed>) = 0 [pid 5051] close(3 [pid 5827] <... write resumed>) = 2097152 [pid 5826] close(3 [pid 5825] close(3 [pid 5824] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... close resumed>) = 0 [pid 5827] munmap(0x7f3b887a1000, 138412032 [pid 5826] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] <... openat resumed>) = 3 [pid 5827] <... munmap resumed>) = 0 [pid 5826] mkdir("./file0", 0777 [pid 5825] <... close resumed>) = 0 [ 132.094675][ T5824] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 132.110008][ T5826] loop5: detected capacity change from 0 to 4096 [ 132.131640][ T5825] loop2: detected capacity change from 0 to 4096 [pid 5827] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5829 attached [pid 5828] <... write resumed>) = 2097152 [pid 5827] <... openat resumed>) = 4 [pid 5826] <... mkdir resumed>) = 0 [pid 5825] mkdir("./file0", 0777 [pid 5824] chdir("./file0" [pid 5826] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5824] <... chdir resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5829 [pid 5829] set_robust_list(0x555556629660, 24 [pid 5827] ioctl(4, LOOP_SET_FD, 3 [pid 5829] <... set_robust_list resumed>) = 0 [pid 5825] <... mkdir resumed>) = 0 [pid 5824] ioctl(4, LOOP_CLR_FD [pid 5828] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5829] chdir("./125" [pid 5828] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5827] <... ioctl resumed>) = 0 [pid 5825] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5824] <... ioctl resumed>) = 0 [pid 5829] <... chdir resumed>) = 0 [pid 5828] <... openat resumed>) = 4 [pid 5827] close(3 [pid 5824] close(4 [pid 5828] ioctl(4, LOOP_SET_FD, 3 [pid 5827] <... close resumed>) = 0 [pid 5829] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... ioctl resumed>) = 0 [pid 5827] mkdir("./file0", 0777 [pid 5824] <... close resumed>) = 0 [pid 5829] <... prctl resumed>) = 0 [pid 5829] setpgid(0, 0 [pid 5824] exit_group(0) = ? [pid 5829] <... setpgid resumed>) = 0 [pid 5828] close(3 [pid 5827] <... mkdir resumed>) = 0 [pid 5826] <... mount resumed>) = 0 [pid 5824] +++ exited with 0 +++ [pid 5826] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5824, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5829] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] <... openat resumed>) = 3 [pid 5827] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5828] <... close resumed>) = 0 [pid 5826] chdir("./file0") = 0 [pid 5826] ioctl(4, LOOP_CLR_FD) = 0 [pid 5826] close(4) = 0 [pid 5826] exit_group(0) = ? [ 132.170196][ T5827] loop1: detected capacity change from 0 to 4096 [ 132.171214][ T5826] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 132.193478][ T5828] loop3: detected capacity change from 0 to 4096 [ 132.209393][ T5825] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5828] mkdir("./file0", 0777 [pid 5826] +++ exited with 0 +++ [pid 5828] <... mkdir resumed>) = 0 [pid 5047] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5826, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5829] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", [pid 5829] write(3, "1000", 4 [pid 5828] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] umount2("./124", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5829] <... write resumed>) = 4 [pid 5829] close(3) = 0 [pid 5829] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(3, [pid 5829] memfd_create("syzkaller", 0 [pid 5052] openat(AT_FDCWD, "./124", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5829] <... memfd_create resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 3 [pid 5829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5825] <... mount resumed>) = 0 [pid 5825] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", [pid 5047] newfstatat(AT_FDCWD, "./129/binderfs", [pid 5825] chdir("./file0") = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] unlink("./129/binderfs" [pid 5825] ioctl(4, LOOP_CLR_FD) = 0 [pid 5825] close(4) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5052] getdents64(3, [pid 5825] exit_group(0 [pid 5047] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5825] <... exit_group resumed>) = ? [pid 5825] +++ exited with 0 +++ [pid 5052] umount2("./124/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5825, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5052] newfstatat(AT_FDCWD, "./124/binderfs", [pid 5049] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] unlink("./124/binderfs" [pid 5049] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... unlink resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5047] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5047] newfstatat(AT_FDCWD, "./129/file0", [pid 5052] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./128/binderfs", [pid 5047] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5049] unlink("./128/binderfs" [pid 5047] newfstatat(4, "", [pid 5052] <... umount2 resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(4, [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [ 132.228535][ T5827] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 132.254327][ T5828] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5047] close(4 [pid 5052] newfstatat(AT_FDCWD, "./124/file0", [pid 5047] <... close resumed>) = 0 [pid 5829] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] rmdir("./129/file0") = 0 [pid 5827] <... mount resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] umount2("./124/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... close resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./124/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] rmdir("./129" [pid 5052] <... openat resumed>) = 4 [pid 5827] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5828] <... mount resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5828] chdir("./file0") = 0 [pid 5828] ioctl(4, LOOP_CLR_FD) = 0 [pid 5828] close(4 [pid 5827] chdir("./file0" [pid 5052] getdents64(4, [pid 5047] mkdir("./130", 0777 [pid 5828] <... close resumed>) = 0 [pid 5828] exit_group(0) = ? [pid 5828] +++ exited with 0 +++ [pid 5827] <... chdir resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... mkdir resumed>) = 0 [pid 5827] ioctl(4, LOOP_CLR_FD) = 0 [pid 5052] getdents64(4, [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5828, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] close(4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5827] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5827] exit_group(0) = ? [pid 5052] close(4 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5052] <... close resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] rmdir("./124/file0" [pid 5050] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] <... rmdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", [pid 5047] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... close resumed>) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(3, [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5830 attached [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5830] set_robust_list(0x555556629660, 24 [pid 5829] <... write resumed>) = 2097152 [pid 5827] +++ exited with 0 +++ [pid 5052] close(3 [pid 5050] newfstatat(AT_FDCWD, "./126/binderfs", [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5830 [pid 5830] <... set_robust_list resumed>) = 0 [pid 5829] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5827, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5050] unlink("./126/binderfs" [pid 5052] rmdir("./124" [pid 5048] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... rmdir resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] mkdir("./125", 0777 [pid 5050] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5830] chdir("./130") = 0 [pid 5048] <... openat resumed>) = 3 [pid 5049] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... mkdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(3, "", [pid 5830] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5830] setpgid(0, 0 [pid 5048] getdents64(3, [pid 5830] <... setpgid resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./128/file0", [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5830] <... openat resumed>) = 3 [pid 5829] <... munmap resumed>) = 0 [pid 5049] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./126/binderfs", [pid 5830] write(3, "1000", 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5830] <... write resumed>) = 4 [pid 5830] close(3) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] unlink("./126/binderfs" [pid 5830] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... openat resumed>) = 3 [pid 5830] <... symlink resumed>) = 0 [pid 5829] <... openat resumed>) = 4 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... unlink resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... openat resumed>) = 4 [pid 5048] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] newfstatat(4, "", [pid 5052] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./128/file0" [pid 5052] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./126/file0", [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5830] memfd_create("syzkaller", 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] ioctl(4, LOOP_SET_FD, 3 [pid 5050] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./128") = 0 [pid 5049] mkdir("./129", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 ./strace-static-x86_64: Process 5831 attached [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5831] set_robust_list(0x555556629660, 24) = 0 [pid 5831] chdir("./125") = 0 [pid 5050] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5831] setpgid(0, 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5831] <... setpgid resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] close(3 [pid 5831] <... openat resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 5831] write(3, "1000", 4 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5831] <... write resumed>) = 4 [pid 5831] close(3) = 0 [pid 5831] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5832 attached ) = 0 [pid 5832] set_robust_list(0x555556629660, 24 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5832 [pid 5832] <... set_robust_list resumed>) = 0 [pid 5831] memfd_create("syzkaller", 0 [pid 5832] chdir("./129" [pid 5830] <... memfd_create resumed>) = 3 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5831 [pid 5050] <... openat resumed>) = 4 [pid 5830] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5832] <... chdir resumed>) = 0 [pid 5832] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5832] setpgid(0, 0 [pid 5831] <... memfd_create resumed>) = 3 [pid 5830] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5832] <... setpgid resumed>) = 0 [pid 5831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5831] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5832] <... openat resumed>) = 3 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5832] write(3, "1000", 4 [pid 5829] <... ioctl resumed>) = 0 [pid 5050] close(4 [pid 5829] close(3 [pid 5050] <... close resumed>) = 0 [pid 5832] <... write resumed>) = 4 [pid 5050] rmdir("./126/file0" [pid 5832] close(3 [pid 5829] <... close resumed>) = 0 [pid 5832] <... close resumed>) = 0 [pid 5829] mkdir("./file0", 0777 [pid 5832] symlink("/dev/binderfs", "./binderfs" [pid 5829] <... mkdir resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5832] <... symlink resumed>) = 0 [pid 5829] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5050] getdents64(3, [pid 5048] <... umount2 resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./126" [pid 5832] memfd_create("syzkaller", 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5050] mkdir("./127", 0777 [ 132.417067][ T5829] loop4: detected capacity change from 0 to 4096 [pid 5048] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... mkdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5832] <... memfd_create resumed>) = 3 [pid 5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] newfstatat(AT_FDCWD, "./126/file0", [pid 5050] <... openat resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] close(3) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5833 [pid 5048] newfstatat(4, "", ./strace-static-x86_64: Process 5833 attached [pid 5833] set_robust_list(0x555556629660, 24 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5833] <... set_robust_list resumed>) = 0 [pid 5833] chdir("./127" [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5833] <... chdir resumed>) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [ 132.477634][ T5829] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5830] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] rmdir("./126/file0" [pid 5833] <... prctl resumed>) = 0 [pid 5833] setpgid(0, 0) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5833] write(3, "1000", 4 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5833] <... write resumed>) = 4 [pid 5833] close(3 [pid 5048] close(3 [pid 5833] <... close resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5833] symlink("/dev/binderfs", "./binderfs" [pid 5048] rmdir("./126" [pid 5833] <... symlink resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] mkdir("./127", 0777 [pid 5829] <... mount resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5829] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5829] chdir("./file0") = 0 [pid 5829] ioctl(4, LOOP_CLR_FD [pid 5833] memfd_create("syzkaller", 0 [pid 5831] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5833] <... memfd_create resumed>) = 3 [pid 5833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... openat resumed>) = 3 [pid 5833] <... mmap resumed>) = 0x7f3b887a1000 [pid 5829] <... ioctl resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5829] close(4 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5829] <... close resumed>) = 0 [pid 5829] exit_group(0) = ? [pid 5829] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5829, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5048] close(3) = 0 [pid 5051] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5834 [pid 5051] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 5834 attached [pid 5832] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5834] set_robust_list(0x555556629660, 24) = 0 [pid 5051] getdents64(3, [pid 5834] chdir("./127" [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./125/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./125/binderfs") = 0 [pid 5834] <... chdir resumed>) = 0 [pid 5051] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5834] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5830] <... write resumed>) = 2097152 [pid 5834] setpgid(0, 0) = 0 [pid 5830] munmap(0x7f3b887a1000, 138412032 [pid 5834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5830] <... munmap resumed>) = 0 [pid 5834] write(3, "1000", 4) = 4 [pid 5831] <... write resumed>) = 2097152 [pid 5834] close(3 [pid 5830] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5834] <... close resumed>) = 0 [pid 5830] <... openat resumed>) = 4 [pid 5834] symlink("/dev/binderfs", "./binderfs" [pid 5830] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5831] munmap(0x7f3b887a1000, 138412032 [pid 5834] <... symlink resumed>) = 0 [pid 5831] <... munmap resumed>) = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5831] ioctl(4, LOOP_SET_FD, 3 [pid 5834] memfd_create("syzkaller", 0 [pid 5051] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5834] <... memfd_create resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5834] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5832] <... write resumed>) = 2097152 [pid 5051] newfstatat(AT_FDCWD, "./125/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5830] <... ioctl resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5830] close(3 [pid 5051] newfstatat(4, "", [pid 5830] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5832] munmap(0x7f3b887a1000, 138412032 [pid 5051] getdents64(4, [pid 5832] <... munmap resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5830] mkdir("./file0", 0777 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./125/file0" [pid 5830] <... mkdir resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3 [pid 5831] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5831] close(3 [pid 5051] rmdir("./125" [pid 5831] <... close resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5831] mkdir("./file0", 0777) = 0 [pid 5051] mkdir("./126", 0777 [ 132.641413][ T5830] loop0: detected capacity change from 0 to 4096 [ 132.650235][ T5831] loop5: detected capacity change from 0 to 4096 [pid 5832] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5051] <... mkdir resumed>) = 0 [pid 5831] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5830] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5832] ioctl(4, LOOP_SET_FD, 3 [pid 5833] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5835 ./strace-static-x86_64: Process 5835 attached [pid 5835] set_robust_list(0x555556629660, 24) = 0 [pid 5835] chdir("./126") = 0 [pid 5832] <... ioctl resumed>) = 0 [pid 5832] close(3) = 0 [pid 5832] mkdir("./file0", 0777) = 0 [pid 5832] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5835] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5835] setpgid(0, 0) = 0 [pid 5835] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5835] write(3, "1000", 4) = 4 [pid 5835] close(3) = 0 [pid 5835] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5835] memfd_create("syzkaller", 0 [pid 5834] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5833] <... write resumed>) = 2097152 [pid 5835] <... memfd_create resumed>) = 3 [pid 5835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5832] <... mount resumed>) = 0 [ 132.686376][ T5832] loop2: detected capacity change from 0 to 4096 [ 132.693162][ T5830] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 132.693189][ T5831] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 132.722045][ T5832] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5833] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5833] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5832] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5832] chdir("./file0") = 0 [pid 5832] ioctl(4, LOOP_CLR_FD) = 0 [pid 5832] close(4) = 0 [pid 5832] exit_group(0) = ? [pid 5831] <... mount resumed>) = 0 [pid 5832] +++ exited with 0 +++ [pid 5833] <... openat resumed>) = 4 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5832, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5833] ioctl(4, LOOP_SET_FD, 3 [pid 5831] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5830] <... mount resumed>) = 0 [pid 5831] <... openat resumed>) = 3 [pid 5831] chdir("./file0" [pid 5049] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5831] <... chdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./129/binderfs", [pid 5831] ioctl(4, LOOP_CLR_FD [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5831] <... ioctl resumed>) = 0 [pid 5049] unlink("./129/binderfs" [pid 5831] close(4 [pid 5049] <... unlink resumed>) = 0 [pid 5831] <... close resumed>) = 0 [pid 5049] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5831] exit_group(0) = ? [pid 5831] +++ exited with 0 +++ [pid 5830] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5831, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5052] umount2("./125", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5830] <... openat resumed>) = 3 [pid 5052] openat(AT_FDCWD, "./125", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5830] chdir("./file0" [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5830] <... chdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5830] ioctl(4, LOOP_CLR_FD [pid 5835] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5834] <... write resumed>) = 2097152 [pid 5833] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... umount2 resumed>) = 0 [pid 5830] <... ioctl resumed>) = 0 [pid 5833] close(3 [pid 5052] umount2("./125/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5833] <... close resumed>) = 0 [pid 5830] close(4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5833] mkdir("./file0", 0777 [pid 5049] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5833] <... mkdir resumed>) = 0 [pid 5830] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5830] exit_group(0 [pid 5833] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5830] <... exit_group resumed>) = ? [pid 5049] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5834] munmap(0x7f3b887a1000, 138412032 [pid 5830] +++ exited with 0 +++ [pid 5052] newfstatat(AT_FDCWD, "./125/binderfs", [pid 5049] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5830, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=2 /* 0.02 s */} --- [pid 5052] unlink("./125/binderfs" [pid 5047] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... unlink resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] getdents64(4, [pid 5047] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5047] getdents64(3, [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] close(4 [pid 5047] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./130/binderfs", [pid 5049] rmdir("./129/file0" [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./130/binderfs" [pid 5049] <... rmdir resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5049] getdents64(3, [pid 5047] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./129" [pid 5052] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5834] <... munmap resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5049] mkdir("./130", 0777 [pid 5047] <... umount2 resumed>) = 0 [pid 5052] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5834] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... mkdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./125/file0", [ 132.803189][ T5833] loop3: detected capacity change from 0 to 4096 [ 132.842764][ T5833] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5047] newfstatat(AT_FDCWD, "./130/file0", [pid 5835] <... write resumed>) = 2097152 [pid 5834] <... openat resumed>) = 4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5835] munmap(0x7f3b887a1000, 138412032 [pid 5834] ioctl(4, LOOP_SET_FD, 3 [pid 5052] umount2("./125/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5047] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5835] <... munmap resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./125/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 4 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] newfstatat(4, "", [pid 5047] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] close(3 [pid 5833] <... mount resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... close resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5052] getdents64(4, [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] newfstatat(4, "", [pid 5052] getdents64(4, [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] getdents64(4, [pid 5052] close(4 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5836 attached [pid 5835] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5833] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... close resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5836 [pid 5047] getdents64(4, [pid 5836] set_robust_list(0x555556629660, 24 [pid 5835] <... openat resumed>) = 4 [pid 5833] <... openat resumed>) = 3 [pid 5052] rmdir("./125/file0" [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5836] <... set_robust_list resumed>) = 0 [pid 5835] ioctl(4, LOOP_SET_FD, 3 [pid 5833] chdir("./file0" [pid 5052] <... rmdir resumed>) = 0 [pid 5047] close(4 [pid 5836] chdir("./130" [pid 5835] <... ioctl resumed>) = 0 [pid 5833] <... chdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5047] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] rmdir("./130/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5833] ioctl(4, LOOP_CLR_FD [pid 5047] close(3) = 0 [pid 5052] close(3 [pid 5047] rmdir("./130" [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./125" [pid 5047] <... rmdir resumed>) = 0 [pid 5836] <... chdir resumed>) = 0 [pid 5833] <... ioctl resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5833] close(4 [pid 5836] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5834] <... ioctl resumed>) = 0 [pid 5833] <... close resumed>) = 0 [pid 5052] mkdir("./126", 0777 [pid 5047] mkdir("./131", 0777 [pid 5836] <... prctl resumed>) = 0 [pid 5834] close(3 [pid 5833] exit_group(0 [pid 5052] <... mkdir resumed>) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5836] setpgid(0, 0 [pid 5833] <... exit_group resumed>) = ? [pid 5836] <... setpgid resumed>) = 0 [pid 5834] <... close resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5834] mkdir("./file0", 0777 [pid 5052] <... openat resumed>) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5836] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5834] <... mkdir resumed>) = 0 [pid 5833] +++ exited with 0 +++ [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5836] <... openat resumed>) = 3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5833, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5836] write(3, "1000", 4 [pid 5052] close(3 [pid 5836] <... write resumed>) = 4 [pid 5052] <... close resumed>) = 0 [pid 5047] <... ioctl resumed>) = 0 [pid 5836] close(3 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] close(3 [pid 5836] <... close resumed>) = 0 [ 132.890140][ T5834] loop1: detected capacity change from 0 to 4096 [ 132.914367][ T5835] loop4: detected capacity change from 0 to 4096 [pid 5834] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5047] <... close resumed>) = 0 ./strace-static-x86_64: Process 5837 attached [pid 5836] symlink("/dev/binderfs", "./binderfs" [pid 5835] close(3 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5837] set_robust_list(0x555556629660, 24 [pid 5836] <... symlink resumed>) = 0 [pid 5835] <... close resumed>) = 0 ./strace-static-x86_64: Process 5838 attached [pid 5837] <... set_robust_list resumed>) = 0 [pid 5838] set_robust_list(0x555556629660, 24 [pid 5837] chdir("./126" [pid 5836] memfd_create("syzkaller", 0 [pid 5835] mkdir("./file0", 0777 [pid 5050] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5838 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5835] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5837 [pid 5050] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5835] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./127/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./127/binderfs") = 0 [pid 5050] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5838] <... set_robust_list resumed>) = 0 [pid 5837] <... chdir resumed>) = 0 [pid 5838] chdir("./131" [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5836] <... memfd_create resumed>) = 3 [pid 5838] <... chdir resumed>) = 0 [pid 5837] <... prctl resumed>) = 0 [pid 5836] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5837] setpgid(0, 0 [pid 5836] <... mmap resumed>) = 0x7f3b887a1000 [pid 5838] setpgid(0, 0 [pid 5837] <... setpgid resumed>) = 0 [pid 5838] <... setpgid resumed>) = 0 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5837] write(3, "1000", 4 [pid 5838] <... openat resumed>) = 3 [pid 5837] <... write resumed>) = 4 [pid 5838] write(3, "1000", 4 [pid 5837] close(3 [pid 5838] <... write resumed>) = 4 [pid 5837] <... close resumed>) = 0 [pid 5838] close(3 [pid 5837] symlink("/dev/binderfs", "./binderfs" [pid 5838] <... close resumed>) = 0 [pid 5838] symlink("/dev/binderfs", "./binderfs" [pid 5837] <... symlink resumed>) = 0 [pid 5838] <... symlink resumed>) = 0 [pid 5838] memfd_create("syzkaller", 0 [pid 5837] memfd_create("syzkaller", 0 [pid 5838] <... memfd_create resumed>) = 3 [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5837] <... memfd_create resumed>) = 3 [pid 5837] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [ 132.948933][ T5834] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 132.984345][ T5835] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5838] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... umount2 resumed>) = 0 [pid 5050] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5834] <... mount resumed>) = 0 [pid 5050] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5834] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5050] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5834] chdir("./file0" [pid 5050] <... openat resumed>) = 4 [pid 5834] <... chdir resumed>) = 0 [pid 5050] newfstatat(4, "", [pid 5834] ioctl(4, LOOP_CLR_FD [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5834] <... ioctl resumed>) = 0 [pid 5050] getdents64(4, [pid 5834] close(4 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5834] <... close resumed>) = 0 [pid 5050] getdents64(4, [pid 5834] exit_group(0) = ? [pid 5834] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5834, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5048] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] close(4 [pid 5048] <... openat resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5050] rmdir("./127/file0" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5050] getdents64(3, [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5835] <... mount resumed>) = 0 [pid 5050] close(3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5835] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... close resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./127/binderfs", [pid 5835] <... openat resumed>) = 3 [pid 5050] rmdir("./127" [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5836] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5835] chdir("./file0" [pid 5050] <... rmdir resumed>) = 0 [pid 5048] unlink("./127/binderfs" [pid 5835] <... chdir resumed>) = 0 [pid 5835] ioctl(4, LOOP_CLR_FD [pid 5048] <... unlink resumed>) = 0 [pid 5835] <... ioctl resumed>) = 0 [pid 5050] mkdir("./128", 0777 [pid 5048] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5835] close(4 [pid 5050] <... mkdir resumed>) = 0 [pid 5835] <... close resumed>) = 0 [pid 5835] exit_group(0) = ? [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5835] +++ exited with 0 +++ [pid 5050] <... openat resumed>) = 3 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5835, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5839 attached ) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5839 [pid 5839] set_robust_list(0x555556629660, 24 [pid 5051] <... openat resumed>) = 3 [pid 5839] <... set_robust_list resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5839] chdir("./128" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5839] <... chdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5839] <... prctl resumed>) = 0 [pid 5051] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5839] setpgid(0, 0) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] newfstatat(AT_FDCWD, "./126/binderfs", [pid 5839] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5839] write(3, "1000", 4 [pid 5051] unlink("./126/binderfs" [pid 5839] <... write resumed>) = 4 [pid 5051] <... unlink resumed>) = 0 [pid 5839] close(3 [pid 5051] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = 0 [pid 5839] <... close resumed>) = 0 [pid 5839] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5839] memfd_create("syzkaller", 0 [pid 5837] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5838] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5839] <... memfd_create resumed>) = 3 [pid 5839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5048] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5836] <... write resumed>) = 2097152 [pid 5048] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./127/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./127") = 0 [pid 5048] mkdir("./128", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5836] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... umount2 resumed>) = 0 [pid 5051] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] newfstatat(AT_FDCWD, "./126/file0", [pid 5048] close(3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... close resumed>) = 0 [pid 5051] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", ./strace-static-x86_64: Process 5840 attached [pid 5836] <... munmap resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5840 [pid 5840] set_robust_list(0x555556629660, 24 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5840] <... set_robust_list resumed>) = 0 [pid 5051] rmdir("./126/file0" [pid 5840] chdir("./128" [pid 5051] <... rmdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5840] <... chdir resumed>) = 0 [pid 5837] <... write resumed>) = 2097152 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5837] munmap(0x7f3b887a1000, 138412032 [pid 5051] close(3 [pid 5840] <... prctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5840] setpgid(0, 0 [pid 5051] rmdir("./126" [pid 5836] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5840] <... setpgid resumed>) = 0 [pid 5838] <... write resumed>) = 2097152 [pid 5837] <... munmap resumed>) = 0 [pid 5836] <... openat resumed>) = 4 [pid 5051] <... rmdir resumed>) = 0 [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5838] munmap(0x7f3b887a1000, 138412032 [pid 5840] <... openat resumed>) = 3 [pid 5840] write(3, "1000", 4 [pid 5051] mkdir("./127", 0777 [pid 5840] <... write resumed>) = 4 [pid 5051] <... mkdir resumed>) = 0 [pid 5840] close(3 [pid 5836] ioctl(4, LOOP_SET_FD, 3 [pid 5840] <... close resumed>) = 0 [pid 5840] symlink("/dev/binderfs", "./binderfs" [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5840] <... symlink resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5840] memfd_create("syzkaller", 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5837] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5836] <... ioctl resumed>) = 0 [pid 5051] close(3 [pid 5840] <... memfd_create resumed>) = 3 [pid 5837] <... openat resumed>) = 4 [pid 5836] close(3 [pid 5051] <... close resumed>) = 0 [pid 5836] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5840] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5838] <... munmap resumed>) = 0 [pid 5837] ioctl(4, LOOP_SET_FD, 3 [pid 5836] mkdir("./file0", 0777 [pid 5840] <... mmap resumed>) = 0x7f3b887a1000 [pid 5838] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5836] <... mkdir resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5841 ./strace-static-x86_64: Process 5841 attached [pid 5841] set_robust_list(0x555556629660, 24 [pid 5839] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5838] ioctl(4, LOOP_SET_FD, 3 [pid 5837] <... ioctl resumed>) = 0 [pid 5836] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5841] <... set_robust_list resumed>) = 0 [pid 5841] chdir("./127") = 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5841] setpgid(0, 0) = 0 [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5838] <... ioctl resumed>) = 0 [pid 5841] <... openat resumed>) = 3 [pid 5837] close(3) = 0 [pid 5837] mkdir("./file0", 0777) = 0 [ 133.253048][ T5836] loop2: detected capacity change from 0 to 4096 [ 133.269381][ T5837] loop5: detected capacity change from 0 to 4096 [ 133.285184][ T5838] loop0: detected capacity change from 0 to 4096 [ 133.292596][ T5836] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5838] close(3 [pid 5837] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5838] <... close resumed>) = 0 [pid 5841] write(3, "1000", 4) = 4 [pid 5841] close(3) = 0 [pid 5841] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5838] mkdir("./file0", 0777 [pid 5841] memfd_create("syzkaller", 0 [pid 5838] <... mkdir resumed>) = 0 [pid 5841] <... memfd_create resumed>) = 3 [pid 5838] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5840] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5836] <... mount resumed>) = 0 [pid 5836] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5836] chdir("./file0") = 0 [pid 5836] ioctl(4, LOOP_CLR_FD) = 0 [pid 5836] close(4) = 0 [pid 5839] <... write resumed>) = 2097152 [pid 5837] <... mount resumed>) = 0 [pid 5836] exit_group(0) = ? [pid 5839] munmap(0x7f3b887a1000, 138412032 [pid 5837] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5836] +++ exited with 0 +++ [pid 5839] <... munmap resumed>) = 0 [pid 5837] <... openat resumed>) = 3 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5836, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5837] chdir("./file0") = 0 [pid 5839] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5837] ioctl(4, LOOP_CLR_FD) = 0 [ 133.305872][ T5837] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 133.322559][ T5838] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5049] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5839] ioctl(4, LOOP_SET_FD, 3 [pid 5838] <... mount resumed>) = 0 [pid 5837] close(4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5841] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5839] <... ioctl resumed>) = 0 [pid 5838] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5837] <... close resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5837] exit_group(0) = ? [pid 5049] <... openat resumed>) = 3 [pid 5839] close(3 [pid 5840] <... write resumed>) = 2097152 [pid 5838] <... openat resumed>) = 3 [pid 5837] +++ exited with 0 +++ [pid 5049] newfstatat(3, "", [pid 5840] munmap(0x7f3b887a1000, 138412032 [pid 5839] <... close resumed>) = 0 [pid 5838] chdir("./file0" [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5837, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5840] <... munmap resumed>) = 0 [pid 5839] mkdir("./file0", 0777 [pid 5838] <... chdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5838] ioctl(4, LOOP_CLR_FD [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5838] <... ioctl resumed>) = 0 [pid 5052] umount2("./126", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5838] close(4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5838] <... close resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./130/binderfs", [pid 5052] openat(AT_FDCWD, "./126", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5839] <... mkdir resumed>) = 0 [pid 5838] exit_group(0 [pid 5052] newfstatat(3, "", [pid 5049] unlink("./130/binderfs" [pid 5838] <... exit_group resumed>) = ? [pid 5049] <... unlink resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(3, [pid 5839] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5840] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 133.394360][ T5839] loop3: detected capacity change from 0 to 4096 [pid 5052] umount2("./126/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5840] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./126/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./126/binderfs" [pid 5838] +++ exited with 0 +++ [pid 5052] <... unlink resumed>) = 0 [pid 5052] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5838, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5047] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5841] <... write resumed>) = 2097152 [pid 5047] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./131/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./131/binderfs") = 0 [pid 5840] <... ioctl resumed>) = 0 [pid 5047] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = 0 [pid 5840] close(3) = 0 [pid 5840] mkdir("./file0", 0777) = 0 [ 133.444545][ T5840] loop1: detected capacity change from 0 to 4096 [ 133.473120][ T5839] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5840] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5841] munmap(0x7f3b887a1000, 138412032 [pid 5049] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5841] <... munmap resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./130/file0", [pid 5047] <... umount2 resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5047] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5841] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] newfstatat(AT_FDCWD, "./131/file0", [pid 5841] <... openat resumed>) = 4 [pid 5049] close(4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./130/file0" [pid 5047] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5841] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... rmdir resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5049] getdents64(3, [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./131/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] rmdir("./131" [pid 5049] close(3 [pid 5047] <... rmdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5047] mkdir("./132", 0777 [pid 5049] rmdir("./130" [pid 5047] <... mkdir resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5049] mkdir("./131", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5047] <... openat resumed>) = 3 [pid 5052] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] newfstatat(AT_FDCWD, "./126/file0", [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5841] <... ioctl resumed>) = 0 [pid 5047] close(3 [pid 5049] close(3 [pid 5841] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... close resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5841] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] mkdir("./file0", 0777 [pid 5052] umount2("./126/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5841] <... mkdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./126/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5842 attached [pid 5841] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5052] <... openat resumed>) = 4 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5842 [ 133.492241][ T5840] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 133.530571][ T5841] loop4: detected capacity change from 0 to 4096 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5843 attached [pid 5052] getdents64(4, [pid 5843] set_robust_list(0x555556629660, 24 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5843 [pid 5843] <... set_robust_list resumed>) = 0 [pid 5842] set_robust_list(0x555556629660, 24 [pid 5052] getdents64(4, [pid 5843] chdir("./132") = 0 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5842] chdir("./131" [pid 5052] close(4 [pid 5843] <... prctl resumed>) = 0 [pid 5842] <... chdir resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5843] setpgid(0, 0 [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5839] <... mount resumed>) = 0 [pid 5052] rmdir("./126/file0" [pid 5843] <... setpgid resumed>) = 0 [pid 5842] <... prctl resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5842] setpgid(0, 0 [pid 5839] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5843] <... openat resumed>) = 3 [pid 5842] <... setpgid resumed>) = 0 [pid 5841] <... mount resumed>) = 0 [pid 5840] <... mount resumed>) = 0 [pid 5839] <... openat resumed>) = 3 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5843] write(3, "1000", 4 [pid 5839] chdir("./file0" [pid 5052] close(3 [pid 5843] <... write resumed>) = 4 [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5840] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5839] <... chdir resumed>) = 0 [pid 5843] close(3 [pid 5840] <... openat resumed>) = 3 [pid 5839] ioctl(4, LOOP_CLR_FD [pid 5052] <... close resumed>) = 0 [pid 5843] <... close resumed>) = 0 [pid 5840] chdir("./file0" [pid 5839] <... ioctl resumed>) = 0 [pid 5052] rmdir("./126" [pid 5843] symlink("/dev/binderfs", "./binderfs" [pid 5840] <... chdir resumed>) = 0 [pid 5839] close(4 [pid 5052] <... rmdir resumed>) = 0 [pid 5843] <... symlink resumed>) = 0 [pid 5840] ioctl(4, LOOP_CLR_FD [pid 5839] <... close resumed>) = 0 [pid 5840] <... ioctl resumed>) = 0 [pid 5840] close(4 [pid 5839] exit_group(0 [pid 5842] <... openat resumed>) = 3 [pid 5840] <... close resumed>) = 0 [pid 5052] mkdir("./127", 0777 [pid 5842] write(3, "1000", 4 [pid 5841] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5842] <... write resumed>) = 4 [pid 5841] <... openat resumed>) = 3 [pid 5052] <... mkdir resumed>) = 0 [ 133.565193][ T5841] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5840] exit_group(0 [pid 5843] memfd_create("syzkaller", 0 [pid 5842] close(3 [pid 5840] <... exit_group resumed>) = ? [pid 5839] <... exit_group resumed>) = ? [pid 5842] <... close resumed>) = 0 [pid 5841] chdir("./file0" [pid 5840] +++ exited with 0 +++ [pid 5839] +++ exited with 0 +++ [pid 5842] symlink("/dev/binderfs", "./binderfs" [pid 5841] <... chdir resumed>) = 0 [pid 5843] <... memfd_create resumed>) = 3 [pid 5842] <... symlink resumed>) = 0 [pid 5841] ioctl(4, LOOP_CLR_FD [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5839, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5841] <... ioctl resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5840, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5843] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5048] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5842] memfd_create("syzkaller", 0 [pid 5841] close(4 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5841] <... close resumed>) = 0 [pid 5052] close(3 [pid 5048] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5841] exit_group(0 [pid 5052] <... close resumed>) = 0 [pid 5841] <... exit_group resumed>) = ? [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... openat resumed>) = 3 [pid 5842] <... memfd_create resumed>) = 3 [pid 5841] +++ exited with 0 +++ [pid 5048] newfstatat(3, "", [pid 5842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5841, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5842] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(3, [pid 5050] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 3 [pid 5048] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(3, "", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] newfstatat(AT_FDCWD, "./128/binderfs", ./strace-static-x86_64: Process 5844 attached [pid 5051] <... openat resumed>) = 3 [pid 5050] getdents64(3, [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5844] set_robust_list(0x555556629660, 24 [pid 5051] newfstatat(3, "", [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] unlink("./128/binderfs" [pid 5844] <... set_robust_list resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5844 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... unlink resumed>) = 0 [pid 5051] getdents64(3, [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5844] chdir("./127" [pid 5048] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5844] <... chdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] newfstatat(AT_FDCWD, "./128/binderfs", [pid 5051] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./127/binderfs", [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] unlink("./128/binderfs" [pid 5844] <... prctl resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5844] setpgid(0, 0 [pid 5051] unlink("./127/binderfs") = 0 [pid 5051] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5844] <... setpgid resumed>) = 0 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5844] write(3, "1000", 4) = 4 [pid 5844] close(3) = 0 [pid 5844] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... umount2 resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5050] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./128/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./128/file0", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5844] <... symlink resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(4, "", [pid 5048] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, [pid 5048] <... openat resumed>) = 4 [pid 5844] memfd_create("syzkaller", 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] newfstatat(4, "", [pid 5050] getdents64(4, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(4, [pid 5050] close(4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... close resumed>) = 0 [pid 5048] getdents64(4, [pid 5050] rmdir("./128/file0" [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] close(4 [pid 5844] <... memfd_create resumed>) = 3 [pid 5048] <... close resumed>) = 0 [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5050] getdents64(3, [pid 5048] rmdir("./128/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./128") = 0 [pid 5048] mkdir("./129", 0777 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5050] close(3) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] rmdir("./128" [pid 5048] <... openat resumed>) = 3 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD) = 0 [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] mkdir("./129", 0777) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5845 attached ) = 3 [pid 5845] set_robust_list(0x555556629660, 24 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5845 [pid 5845] <... set_robust_list resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5845] chdir("./129" [pid 5050] close(3 [pid 5845] <... chdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5845] <... prctl resumed>) = 0 [pid 5845] setpgid(0, 0) = 0 [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5846 [pid 5845] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5846 attached [pid 5846] set_robust_list(0x555556629660, 24) = 0 [pid 5845] write(3, "1000", 4 [pid 5846] chdir("./129" [pid 5845] <... write resumed>) = 4 [pid 5846] <... chdir resumed>) = 0 [pid 5845] close(3 [pid 5843] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5845] <... close resumed>) = 0 [pid 5846] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5845] symlink("/dev/binderfs", "./binderfs" [pid 5846] <... prctl resumed>) = 0 [pid 5845] <... symlink resumed>) = 0 [pid 5846] setpgid(0, 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5846] <... setpgid resumed>) = 0 [pid 5845] memfd_create("syzkaller", 0 [pid 5842] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5846] <... openat resumed>) = 3 [pid 5051] newfstatat(AT_FDCWD, "./127/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5846] write(3, "1000", 4 [pid 5051] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5846] <... write resumed>) = 4 [pid 5845] <... memfd_create resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5846] close(3 [pid 5051] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5846] <... close resumed>) = 0 [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5846] symlink("/dev/binderfs", "./binderfs" [pid 5845] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... openat resumed>) = 4 [pid 5846] <... symlink resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5846] memfd_create("syzkaller", 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5846] <... memfd_create resumed>) = 3 [pid 5846] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5844] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./127/file0") = 0 [pid 5843] <... write resumed>) = 2097152 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5842] <... write resumed>) = 2097152 [pid 5842] munmap(0x7f3b887a1000, 138412032 [pid 5051] close(3 [pid 5843] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5843] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5843] ioctl(4, LOOP_SET_FD, 3 [pid 5842] <... munmap resumed>) = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... close resumed>) = 0 [pid 5842] <... openat resumed>) = 4 [pid 5051] rmdir("./127" [pid 5842] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] mkdir("./128", 0777 [pid 5845] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5846] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... mkdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5844] <... write resumed>) = 2097152 [pid 5842] <... ioctl resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5844] munmap(0x7f3b887a1000, 138412032 [pid 5843] <... ioctl resumed>) = 0 [pid 5842] close(3 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5843] close(3) = 0 [ 133.876060][ T5843] loop0: detected capacity change from 0 to 4096 [ 133.885809][ T5842] loop2: detected capacity change from 0 to 4096 [pid 5844] <... munmap resumed>) = 0 [pid 5843] mkdir("./file0", 0777 [pid 5842] <... close resumed>) = 0 [pid 5051] close(3 [pid 5844] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5843] <... mkdir resumed>) = 0 [pid 5842] mkdir("./file0", 0777 [pid 5051] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5844] <... openat resumed>) = 4 [pid 5844] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5847 [pid 5843] mount("/dev/loop0", "./file0", "ntfs3", 0, ""./strace-static-x86_64: Process 5847 attached [pid 5847] set_robust_list(0x555556629660, 24) = 0 [pid 5847] chdir("./128") = 0 [pid 5847] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5847] setpgid(0, 0) = 0 [pid 5847] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5847] write(3, "1000", 4) = 4 [pid 5847] close(3) = 0 [pid 5847] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5847] memfd_create("syzkaller", 0 [pid 5842] <... mkdir resumed>) = 0 [pid 5845] <... write resumed>) = 2097152 [pid 5842] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5845] munmap(0x7f3b887a1000, 138412032 [pid 5847] <... memfd_create resumed>) = 3 [pid 5847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5845] <... munmap resumed>) = 0 [pid 5844] <... ioctl resumed>) = 0 [pid 5844] close(3) = 0 [pid 5844] mkdir("./file0", 0777 [pid 5845] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5844] <... mkdir resumed>) = 0 [pid 5845] <... openat resumed>) = 4 [ 133.939564][ T5843] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 133.942880][ T5844] loop5: detected capacity change from 0 to 4096 [ 133.975619][ T5842] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5845] ioctl(4, LOOP_SET_FD, 3 [pid 5846] <... write resumed>) = 2097152 [pid 5846] munmap(0x7f3b887a1000, 138412032 [pid 5844] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5845] <... ioctl resumed>) = 0 [pid 5845] close(3) = 0 [pid 5845] mkdir("./file0", 0777 [pid 5846] <... munmap resumed>) = 0 [pid 5845] <... mkdir resumed>) = 0 [pid 5846] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5845] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5846] ioctl(4, LOOP_SET_FD, 3 [pid 5842] <... mount resumed>) = 0 [pid 5846] <... ioctl resumed>) = 0 [pid 5846] close(3) = 0 [pid 5846] mkdir("./file0", 0777) = 0 [ 133.989642][ T5845] loop1: detected capacity change from 0 to 4096 [ 133.998641][ T5844] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 134.025933][ T5846] loop3: detected capacity change from 0 to 4096 [pid 5846] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5842] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5844] <... mount resumed>) = 0 [pid 5844] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5842] <... openat resumed>) = 3 [pid 5844] <... openat resumed>) = 3 [pid 5842] chdir("./file0" [pid 5844] chdir("./file0" [pid 5842] <... chdir resumed>) = 0 [pid 5844] <... chdir resumed>) = 0 [pid 5842] ioctl(4, LOOP_CLR_FD [pid 5844] ioctl(4, LOOP_CLR_FD [pid 5842] <... ioctl resumed>) = 0 [pid 5844] <... ioctl resumed>) = 0 [pid 5842] close(4) = 0 [pid 5842] exit_group(0) = ? [pid 5844] close(4) = 0 [pid 5844] exit_group(0) = ? [pid 5842] +++ exited with 0 +++ [pid 5843] <... mount resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5842, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5843] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5844] +++ exited with 0 +++ [pid 5843] <... openat resumed>) = 3 [pid 5843] chdir("./file0" [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5844, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5847] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5843] <... chdir resumed>) = 0 [pid 5049] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5843] ioctl(4, LOOP_CLR_FD [pid 5052] umount2("./127", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5843] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5845] <... mount resumed>) = 0 [pid 5843] close(4 [pid 5052] openat(AT_FDCWD, "./127", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5845] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... openat resumed>) = 3 [ 134.026292][ T5845] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 134.042242][ T5846] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5845] <... openat resumed>) = 3 [pid 5843] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] newfstatat(3, "", [pid 5847] <... write resumed>) = 2097152 [pid 5845] chdir("./file0" [pid 5843] exit_group(0 [pid 5052] newfstatat(3, "", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5847] munmap(0x7f3b887a1000, 138412032 [pid 5846] <... mount resumed>) = 0 [pid 5845] <... chdir resumed>) = 0 [pid 5843] <... exit_group resumed>) = ? [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5845] ioctl(4, LOOP_CLR_FD [pid 5052] getdents64(3, [pid 5845] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5845] close(4 [pid 5049] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5845] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5846] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5845] exit_group(0 [pid 5843] +++ exited with 0 +++ [pid 5052] umount2("./127/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./131/binderfs", [pid 5846] <... openat resumed>) = 3 [pid 5845] <... exit_group resumed>) = ? [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5846] chdir("./file0" [pid 5052] newfstatat(AT_FDCWD, "./127/binderfs", [pid 5049] unlink("./131/binderfs" [pid 5846] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5843, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5847] <... munmap resumed>) = 0 [pid 5846] ioctl(4, LOOP_CLR_FD [pid 5052] unlink("./127/binderfs" [pid 5049] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5846] <... ioctl resumed>) = 0 [pid 5845] +++ exited with 0 +++ [pid 5052] <... unlink resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5847] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5846] close(4 [pid 5052] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5847] <... openat resumed>) = 4 [pid 5846] <... close resumed>) = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5845, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5047] <... openat resumed>) = 3 [pid 5847] ioctl(4, LOOP_SET_FD, 3 [pid 5846] exit_group(0 [pid 5048] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(3, "", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] getdents64(3, [pid 5048] <... openat resumed>) = 3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] newfstatat(3, "", [pid 5047] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5846] <... exit_group resumed>) = ? [pid 5052] <... umount2 resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5048] getdents64(3, [pid 5047] newfstatat(AT_FDCWD, "./132/binderfs", [pid 5846] +++ exited with 0 +++ [pid 5052] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] newfstatat(AT_FDCWD, "./127/file0", [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5846, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(AT_FDCWD, "./129/binderfs", [pid 5047] unlink("./132/binderfs" [pid 5052] umount2("./127/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... unlink resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./127/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... openat resumed>) = 3 [pid 5048] unlink("./129/binderfs" [pid 5047] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... openat resumed>) = 4 [pid 5050] newfstatat(3, "", [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, [pid 5047] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(4, [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(AT_FDCWD, "./132/file0", [pid 5052] getdents64(4, [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] newfstatat(AT_FDCWD, "./129/binderfs", [pid 5052] close(4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] unlink("./129/binderfs" [pid 5052] rmdir("./127/file0") = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5050] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5847] <... ioctl resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./131/file0", [pid 5047] <... openat resumed>) = 4 [pid 5847] close(3) = 0 [pid 5052] getdents64(3, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5847] mkdir("./file0", 0777 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] newfstatat(4, "", [pid 5052] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... close resumed>) = 0 [pid 5047] getdents64(4, [pid 5052] rmdir("./127" [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... rmdir resumed>) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./132/file0" [pid 5052] mkdir("./128", 0777 [pid 5047] <... rmdir resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./132") = 0 [ 134.141856][ T5847] loop4: detected capacity change from 0 to 4096 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] mkdir("./133", 0777 [pid 5847] <... mkdir resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... mkdir resumed>) = 0 [pid 5847] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5047] <... openat resumed>) = 3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... umount2 resumed>) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5047] close(3 [pid 5049] newfstatat(4, "", [pid 5047] <... close resumed>) = 0 [pid 5052] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] getdents64(4, [pid 5052] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5848 attached [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] close(4 [pid 5048] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5848 [pid 5050] newfstatat(AT_FDCWD, "./129/file0", [pid 5049] <... close resumed>) = 0 [pid 5848] set_robust_list(0x555556629660, 24 [pid 5049] rmdir("./131/file0" [pid 5848] <... set_robust_list resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5848] chdir("./133" [pid 5050] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, [pid 5048] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5849 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] close(3 [pid 5848] <... chdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5848] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5847] <... mount resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5049] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5848] <... prctl resumed>) = 0 [pid 5050] newfstatat(4, "", [pid 5049] rmdir("./131" [pid 5848] setpgid(0, 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5849 attached [pid 5848] <... setpgid resumed>) = 0 [pid 5050] getdents64(4, [pid 5049] <... rmdir resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5849] set_robust_list(0x555556629660, 24 [pid 5848] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5847] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] mkdir("./132", 0777 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5849] <... set_robust_list resumed>) = 0 [pid 5048] getdents64(4, [pid 5849] chdir("./128" [pid 5848] <... openat resumed>) = 3 [pid 5847] <... openat resumed>) = 3 [pid 5050] getdents64(4, [pid 5049] <... mkdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [ 134.206979][ T5847] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5849] <... chdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] getdents64(4, [pid 5849] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5848] write(3, "1000", 4 [pid 5847] chdir("./file0" [pid 5050] close(4 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5848] <... write resumed>) = 4 [pid 5847] <... chdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] close(4 [pid 5849] <... prctl resumed>) = 0 [pid 5848] close(3 [pid 5847] ioctl(4, LOOP_CLR_FD [pid 5050] rmdir("./129/file0" [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... close resumed>) = 0 [pid 5849] setpgid(0, 0 [pid 5848] <... close resumed>) = 0 [pid 5847] <... ioctl resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] close(3 [pid 5048] rmdir("./129/file0" [pid 5849] <... setpgid resumed>) = 0 [pid 5848] symlink("/dev/binderfs", "./binderfs" [pid 5847] close(4 [pid 5050] getdents64(3, [pid 5049] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5850 attached [pid 5849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5848] <... symlink resumed>) = 0 [pid 5847] <... close resumed>) = 0 [pid 5050] close(3 [pid 5048] <... rmdir resumed>) = 0 [pid 5850] set_robust_list(0x555556629660, 24 [pid 5050] <... close resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5850 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5849] <... openat resumed>) = 3 [pid 5848] memfd_create("syzkaller", 0 [pid 5847] exit_group(0 [pid 5050] rmdir("./129" [pid 5048] getdents64(3, [pid 5850] chdir("./132") = 0 [pid 5849] write(3, "1000", 4 [pid 5848] <... memfd_create resumed>) = 3 [pid 5847] <... exit_group resumed>) = ? [pid 5050] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] mkdir("./130", 0777 [pid 5850] <... prctl resumed>) = 0 [pid 5849] <... write resumed>) = 4 [pid 5048] close(3 [pid 5849] close(3 [pid 5048] <... close resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5850] setpgid(0, 0) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5849] <... close resumed>) = 0 [pid 5048] rmdir("./129" [pid 5850] <... openat resumed>) = 3 [pid 5849] symlink("/dev/binderfs", "./binderfs" [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] <... rmdir resumed>) = 0 [pid 5849] <... symlink resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5048] mkdir("./130", 0777 [pid 5850] write(3, "1000", 4 [pid 5849] memfd_create("syzkaller", 0 [pid 5848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5048] <... mkdir resumed>) = 0 [pid 5850] <... write resumed>) = 4 [pid 5849] <... memfd_create resumed>) = 3 [pid 5848] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5850] close(3) = 0 [pid 5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5847] +++ exited with 0 +++ [pid 5050] close(3 [pid 5048] <... openat resumed>) = 3 [pid 5850] symlink("/dev/binderfs", "./binderfs" [pid 5849] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5847, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5050] <... close resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5850] <... symlink resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5851 attached [pid 5851] set_robust_list(0x555556629660, 24 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5851 [pid 5851] <... set_robust_list resumed>) = 0 [pid 5051] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5851] chdir("./130") = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5852 ./strace-static-x86_64: Process 5852 attached [pid 5851] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5851] <... prctl resumed>) = 0 [pid 5851] setpgid(0, 0) = 0 [pid 5850] memfd_create("syzkaller", 0 [pid 5852] set_robust_list(0x555556629660, 24 [pid 5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... openat resumed>) = 3 [pid 5850] <... memfd_create resumed>) = 3 [pid 5851] <... openat resumed>) = 3 [pid 5852] <... set_robust_list resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5852] chdir("./130" [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5851] write(3, "1000", 4 [pid 5850] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] getdents64(3, [pid 5851] <... write resumed>) = 4 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5852] <... chdir resumed>) = 0 [pid 5851] close(3 [pid 5051] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5851] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5851] symlink("/dev/binderfs", "./binderfs" [pid 5051] newfstatat(AT_FDCWD, "./128/binderfs", [pid 5851] <... symlink resumed>) = 0 [pid 5852] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5851] memfd_create("syzkaller", 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5851] <... memfd_create resumed>) = 3 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5852] <... prctl resumed>) = 0 [pid 5851] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] unlink("./128/binderfs" [pid 5852] setpgid(0, 0) = 0 [pid 5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... unlink resumed>) = 0 [pid 5852] <... openat resumed>) = 3 [pid 5051] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5852] write(3, "1000", 4) = 4 [pid 5852] close(3 [pid 5051] <... umount2 resumed>) = 0 [pid 5852] <... close resumed>) = 0 [pid 5852] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5051] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./128/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5852] memfd_create("syzkaller", 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5852] <... memfd_create resumed>) = 3 [pid 5051] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", [pid 5852] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5852] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5849] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5851] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5848] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./128/file0") = 0 [pid 5051] getdents64(3, [pid 5850] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./128" [pid 5849] <... write resumed>) = 2097152 [pid 5849] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] mkdir("./129", 0777 [pid 5849] <... munmap resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5853 ./strace-static-x86_64: Process 5853 attached [pid 5849] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5853] set_robust_list(0x555556629660, 24) = 0 [pid 5849] <... openat resumed>) = 4 [pid 5849] ioctl(4, LOOP_SET_FD, 3 [pid 5853] chdir("./129" [pid 5850] <... write resumed>) = 2097152 [pid 5848] <... write resumed>) = 2097152 [pid 5853] <... chdir resumed>) = 0 [pid 5850] munmap(0x7f3b887a1000, 138412032 [pid 5848] munmap(0x7f3b887a1000, 138412032 [pid 5849] <... ioctl resumed>) = 0 [pid 5849] close(3) = 0 [pid 5849] mkdir("./file0", 0777 [pid 5853] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5853] setpgid(0, 0) = 0 [pid 5853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5853] write(3, "1000", 4) = 4 [pid 5853] close(3) = 0 [pid 5850] <... munmap resumed>) = 0 [pid 5849] <... mkdir resumed>) = 0 [pid 5848] <... munmap resumed>) = 0 [ 134.505337][ T5849] loop5: detected capacity change from 0 to 4096 [ 134.545402][ T5850] loop2: detected capacity change from 0 to 4096 [pid 5853] symlink("/dev/binderfs", "./binderfs" [pid 5852] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5851] <... write resumed>) = 2097152 [pid 5850] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5849] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5853] <... symlink resumed>) = 0 [pid 5850] <... openat resumed>) = 4 [pid 5850] ioctl(4, LOOP_SET_FD, 3 [pid 5848] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5848] ioctl(4, LOOP_SET_FD, 3 [pid 5851] munmap(0x7f3b887a1000, 138412032 [pid 5853] memfd_create("syzkaller", 0 [pid 5851] <... munmap resumed>) = 0 [pid 5851] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5851] ioctl(4, LOOP_SET_FD, 3 [pid 5853] <... memfd_create resumed>) = 3 [pid 5850] <... ioctl resumed>) = 0 [pid 5853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5850] close(3) = 0 [pid 5853] <... mmap resumed>) = 0x7f3b887a1000 [pid 5850] mkdir("./file0", 0777 [pid 5848] <... ioctl resumed>) = 0 [pid 5852] <... write resumed>) = 2097152 [pid 5851] <... ioctl resumed>) = 0 [pid 5850] <... mkdir resumed>) = 0 [pid 5848] close(3) = 0 [pid 5848] mkdir("./file0", 0777) = 0 [pid 5852] munmap(0x7f3b887a1000, 138412032 [pid 5851] close(3 [ 134.545930][ T5848] loop0: detected capacity change from 0 to 4096 [ 134.560945][ T5849] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 134.566473][ T5851] loop1: detected capacity change from 0 to 4096 [pid 5848] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5853] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5852] <... munmap resumed>) = 0 [pid 5851] <... close resumed>) = 0 [pid 5850] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5852] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5851] mkdir("./file0", 0777 [pid 5852] <... openat resumed>) = 4 [pid 5851] <... mkdir resumed>) = 0 [pid 5852] ioctl(4, LOOP_SET_FD, 3 [pid 5851] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5852] <... ioctl resumed>) = 0 [pid 5852] close(3) = 0 [pid 5852] mkdir("./file0", 0777) = 0 [ 134.599277][ T5848] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 134.608541][ T5850] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 134.624092][ T5852] loop3: detected capacity change from 0 to 4096 [ 134.633117][ T5851] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5852] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5849] <... mount resumed>) = 0 [pid 5848] <... mount resumed>) = 0 [pid 5848] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5849] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5849] chdir("./file0") = 0 [pid 5849] ioctl(4, LOOP_CLR_FD) = 0 [pid 5849] close(4) = 0 [pid 5849] exit_group(0) = ? [pid 5849] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5849, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5052] umount2("./128", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5848] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./128", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./128/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./128/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5848] chdir("./file0" [pid 5052] unlink("./128/binderfs" [pid 5848] <... chdir resumed>) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5848] ioctl(4, LOOP_CLR_FD) = 0 [pid 5052] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5848] close(4) = 0 [pid 5848] exit_group(0) = ? [pid 5848] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5848, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5047] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5047] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5853] <... write resumed>) = 2097152 [pid 5853] munmap(0x7f3b887a1000, 138412032 [pid 5047] newfstatat(AT_FDCWD, "./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./133/binderfs") = 0 [pid 5851] <... mount resumed>) = 0 [pid 5047] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5853] <... munmap resumed>) = 0 [pid 5853] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 134.655354][ T5852] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5853] ioctl(4, LOOP_SET_FD, 3 [pid 5851] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... umount2 resumed>) = 0 [pid 5853] <... ioctl resumed>) = 0 [pid 5852] <... mount resumed>) = 0 [pid 5851] <... openat resumed>) = 3 [pid 5851] chdir("./file0") = 0 [pid 5850] <... mount resumed>) = 0 [pid 5852] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5851] ioctl(4, LOOP_CLR_FD) = 0 [pid 5853] close(3 [pid 5852] <... openat resumed>) = 3 [pid 5850] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = 0 [pid 5850] <... openat resumed>) = 3 [pid 5850] chdir("./file0") = 0 [pid 5850] ioctl(4, LOOP_CLR_FD) = 0 [pid 5850] close(4) = 0 [pid 5850] exit_group(0) = ? [pid 5850] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5853] <... close resumed>) = 0 [pid 5852] chdir("./file0" [pid 5851] close(4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5853] mkdir("./file0", 0777 [pid 5852] <... chdir resumed>) = 0 [pid 5851] <... close resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./128/file0", [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5851] exit_group(0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(AT_FDCWD, "./133/file0", [pid 5052] umount2("./128/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5851] <... exit_group resumed>) = ? [pid 5052] openat(AT_FDCWD, "./128/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 4 [pid 5052] newfstatat(4, "", [pid 5049] <... openat resumed>) = 3 [pid 5047] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5853] <... mkdir resumed>) = 0 [pid 5852] ioctl(4, LOOP_CLR_FD [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5852] <... ioctl resumed>) = 0 [pid 5052] getdents64(4, [pid 5049] newfstatat(3, "", [pid 5047] <... openat resumed>) = 4 [pid 5853] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5852] close(4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] newfstatat(4, "", [pid 5852] <... close resumed>) = 0 [pid 5052] getdents64(4, [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5852] exit_group(0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5852] <... exit_group resumed>) = ? [pid 5052] close(4 [pid 5049] getdents64(3, [pid 5047] getdents64(4, [pid 5052] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] rmdir("./128/file0" [pid 5049] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./132/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 134.723167][ T5853] loop4: detected capacity change from 0 to 4096 [pid 5049] unlink("./132/binderfs" [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5047] getdents64(4, [pid 5049] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5851] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5851, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5049] <... umount2 resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] getdents64(3, [pid 5049] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5852] +++ exited with 0 +++ [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(4 [pid 5052] close(3 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5852, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] newfstatat(AT_FDCWD, "./132/file0", [pid 5048] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... close resumed>) = 0 [pid 5853] <... mount resumed>) = 0 [pid 5052] rmdir("./128" [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] rmdir("./133/file0" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... rmdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... rmdir resumed>) = 0 [pid 5052] mkdir("./129", 0777 [pid 5048] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... mkdir resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5048] <... openat resumed>) = 3 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] getdents64(3, [pid 5048] newfstatat(3, "", [pid 5052] <... openat resumed>) = 3 [pid 5050] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] <... openat resumed>) = 3 [pid 5049] getdents64(4, [pid 5048] getdents64(3, [pid 5047] close(3 [pid 5853] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] close(3 [pid 5050] newfstatat(3, "", [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... close resumed>) = 0 [pid 5853] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5048] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] rmdir("./133" [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] getdents64(3, [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5853] chdir("./file0" [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] close(4 [pid 5047] <... rmdir resumed>) = 0 [pid 5853] <... chdir resumed>) = 0 [pid 5050] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... close resumed>) = 0 ./strace-static-x86_64: Process 5854 attached [pid 5853] ioctl(4, LOOP_CLR_FD [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] rmdir("./132/file0" [pid 5048] newfstatat(AT_FDCWD, "./130/binderfs", [pid 5047] mkdir("./134", 0777 [pid 5854] set_robust_list(0x555556629660, 24 [pid 5853] <... ioctl resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5854 [pid 5050] newfstatat(AT_FDCWD, "./130/binderfs", [pid 5049] <... rmdir resumed>) = 0 [pid 5854] <... set_robust_list resumed>) = 0 [pid 5853] close(4 [pid 5047] <... mkdir resumed>) = 0 [pid 5854] chdir("./129" [pid 5853] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] getdents64(3, [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5854] <... chdir resumed>) = 0 [pid 5048] unlink("./130/binderfs" [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5854] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5853] exit_group(0 [pid 5050] unlink("./130/binderfs" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5854] setpgid(0, 0 [pid 5853] <... exit_group resumed>) = ? [pid 5050] <... unlink resumed>) = 0 [pid 5049] close(3 [pid 5048] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5854] <... setpgid resumed>) = 0 [pid 5853] +++ exited with 0 +++ [pid 5049] <... close resumed>) = 0 [pid 5854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5853, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5049] rmdir("./132" [pid 5854] <... openat resumed>) = 3 [ 134.770261][ T5853] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5050] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] mkdir("./133", 0777 [pid 5854] write(3, "1000", 4 [pid 5051] <... openat resumed>) = 3 [pid 5047] close(3 [pid 5854] <... write resumed>) = 4 [pid 5051] newfstatat(3, "", [pid 5854] close(3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5854] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5854] symlink("/dev/binderfs", "./binderfs" [pid 5048] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5855 attached [pid 5051] getdents64(3, [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5855] set_robust_list(0x555556629660, 24 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... openat resumed>) = 3 [pid 5855] <... set_robust_list resumed>) = 0 [pid 5051] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5855] chdir("./134" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5855] <... chdir resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./129/binderfs", [pid 5049] close(3 [pid 5855] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... close resumed>) = 0 [pid 5855] <... prctl resumed>) = 0 [pid 5051] unlink("./129/binderfs" [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5855] setpgid(0, 0 [pid 5051] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5856 attached [pid 5855] <... setpgid resumed>) = 0 [pid 5051] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5856] set_robust_list(0x555556629660, 24 [pid 5855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5856 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5855 [pid 5854] <... symlink resumed>) = 0 [pid 5856] <... set_robust_list resumed>) = 0 [pid 5855] <... openat resumed>) = 3 [pid 5856] chdir("./133" [pid 5855] write(3, "1000", 4) = 4 [pid 5855] close(3 [pid 5854] memfd_create("syzkaller", 0 [pid 5048] newfstatat(AT_FDCWD, "./130/file0", [pid 5856] <... chdir resumed>) = 0 [pid 5855] <... close resumed>) = 0 [pid 5856] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5855] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5856] <... prctl resumed>) = 0 [pid 5855] <... symlink resumed>) = 0 [pid 5854] <... memfd_create resumed>) = 3 [pid 5856] setpgid(0, 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5048] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5856] <... setpgid resumed>) = 0 [pid 5855] memfd_create("syzkaller", 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5856] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 4 [pid 5050] newfstatat(4, "", [pid 5856] write(3, "1000", 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5856] <... write resumed>) = 4 [pid 5050] getdents64(4, [pid 5856] close(3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5856] <... close resumed>) = 0 [pid 5855] <... memfd_create resumed>) = 3 [pid 5050] getdents64(4, [pid 5856] symlink("/dev/binderfs", "./binderfs" [pid 5855] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4 [pid 5856] <... symlink resumed>) = 0 [pid 5855] <... mmap resumed>) = 0x7f3b887a1000 [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] rmdir("./130/file0") = 0 [pid 5856] memfd_create("syzkaller", 0 [pid 5854] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] getdents64(3, [pid 5048] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5050] close(3 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5856] <... memfd_create resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5048] getdents64(4, [pid 5050] rmdir("./130" [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, [pid 5050] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5050] mkdir("./131", 0777 [pid 5048] <... close resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5857 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./129/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] rmdir("./130/file0"./strace-static-x86_64: Process 5857 attached [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5857] set_robust_list(0x555556629660, 24 [pid 5051] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5051] <... openat resumed>) = 4 [pid 5857] <... set_robust_list resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./130" [pid 5857] chdir("./131" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5857] <... chdir resumed>) = 0 [pid 5051] getdents64(4, [pid 5048] <... rmdir resumed>) = 0 [pid 5857] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5857] <... prctl resumed>) = 0 [pid 5051] getdents64(4, [pid 5857] setpgid(0, 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5857] <... setpgid resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5048] mkdir("./131", 0777 [pid 5857] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] rmdir("./129/file0") = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5857] <... openat resumed>) = 3 [pid 5051] getdents64(3, [pid 5857] write(3, "1000", 4 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5857] <... write resumed>) = 4 [pid 5051] close(3 [pid 5857] close(3 [pid 5051] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5857] <... close resumed>) = 0 [pid 5051] rmdir("./129" [pid 5857] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... rmdir resumed>) = 0 [pid 5857] <... symlink resumed>) = 0 [pid 5857] memfd_create("syzkaller", 0 [pid 5051] mkdir("./130", 0777 [pid 5857] <... memfd_create resumed>) = 3 [pid 5856] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... mkdir resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... close resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 5855] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... close resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5859 attached , child_tidptr=0x555556629650) = 5858 ./strace-static-x86_64: Process 5858 attached [pid 5859] set_robust_list(0x555556629660, 24 [pid 5854] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5859 [pid 5858] set_robust_list(0x555556629660, 24) = 0 [pid 5858] chdir("./130" [pid 5859] <... set_robust_list resumed>) = 0 [pid 5858] <... chdir resumed>) = 0 [pid 5859] chdir("./131") = 0 [pid 5858] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5859] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5858] <... prctl resumed>) = 0 [pid 5858] setpgid(0, 0) = 0 [pid 5858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5858] write(3, "1000", 4) = 4 [pid 5859] <... prctl resumed>) = 0 [pid 5858] close(3 [pid 5859] setpgid(0, 0 [pid 5858] <... close resumed>) = 0 [pid 5858] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5858] memfd_create("syzkaller", 0 [pid 5859] <... setpgid resumed>) = 0 [pid 5859] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5859] write(3, "1000", 4) = 4 [pid 5858] <... memfd_create resumed>) = 3 [pid 5859] close(3 [pid 5858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5859] <... close resumed>) = 0 [pid 5858] <... mmap resumed>) = 0x7f3b887a1000 [pid 5859] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5859] memfd_create("syzkaller", 0 [pid 5854] <... write resumed>) = 2097152 [pid 5859] <... memfd_create resumed>) = 3 [pid 5857] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5854] munmap(0x7f3b887a1000, 138412032 [pid 5859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5856] <... write resumed>) = 2097152 [pid 5856] munmap(0x7f3b887a1000, 138412032 [pid 5855] <... write resumed>) = 2097152 [pid 5854] <... munmap resumed>) = 0 [pid 5856] <... munmap resumed>) = 0 [pid 5855] munmap(0x7f3b887a1000, 138412032 [pid 5854] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5856] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5855] <... munmap resumed>) = 0 [pid 5854] <... openat resumed>) = 4 [pid 5856] <... openat resumed>) = 4 [pid 5854] ioctl(4, LOOP_SET_FD, 3 [pid 5855] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5855] ioctl(4, LOOP_SET_FD, 3 [pid 5856] ioctl(4, LOOP_SET_FD, 3 [pid 5855] <... ioctl resumed>) = 0 [pid 5855] close(3) = 0 [pid 5855] mkdir("./file0", 0777 [pid 5858] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5855] <... mkdir resumed>) = 0 [pid 5855] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5854] <... ioctl resumed>) = 0 [pid 5854] close(3) = 0 [ 135.128276][ T5854] loop5: detected capacity change from 0 to 4096 [ 135.135643][ T5855] loop0: detected capacity change from 0 to 4096 [ 135.135675][ T5856] loop2: detected capacity change from 0 to 4096 [ 135.165359][ T5855] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5854] mkdir("./file0", 0777 [pid 5857] <... write resumed>) = 2097152 [pid 5854] <... mkdir resumed>) = 0 [pid 5856] <... ioctl resumed>) = 0 [pid 5854] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5856] close(3) = 0 [pid 5856] mkdir("./file0", 0777 [pid 5857] munmap(0x7f3b887a1000, 138412032 [pid 5856] <... mkdir resumed>) = 0 [pid 5856] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5857] <... munmap resumed>) = 0 [pid 5859] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5857] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5857] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5857] close(3) = 0 [pid 5857] mkdir("./file0", 0777) = 0 [ 135.176176][ T5854] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 135.197388][ T5856] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 135.210106][ T5857] loop3: detected capacity change from 0 to 4096 [pid 5857] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5854] <... mount resumed>) = 0 [pid 5854] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5854] chdir("./file0") = 0 [pid 5854] ioctl(4, LOOP_CLR_FD [pid 5858] <... write resumed>) = 2097152 [pid 5854] <... ioctl resumed>) = 0 [pid 5854] close(4) = 0 [pid 5854] exit_group(0) = ? [pid 5858] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5859] <... write resumed>) = 2097152 [pid 5859] munmap(0x7f3b887a1000, 138412032 [pid 5854] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5854, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5052] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5052] umount2("./129", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./129", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", [pid 5858] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5858] <... openat resumed>) = 4 [ 135.231329][ T5857] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5052] getdents64(3, [pid 5858] ioctl(4, LOOP_SET_FD, 3 [pid 5859] <... munmap resumed>) = 0 [pid 5856] <... mount resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./129/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5859] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5859] <... openat resumed>) = 4 [pid 5856] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] newfstatat(AT_FDCWD, "./129/binderfs", [pid 5859] ioctl(4, LOOP_SET_FD, 3 [pid 5856] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./129/binderfs" [pid 5856] chdir("./file0") = 0 [pid 5856] ioctl(4, LOOP_CLR_FD) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5856] close(4 [pid 5052] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5856] <... close resumed>) = 0 [pid 5856] exit_group(0) = ? [pid 5856] +++ exited with 0 +++ [pid 5859] <... ioctl resumed>) = 0 [pid 5858] <... ioctl resumed>) = 0 [pid 5857] <... mount resumed>) = 0 [pid 5855] <... mount resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5858] close(3 [pid 5859] close(3 [pid 5857] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5855] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5856, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5855] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5859] <... close resumed>) = 0 [pid 5855] chdir("./file0" [pid 5052] newfstatat(AT_FDCWD, "./129/file0", [pid 5049] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5858] <... close resumed>) = 0 [pid 5859] mkdir("./file0", 0777 [pid 5857] <... openat resumed>) = 3 [pid 5855] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5858] mkdir("./file0", 0777 [pid 5859] <... mkdir resumed>) = 0 [pid 5857] chdir("./file0" [pid 5855] ioctl(4, LOOP_CLR_FD [pid 5052] umount2("./129/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5858] <... mkdir resumed>) = 0 [ 135.284576][ T5859] loop1: detected capacity change from 0 to 4096 [ 135.287048][ T5858] loop4: detected capacity change from 0 to 4096 [pid 5859] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5857] <... chdir resumed>) = 0 [pid 5855] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... openat resumed>) = 3 [pid 5858] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5857] ioctl(4, LOOP_CLR_FD [pid 5855] close(4 [pid 5052] openat(AT_FDCWD, "./129/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] newfstatat(3, "", [pid 5857] <... ioctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5857] close(4 [pid 5049] getdents64(3, [pid 5857] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5857] exit_group(0 [pid 5052] <... openat resumed>) = 4 [pid 5855] <... close resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5857] <... exit_group resumed>) = ? [pid 5855] exit_group(0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5857] +++ exited with 0 +++ [pid 5855] <... exit_group resumed>) = ? [pid 5052] getdents64(4, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5855] +++ exited with 0 +++ [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5857, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5049] newfstatat(AT_FDCWD, "./133/binderfs", [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5052] getdents64(4, [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5855, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./129/file0" [pid 5049] unlink("./133/binderfs" [pid 5052] <... rmdir resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5047] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] getdents64(3, [pid 5050] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... openat resumed>) = 3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", [pid 5052] close(3 [pid 5050] newfstatat(3, "", [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5052] rmdir("./129" [pid 5050] getdents64(3, [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] <... rmdir resumed>) = 0 [pid 5047] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] mkdir("./130", 0777 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... mkdir resumed>) = 0 [pid 5050] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(AT_FDCWD, "./134/binderfs", [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5050] newfstatat(AT_FDCWD, "./131/binderfs", [pid 5047] unlink("./134/binderfs" [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] unlink("./131/binderfs" [pid 5047] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] close(3) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5860 attached [pid 5860] set_robust_list(0x555556629660, 24) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5860 [pid 5860] chdir("./130") = 0 [ 135.329122][ T5859] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 135.339975][ T5858] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5860] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5859] <... mount resumed>) = 0 [pid 5860] <... prctl resumed>) = 0 [pid 5860] setpgid(0, 0) = 0 [pid 5860] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5860] write(3, "1000", 4) = 4 [pid 5860] close(3) = 0 [pid 5860] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5860] memfd_create("syzkaller", 0 [pid 5859] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5859] chdir("./file0") = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5859] ioctl(4, LOOP_CLR_FD [pid 5049] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5859] <... ioctl resumed>) = 0 [pid 5859] close(4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5859] <... close resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./133/file0", [pid 5860] <... memfd_create resumed>) = 3 [pid 5859] exit_group(0 [pid 5050] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5859] <... exit_group resumed>) = ? [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5860] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5860] <... mmap resumed>) = 0x7f3b887a1000 [pid 5859] +++ exited with 0 +++ [pid 5050] newfstatat(AT_FDCWD, "./131/file0", [pid 5049] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 4 [pid 5047] newfstatat(AT_FDCWD, "./134/file0", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(4, "", [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(4, [pid 5050] <... openat resumed>) = 4 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5859, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5050] newfstatat(4, "", [pid 5049] getdents64(4, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(4, [pid 5047] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] close(4 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5858] <... mount resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5047] <... openat resumed>) = 4 [pid 5858] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] getdents64(4, [pid 5049] rmdir("./133/file0" [pid 5048] <... restart_syscall resumed>) = 0 [pid 5047] newfstatat(4, "", [pid 5858] <... openat resumed>) = 3 [pid 5049] <... rmdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5858] chdir("./file0" [pid 5048] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(4, [pid 5858] <... chdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5858] ioctl(4, LOOP_CLR_FD [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] getdents64(3, [pid 5048] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] getdents64(4, [pid 5050] close(4 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... close resumed>) = 0 [pid 5049] close(3 [pid 5047] close(4 [pid 5049] <... close resumed>) = 0 [pid 5858] <... ioctl resumed>) = 0 [pid 5050] rmdir("./131/file0" [pid 5048] <... openat resumed>) = 3 [pid 5047] <... close resumed>) = 0 [pid 5858] close(4 [pid 5048] newfstatat(3, "", [pid 5047] rmdir("./134/file0" [pid 5858] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, [pid 5858] exit_group(0 [pid 5048] getdents64(3, [pid 5858] <... exit_group resumed>) = ? [pid 5050] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5858] +++ exited with 0 +++ [pid 5049] rmdir("./133" [pid 5048] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5858, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./131/binderfs", [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(3, [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] close(3 [pid 5048] unlink("./131/binderfs" [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] mkdir("./134", 0777 [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5048] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] close(3 [pid 5049] <... mkdir resumed>) = 0 [pid 5047] rmdir("./134" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... close resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] rmdir("./131" [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5047] <... rmdir resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] mkdir("./135", 0777 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] mkdir("./132", 0777 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... mkdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5050] <... mkdir resumed>) = 0 [pid 5049] close(3 [pid 5048] newfstatat(AT_FDCWD, "./131/file0", [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5048] getdents64(4, ./strace-static-x86_64: Process 5861 attached [pid 5051] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 3 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5861 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(4, [pid 5051] newfstatat(AT_FDCWD, "./130/binderfs", [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5861] set_robust_list(0x555556629660, 24 [pid 5050] close(3 [pid 5048] close(4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... close resumed>) = 0 [pid 5047] close(3 [pid 5048] rmdir("./131/file0" [pid 5861] <... set_robust_list resumed>) = 0 [pid 5051] unlink("./130/binderfs" [pid 5050] <... close resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5861] chdir("./134") = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5861] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5862 attached ) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5861] setpgid(0, 0./strace-static-x86_64: Process 5863 attached [pid 5862] set_robust_list(0x555556629660, 24 [pid 5861] <... setpgid resumed>) = 0 [pid 5051] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5863 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5862 [pid 5863] set_robust_list(0x555556629660, 24 [pid 5048] getdents64(3, [pid 5861] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5862] <... set_robust_list resumed>) = 0 [pid 5863] <... set_robust_list resumed>) = 0 [pid 5861] <... openat resumed>) = 3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5862] chdir("./135" [pid 5861] write(3, "1000", 4 [pid 5860] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... umount2 resumed>) = 0 [pid 5048] close(3 [pid 5861] <... write resumed>) = 4 [pid 5861] close(3 [pid 5051] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... close resumed>) = 0 [pid 5861] <... close resumed>) = 0 [pid 5862] <... chdir resumed>) = 0 [pid 5863] chdir("./132" [pid 5861] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] rmdir("./131" [pid 5862] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5863] <... chdir resumed>) = 0 [pid 5861] <... symlink resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./130/file0", [pid 5048] <... rmdir resumed>) = 0 [pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] mkdir("./132", 0777 [pid 5862] setpgid(0, 0 [pid 5051] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5863] <... prctl resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5862] <... setpgid resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5863] setpgid(0, 0 [pid 5051] <... openat resumed>) = 4 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5861] memfd_create("syzkaller", 0 [pid 5048] <... openat resumed>) = 3 [pid 5862] <... openat resumed>) = 3 [pid 5861] <... memfd_create resumed>) = 3 [pid 5051] newfstatat(4, "", [pid 5861] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5861] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5863] <... setpgid resumed>) = 0 [pid 5863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5864 [pid 5863] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 5864 attached [pid 5863] close(3 [pid 5864] set_robust_list(0x555556629660, 24 [pid 5863] <... close resumed>) = 0 [pid 5862] write(3, "1000", 4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5862] <... write resumed>) = 4 [pid 5051] getdents64(4, [pid 5862] close(3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5862] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5864] <... set_robust_list resumed>) = 0 [pid 5863] symlink("/dev/binderfs", "./binderfs" [pid 5862] symlink("/dev/binderfs", "./binderfs" [pid 5051] close(4 [pid 5864] chdir("./132" [pid 5862] <... symlink resumed>) = 0 [pid 5863] <... symlink resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./130/file0" [pid 5864] <... chdir resumed>) = 0 [pid 5863] memfd_create("syzkaller", 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5864] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5862] memfd_create("syzkaller", 0 [pid 5863] <... memfd_create resumed>) = 3 [pid 5051] getdents64(3, [pid 5864] <... prctl resumed>) = 0 [pid 5862] <... memfd_create resumed>) = 3 [pid 5863] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] setpgid(0, 0 [pid 5862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5863] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5864] <... setpgid resumed>) = 0 [pid 5862] <... mmap resumed>) = 0x7f3b887a1000 [pid 5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] close(3 [pid 5864] <... openat resumed>) = 3 [pid 5864] write(3, "1000", 4) = 4 [pid 5864] close(3) = 0 [pid 5864] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5051] <... close resumed>) = 0 [pid 5860] <... write resumed>) = 2097152 [pid 5051] rmdir("./130" [pid 5864] memfd_create("syzkaller", 0) = 3 [pid 5051] <... rmdir resumed>) = 0 [pid 5864] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] mkdir("./131", 0777 [pid 5864] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... mkdir resumed>) = 0 [pid 5860] munmap(0x7f3b887a1000, 138412032 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5862] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5861] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5860] <... munmap resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5863] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] close(3) = 0 [pid 5860] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5860] ioctl(4, LOOP_SET_FD, 3 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5865 ./strace-static-x86_64: Process 5865 attached [pid 5865] set_robust_list(0x555556629660, 24) = 0 [pid 5865] chdir("./131") = 0 [pid 5865] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] setpgid(0, 0) = 0 [pid 5865] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5860] <... ioctl resumed>) = 0 [pid 5865] <... openat resumed>) = 3 [pid 5862] <... write resumed>) = 2097152 [pid 5861] <... write resumed>) = 2097152 [pid 5860] close(3) = 0 [pid 5865] write(3, "1000", 4) = 4 [pid 5860] mkdir("./file0", 0777 [pid 5865] close(3) = 0 [pid 5865] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5861] munmap(0x7f3b887a1000, 138412032 [pid 5860] <... mkdir resumed>) = 0 [ 135.729590][ T5860] loop5: detected capacity change from 0 to 4096 [pid 5865] memfd_create("syzkaller", 0) = 3 [pid 5862] munmap(0x7f3b887a1000, 138412032 [pid 5860] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5861] <... munmap resumed>) = 0 [pid 5861] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5862] <... munmap resumed>) = 0 [pid 5863] <... write resumed>) = 2097152 [pid 5861] ioctl(4, LOOP_SET_FD, 3 [pid 5862] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5863] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5862] <... openat resumed>) = 4 [pid 5863] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5862] ioctl(4, LOOP_SET_FD, 3 [pid 5863] <... openat resumed>) = 4 [pid 5863] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... write resumed>) = 2097152 [pid 5861] <... ioctl resumed>) = 0 [pid 5861] close(3) = 0 [pid 5861] mkdir("./file0", 0777 [pid 5864] munmap(0x7f3b887a1000, 138412032 [pid 5861] <... mkdir resumed>) = 0 [ 135.788622][ T5860] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 135.806588][ T5861] loop2: detected capacity change from 0 to 4096 [ 135.819897][ T5862] loop0: detected capacity change from 0 to 4096 [ 135.827812][ T5863] loop3: detected capacity change from 0 to 4096 [pid 5861] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5865] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5864] <... munmap resumed>) = 0 [pid 5862] <... ioctl resumed>) = 0 [pid 5863] <... ioctl resumed>) = 0 [pid 5862] close(3 [pid 5863] close(3) = 0 [pid 5863] mkdir("./file0", 0777 [pid 5864] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5862] <... close resumed>) = 0 [pid 5864] <... openat resumed>) = 4 [pid 5862] mkdir("./file0", 0777 [pid 5863] <... mkdir resumed>) = 0 [pid 5864] ioctl(4, LOOP_SET_FD, 3 [pid 5862] <... mkdir resumed>) = 0 [pid 5863] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5860] <... mount resumed>) = 0 [pid 5864] <... ioctl resumed>) = 0 [pid 5862] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5860] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5864] close(3 [pid 5860] <... openat resumed>) = 3 [pid 5864] <... close resumed>) = 0 [pid 5860] chdir("./file0" [pid 5864] mkdir("./file0", 0777 [pid 5860] <... chdir resumed>) = 0 [pid 5860] ioctl(4, LOOP_CLR_FD) = 0 [ 135.840831][ T5861] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 135.862102][ T5864] loop1: detected capacity change from 0 to 4096 [pid 5860] close(4 [pid 5864] <... mkdir resumed>) = 0 [pid 5860] <... close resumed>) = 0 [pid 5860] exit_group(0 [pid 5864] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5860] <... exit_group resumed>) = ? [pid 5860] +++ exited with 0 +++ [pid 5865] <... write resumed>) = 2097152 [pid 5861] <... mount resumed>) = 0 [pid 5861] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5860, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5865] munmap(0x7f3b887a1000, 138412032 [pid 5052] umount2("./130", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5861] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5861] chdir("./file0" [pid 5052] openat(AT_FDCWD, "./130", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5862] <... mount resumed>) = 0 [pid 5861] <... chdir resumed>) = 0 [pid 5861] ioctl(4, LOOP_CLR_FD [pid 5052] <... openat resumed>) = 3 [pid 5861] <... ioctl resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5862] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5861] close(4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5861] <... close resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5865] <... munmap resumed>) = 0 [pid 5052] umount2("./130/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./130/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./130/binderfs" [ 135.886455][ T5862] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 135.886482][ T5863] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 135.907741][ T5864] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5861] exit_group(0 [pid 5052] <... unlink resumed>) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5862] <... openat resumed>) = 3 [pid 5861] <... exit_group resumed>) = ? [pid 5052] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5865] <... openat resumed>) = 4 [pid 5862] chdir("./file0" [pid 5865] ioctl(4, LOOP_SET_FD, 3 [pid 5862] <... chdir resumed>) = 0 [pid 5861] +++ exited with 0 +++ [pid 5862] ioctl(4, LOOP_CLR_FD) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5861, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5862] close(4 [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5862] <... close resumed>) = 0 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5862] exit_group(0) = ? [pid 5049] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", [pid 5862] +++ exited with 0 +++ [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5862, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./134/binderfs" [pid 5864] <... mount resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5047] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5864] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] <... openat resumed>) = 3 [pid 5863] <... mount resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5047] getdents64(3, [pid 5864] chdir("./file0" [pid 5863] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5864] <... chdir resumed>) = 0 [pid 5863] <... openat resumed>) = 3 [pid 5047] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5865] <... ioctl resumed>) = 0 [pid 5864] ioctl(4, LOOP_CLR_FD [pid 5863] chdir("./file0" [pid 5049] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5864] <... ioctl resumed>) = 0 [pid 5863] <... chdir resumed>) = 0 [pid 5864] close(4 [pid 5863] ioctl(4, LOOP_CLR_FD [pid 5865] close(3 [pid 5864] <... close resumed>) = 0 [pid 5863] <... ioctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] <... close resumed>) = 0 [pid 5863] close(4 [pid 5049] newfstatat(AT_FDCWD, "./134/file0", [pid 5865] mkdir("./file0", 0777 [pid 5864] exit_group(0 [pid 5863] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] newfstatat(AT_FDCWD, "./135/binderfs", [pid 5865] <... mkdir resumed>) = 0 [pid 5864] <... exit_group resumed>) = ? [pid 5863] exit_group(0 [pid 5049] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 135.957568][ T5865] loop4: detected capacity change from 0 to 4096 [pid 5865] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5863] <... exit_group resumed>) = ? [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] +++ exited with 0 +++ [pid 5049] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] unlink("./135/binderfs" [pid 5049] <... openat resumed>) = 4 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5864, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5047] <... unlink resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5048] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5863] +++ exited with 0 +++ [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5863, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5049] getdents64(4, [pid 5048] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... openat resumed>) = 3 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] getdents64(4, [pid 5048] newfstatat(3, "", [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] close(4 [pid 5048] getdents64(3, [pid 5050] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] rmdir("./134/file0" [pid 5050] <... openat resumed>) = 3 [pid 5048] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(3, "", [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5048] newfstatat(AT_FDCWD, "./132/binderfs", [pid 5050] getdents64(3, [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] close(3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... close resumed>) = 0 [pid 5048] unlink("./132/binderfs" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] rmdir("./134" [pid 5048] <... unlink resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./132/binderfs", [pid 5049] <... rmdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... umount2 resumed>) = 0 [pid 5050] unlink("./132/binderfs" [pid 5049] mkdir("./135", 0777 [pid 5050] <... unlink resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5050] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5866 ./strace-static-x86_64: Process 5866 attached [pid 5866] set_robust_list(0x555556629660, 24 [pid 5052] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5866] <... set_robust_list resumed>) = 0 [pid 5866] chdir("./135" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 135.998863][ T5865] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5866] <... chdir resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./130/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5866] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5052] umount2("./130/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5866] setpgid(0, 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5866] <... setpgid resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./130/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... openat resumed>) = 4 [pid 5052] newfstatat(4, "", [pid 5866] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, [pid 5865] <... mount resumed>) = 0 [pid 5866] write(3, "1000", 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5866] <... write resumed>) = 4 [pid 5052] getdents64(4, [pid 5866] close(3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5866] <... close resumed>) = 0 [pid 5052] close(4 [pid 5866] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... close resumed>) = 0 [pid 5866] <... symlink resumed>) = 0 [pid 5052] rmdir("./130/file0") = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5865] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] close(3 [pid 5865] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./130" [pid 5866] memfd_create("syzkaller", 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5052] mkdir("./131", 0777 [pid 5866] <... memfd_create resumed>) = 3 [pid 5865] chdir("./file0" [pid 5052] <... mkdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5865] <... chdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5865] ioctl(4, LOOP_CLR_FD [pid 5052] <... openat resumed>) = 3 [pid 5866] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5865] close(4 [pid 5866] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5865] <... close resumed>) = 0 [pid 5865] exit_group(0 [pid 5052] close(3 [pid 5050] <... umount2 resumed>) = 0 [pid 5865] <... exit_group resumed>) = ? [pid 5052] <... close resumed>) = 0 [pid 5047] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./135/file0", [pid 5865] +++ exited with 0 +++ [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5865, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5047] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... openat resumed>) = 4 [pid 5051] <... openat resumed>) = 3 [pid 5047] newfstatat(4, "", [pid 5051] newfstatat(3, "", [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5867 attached [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5867 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] getdents64(4, [pid 5867] set_robust_list(0x555556629660, 24 [pid 5051] getdents64(3, [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5867] <... set_robust_list resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(4, [pid 5867] chdir("./131" [pid 5051] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5867] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(4 [pid 5867] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] newfstatat(AT_FDCWD, "./131/binderfs", [pid 5050] newfstatat(AT_FDCWD, "./132/file0", [pid 5047] <... close resumed>) = 0 [pid 5867] <... prctl resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] rmdir("./135/file0" [pid 5867] setpgid(0, 0 [pid 5051] unlink("./131/binderfs" [pid 5050] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... rmdir resumed>) = 0 [pid 5867] <... setpgid resumed>) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(3, [pid 5050] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5867] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(3 [pid 5048] newfstatat(AT_FDCWD, "./132/file0", [pid 5867] write(3, "1000", 4 [pid 5050] newfstatat(4, "", [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... close resumed>) = 0 [pid 5867] <... write resumed>) = 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] rmdir("./135" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", [pid 5047] <... rmdir resumed>) = 0 [pid 5050] getdents64(4, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5867] close(3 [pid 5048] close(4 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5867] <... close resumed>) = 0 [pid 5867] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./132/file0" [pid 5867] <... symlink resumed>) = 0 [pid 5050] getdents64(4, [pid 5048] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(3, [pid 5047] mkdir("./136", 0777 [pid 5867] memfd_create("syzkaller", 0 [pid 5050] close(4 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./132/file0") = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5050] getdents64(3, [pid 5047] <... openat resumed>) = 3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5050] close(3 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5867] <... memfd_create resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./132" [pid 5047] close(3) = 0 [pid 5050] rmdir("./132") = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] mkdir("./133", 0777 [pid 5867] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] mkdir("./133", 0777 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... mkdir resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5867] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5868 ./strace-static-x86_64: Process 5868 attached [pid 5050] <... openat resumed>) = 3 [pid 5868] set_robust_list(0x555556629660, 24 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5868] <... set_robust_list resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5868] chdir("./136" [pid 5050] close(3 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... openat resumed>) = 3 [pid 5868] <... chdir resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5868] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5868] <... prctl resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5868] setpgid(0, 0 [pid 5866] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... umount2 resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5869 [pid 5868] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5870 attached [pid 5870] set_robust_list(0x555556629660, 24 [pid 5868] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5870] <... set_robust_list resumed>) = 0 [pid 5051] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5870] chdir("./133" [pid 5868] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./131/file0", [pid 5870] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5869 attached [pid 5870] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5868] write(3, "1000", 4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5870] <... prctl resumed>) = 0 [pid 5051] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5870 [pid 5870] setpgid(0, 0 [pid 5869] set_robust_list(0x555556629660, 24 [pid 5868] <... write resumed>) = 4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5870] <... setpgid resumed>) = 0 [pid 5868] close(3 [pid 5051] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5870] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5868] <... close resumed>) = 0 [pid 5870] <... openat resumed>) = 3 [pid 5869] <... set_robust_list resumed>) = 0 [pid 5868] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... openat resumed>) = 4 [pid 5870] write(3, "1000", 4 [pid 5869] chdir("./133" [pid 5868] <... symlink resumed>) = 0 [pid 5870] <... write resumed>) = 4 [pid 5869] <... chdir resumed>) = 0 [pid 5868] memfd_create("syzkaller", 0 [pid 5051] newfstatat(4, "", [pid 5870] close(3 [pid 5869] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5870] <... close resumed>) = 0 [pid 5869] <... prctl resumed>) = 0 [pid 5051] getdents64(4, [pid 5870] symlink("/dev/binderfs", "./binderfs" [pid 5868] <... memfd_create resumed>) = 3 [pid 5869] setpgid(0, 0 [pid 5868] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5870] <... symlink resumed>) = 0 [pid 5869] <... setpgid resumed>) = 0 [pid 5868] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] getdents64(4, [pid 5869] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5870] memfd_create("syzkaller", 0 [pid 5869] <... openat resumed>) = 3 [pid 5051] close(4 [pid 5869] write(3, "1000", 4 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./131/file0" [pid 5869] <... write resumed>) = 4 [pid 5869] close(3) = 0 [pid 5869] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5869] memfd_create("syzkaller", 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5869] <... memfd_create resumed>) = 3 [pid 5051] close(3 [pid 5869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5870] <... memfd_create resumed>) = 3 [pid 5051] <... close resumed>) = 0 [pid 5869] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] rmdir("./131" [pid 5870] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5867] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] mkdir("./132", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5866] <... write resumed>) = 2097152 [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5868] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5866] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5871 ./strace-static-x86_64: Process 5871 attached [pid 5871] set_robust_list(0x555556629660, 24 [pid 5866] <... munmap resumed>) = 0 [pid 5871] <... set_robust_list resumed>) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5871] chdir("./132" [pid 5866] <... openat resumed>) = 4 [pid 5871] <... chdir resumed>) = 0 [pid 5866] ioctl(4, LOOP_SET_FD, 3 [pid 5871] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5871] setpgid(0, 0 [pid 5869] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5871] <... setpgid resumed>) = 0 [pid 5871] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5871] write(3, "1000", 4) = 4 [pid 5871] close(3) = 0 [pid 5871] symlink("/dev/binderfs", "./binderfs" [pid 5870] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5866] <... ioctl resumed>) = 0 [pid 5871] <... symlink resumed>) = 0 [pid 5871] memfd_create("syzkaller", 0) = 3 [pid 5871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5866] close(3) = 0 [pid 5866] mkdir("./file0", 0777 [pid 5867] <... write resumed>) = 2097152 [pid 5866] <... mkdir resumed>) = 0 [ 136.326085][ T5866] loop2: detected capacity change from 0 to 4096 [pid 5866] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5870] <... write resumed>) = 2097152 [pid 5867] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5870] munmap(0x7f3b887a1000, 138412032 [pid 5867] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5867] ioctl(4, LOOP_SET_FD, 3 [pid 5870] <... munmap resumed>) = 0 [pid 5870] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5870] ioctl(4, LOOP_SET_FD, 3 [pid 5868] <... write resumed>) = 2097152 [pid 5867] <... ioctl resumed>) = 0 [pid 5867] close(3) = 0 [pid 5867] mkdir("./file0", 0777) = 0 [ 136.381167][ T5866] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 136.394596][ T5867] loop5: detected capacity change from 0 to 4096 [ 136.411442][ T5870] loop1: detected capacity change from 0 to 4096 [pid 5867] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5869] <... write resumed>) = 2097152 [pid 5868] munmap(0x7f3b887a1000, 138412032 [pid 5866] <... mount resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5866] chdir("./file0") = 0 [pid 5866] ioctl(4, LOOP_CLR_FD) = 0 [pid 5866] close(4) = 0 [pid 5866] exit_group(0) = ? [pid 5866] +++ exited with 0 +++ [pid 5870] <... ioctl resumed>) = 0 [pid 5870] close(3) = 0 [pid 5870] mkdir("./file0", 0777) = 0 [pid 5869] munmap(0x7f3b887a1000, 138412032 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5866, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5049] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5870] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5869] <... munmap resumed>) = 0 [pid 5868] <... munmap resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", [pid 5868] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5871] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5869] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5868] <... openat resumed>) = 4 [pid 5049] getdents64(3, [pid 5869] <... openat resumed>) = 4 [pid 5868] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5869] ioctl(4, LOOP_SET_FD, 3 [pid 5049] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5869] <... ioctl resumed>) = 0 [pid 5868] <... ioctl resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./135/binderfs", [pid 5869] close(3 [pid 5868] close(3 [pid 5869] <... close resumed>) = 0 [pid 5868] <... close resumed>) = 0 [pid 5869] mkdir("./file0", 0777 [pid 5868] mkdir("./file0", 0777 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./135/binderfs" [pid 5868] <... mkdir resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5869] <... mkdir resumed>) = 0 [pid 5868] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [ 136.424432][ T5867] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 136.446274][ T5870] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 136.458913][ T5868] loop0: detected capacity change from 0 to 4096 [ 136.466213][ T5869] loop3: detected capacity change from 0 to 4096 [pid 5869] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] <... umount2 resumed>) = 0 [pid 5867] <... mount resumed>) = 0 [pid 5049] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5867] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5867] <... openat resumed>) = 3 [pid 5049] newfstatat(AT_FDCWD, "./135/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] chdir("./file0" [pid 5049] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5867] <... chdir resumed>) = 0 [pid 5867] ioctl(4, LOOP_CLR_FD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5867] <... ioctl resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5867] close(4 [pid 5049] newfstatat(4, "", [pid 5867] <... close resumed>) = 0 [pid 5867] exit_group(0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] <... exit_group resumed>) = ? [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5870] <... mount resumed>) = 0 [pid 5870] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] getdents64(4, [pid 5870] <... openat resumed>) = 3 [pid 5867] +++ exited with 0 +++ [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5871] <... write resumed>) = 2097152 [pid 5870] chdir("./file0" [pid 5049] close(4 [pid 5871] munmap(0x7f3b887a1000, 138412032 [pid 5870] <... chdir resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5867, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5049] <... close resumed>) = 0 [pid 5870] ioctl(4, LOOP_CLR_FD [pid 5052] umount2("./131", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5870] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5870] close(4 [pid 5052] openat(AT_FDCWD, "./131", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] rmdir("./135/file0" [pid 5870] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5049] <... rmdir resumed>) = 0 [pid 5870] exit_group(0 [pid 5052] newfstatat(3, "", [ 136.497066][ T5868] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 136.507504][ T5869] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5870] <... exit_group resumed>) = ? [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5870] +++ exited with 0 +++ [pid 5049] getdents64(3, [pid 5052] getdents64(3, [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5870, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] umount2("./131/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] close(3 [pid 5871] <... munmap resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... close resumed>) = 0 [pid 5871] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] newfstatat(AT_FDCWD, "./131/binderfs", [pid 5871] <... openat resumed>) = 4 [pid 5049] rmdir("./135" [pid 5871] ioctl(4, LOOP_SET_FD, 3 [pid 5869] <... mount resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5049] mkdir("./136", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5872 ./strace-static-x86_64: Process 5872 attached [pid 5872] set_robust_list(0x555556629660, 24) = 0 [pid 5872] chdir("./136") = 0 [pid 5872] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5872] setpgid(0, 0) = 0 [pid 5872] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5869] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] unlink("./131/binderfs" [pid 5048] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5872] write(3, "1000", 4 [pid 5871] <... ioctl resumed>) = 0 [pid 5869] <... openat resumed>) = 3 [pid 5052] <... unlink resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5872] <... write resumed>) = 4 [pid 5871] close(3 [pid 5869] chdir("./file0" [pid 5052] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5872] close(3 [pid 5871] <... close resumed>) = 0 [pid 5869] <... chdir resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5872] <... close resumed>) = 0 [pid 5871] mkdir("./file0", 0777 [pid 5869] ioctl(4, LOOP_CLR_FD [pid 5048] newfstatat(3, "", [pid 5872] symlink("/dev/binderfs", "./binderfs" [pid 5871] <... mkdir resumed>) = 0 [pid 5869] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5872] <... symlink resumed>) = 0 [pid 5048] getdents64(3, [pid 5869] close(4 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5872] memfd_create("syzkaller", 0 [pid 5871] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5869] <... close resumed>) = 0 [pid 5868] <... mount resumed>) = 0 [pid 5052] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(AT_FDCWD, "./133/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5869] exit_group(0) = ? [pid 5868] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] unlink("./133/binderfs" [pid 5869] +++ exited with 0 +++ [pid 5868] <... openat resumed>) = 3 [pid 5052] newfstatat(AT_FDCWD, "./131/file0", [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5869, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5048] <... unlink resumed>) = 0 [pid 5872] <... memfd_create resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5048] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5872] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] umount2("./131/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... restart_syscall resumed>) = 0 [pid 5872] <... mmap resumed>) = 0x7f3b887a1000 [pid 5868] chdir("./file0" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = 0 [pid 5868] <... chdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./131/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] ioctl(4, LOOP_CLR_FD [pid 5052] <... openat resumed>) = 4 [pid 5050] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] newfstatat(4, "", [pid 5868] <... ioctl resumed>) = 0 [pid 5868] close(4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] <... close resumed>) = 0 [pid 5052] getdents64(4, [pid 5050] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] newfstatat(3, "", [pid 5868] exit_group(0 [pid 5052] getdents64(4, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5868] <... exit_group resumed>) = ? [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(3, [pid 5048] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] close(4 [ 136.567403][ T5871] loop4: detected capacity change from 0 to 4096 [ 136.604891][ T5871] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5050] newfstatat(AT_FDCWD, "./133/binderfs", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(AT_FDCWD, "./133/file0", [pid 5052] rmdir("./131/file0" [pid 5050] unlink("./133/binderfs" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5048] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5868] +++ exited with 0 +++ [pid 5052] getdents64(3, [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5868, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5047] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./136/binderfs" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5047] <... unlink resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5052] close(3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5048] getdents64(4, [pid 5052] rmdir("./131") = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] mkdir("./132", 0777 [pid 5048] getdents64(4, [pid 5052] <... mkdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5048] close(4 [pid 5052] <... openat resumed>) = 3 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./133/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./133") = 0 [pid 5048] mkdir("./134", 0777 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] <... umount2 resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5871] <... mount resumed>) = 0 [pid 5052] close(3 [pid 5050] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5871] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5871] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5871] chdir("./file0" [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5871] <... chdir resumed>) = 0 [pid 5048] close(3 [pid 5871] ioctl(4, LOOP_CLR_FD [pid 5048] <... close resumed>) = 0 [pid 5871] <... ioctl resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5871] close(4) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5873 [pid 5871] exit_group(0) = ? [pid 5871] +++ exited with 0 +++ [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5873 attached [pid 5052] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./133/file0", [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5871, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5873] set_robust_list(0x555556629660, 24 [pid 5051] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5873] <... set_robust_list resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5873] chdir("./134" [pid 5051] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5873] <... chdir resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5873] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5874 [pid 5051] newfstatat(3, "", [pid 5873] <... prctl resumed>) = 0 [pid 5050] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5874 attached [pid 5873] setpgid(0, 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] newfstatat(4, "", [pid 5873] <... setpgid resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] getdents64(3, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5874] set_robust_list(0x555556629660, 24 [pid 5873] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] getdents64(4, [pid 5874] <... set_robust_list resumed>) = 0 [pid 5873] write(3, "1000", 4 [pid 5872] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5874] chdir("./132" [pid 5873] <... write resumed>) = 4 [pid 5050] getdents64(4, [pid 5047] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] newfstatat(AT_FDCWD, "./132/binderfs", [pid 5050] close(4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./133/file0" [pid 5051] unlink("./132/binderfs" [pid 5873] close(3 [pid 5050] <... rmdir resumed>) = 0 [pid 5873] <... close resumed>) = 0 [pid 5873] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... unlink resumed>) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] close(3) = 0 [pid 5050] rmdir("./133" [pid 5873] <... symlink resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] mkdir("./134", 0777 [pid 5874] <... chdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./136/file0", [pid 5874] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... mkdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5874] <... prctl resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5874] setpgid(0, 0 [pid 5050] <... openat resumed>) = 3 [pid 5874] <... setpgid resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5874] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] close(3 [pid 5047] <... openat resumed>) = 4 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5875 attached [pid 5047] getdents64(4, [pid 5874] <... openat resumed>) = 3 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5875 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5875] set_robust_list(0x555556629660, 24 [pid 5874] write(3, "1000", 4 [pid 5047] getdents64(4, [pid 5875] <... set_robust_list resumed>) = 0 [pid 5874] <... write resumed>) = 4 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5875] chdir("./134" [pid 5874] close(3 [pid 5873] memfd_create("syzkaller", 0 [pid 5047] close(4 [pid 5875] <... chdir resumed>) = 0 [pid 5874] <... close resumed>) = 0 [pid 5873] <... memfd_create resumed>) = 3 [pid 5047] <... close resumed>) = 0 [pid 5875] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5874] symlink("/dev/binderfs", "./binderfs" [pid 5873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5874] <... symlink resumed>) = 0 [pid 5875] <... prctl resumed>) = 0 [pid 5873] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] rmdir("./136/file0") = 0 [pid 5047] getdents64(3, [pid 5875] setpgid(0, 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./136") = 0 [pid 5047] mkdir("./137", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5875] <... setpgid resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5874] memfd_create("syzkaller", 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5874] <... memfd_create resumed>) = 3 [pid 5875] <... openat resumed>) = 3 [pid 5874] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] close(3 [pid 5875] write(3, "1000", 4) = 4 [pid 5874] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] <... close resumed>) = 0 [pid 5875] close(3 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5876 attached [pid 5876] set_robust_list(0x555556629660, 24) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5876 [pid 5876] chdir("./137" [pid 5875] <... close resumed>) = 0 [pid 5876] <... chdir resumed>) = 0 [pid 5875] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... umount2 resumed>) = 0 [pid 5876] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5875] <... symlink resumed>) = 0 [pid 5051] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5876] <... prctl resumed>) = 0 [pid 5872] <... write resumed>) = 2097152 [pid 5876] setpgid(0, 0 [pid 5875] memfd_create("syzkaller", 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5876] <... setpgid resumed>) = 0 [pid 5875] <... memfd_create resumed>) = 3 [pid 5051] newfstatat(AT_FDCWD, "./132/file0", [pid 5876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5875] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5876] <... openat resumed>) = 3 [pid 5875] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5876] write(3, "1000", 4) = 4 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5876] close(3) = 0 [pid 5876] symlink("/dev/binderfs", "./binderfs" [pid 5872] munmap(0x7f3b887a1000, 138412032 [pid 5051] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5876] <... symlink resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", [pid 5872] <... munmap resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5876] memfd_create("syzkaller", 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5876] <... memfd_create resumed>) = 3 [pid 5876] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5872] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5872] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./132/file0") = 0 [pid 5051] getdents64(3, [pid 5873] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3 [pid 5872] close(3) = 0 [pid 5872] mkdir("./file0", 0777) = 0 [ 136.834184][ T5872] loop2: detected capacity change from 0 to 4096 [pid 5872] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5051] <... close resumed>) = 0 [pid 5874] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] rmdir("./132") = 0 [pid 5051] mkdir("./133", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5876] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 136.880276][ T5872] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5875] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 5877 attached [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5877 [pid 5877] set_robust_list(0x555556629660, 24) = 0 [pid 5877] chdir("./133" [pid 5873] <... write resumed>) = 2097152 [pid 5877] <... chdir resumed>) = 0 [pid 5872] <... mount resumed>) = 0 [pid 5877] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5872] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5877] <... prctl resumed>) = 0 [pid 5877] setpgid(0, 0 [pid 5872] <... openat resumed>) = 3 [pid 5872] chdir("./file0") = 0 [pid 5872] ioctl(4, LOOP_CLR_FD) = 0 [pid 5872] close(4 [pid 5877] <... setpgid resumed>) = 0 [pid 5872] <... close resumed>) = 0 [pid 5872] exit_group(0) = ? [pid 5873] munmap(0x7f3b887a1000, 138412032 [pid 5872] +++ exited with 0 +++ [pid 5877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5874] <... write resumed>) = 2097152 [pid 5877] <... openat resumed>) = 3 [pid 5877] write(3, "1000", 4) = 4 [pid 5874] munmap(0x7f3b887a1000, 138412032 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5872, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5877] close(3) = 0 [pid 5873] <... munmap resumed>) = 0 [pid 5049] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5877] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5873] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5873] <... openat resumed>) = 4 [pid 5049] newfstatat(AT_FDCWD, "./136/binderfs", [pid 5873] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5877] <... symlink resumed>) = 0 [pid 5875] <... write resumed>) = 2097152 [pid 5874] <... munmap resumed>) = 0 [pid 5049] unlink("./136/binderfs" [pid 5875] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5877] memfd_create("syzkaller", 0 [pid 5875] <... munmap resumed>) = 0 [pid 5875] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5874] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5875] <... openat resumed>) = 4 [pid 5874] ioctl(4, LOOP_SET_FD, 3 [pid 5875] ioctl(4, LOOP_SET_FD, 3 [pid 5876] <... write resumed>) = 2097152 [pid 5873] <... ioctl resumed>) = 0 [pid 5873] close(3) = 0 [pid 5873] mkdir("./file0", 0777) = 0 [pid 5877] <... memfd_create resumed>) = 3 [ 137.021879][ T5873] loop1: detected capacity change from 0 to 4096 [ 137.041065][ T5874] loop5: detected capacity change from 0 to 4096 [ 137.051018][ T5875] loop3: detected capacity change from 0 to 4096 [pid 5873] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5875] <... ioctl resumed>) = 0 [pid 5874] <... ioctl resumed>) = 0 [pid 5874] close(3 [pid 5875] close(3 [pid 5877] <... mmap resumed>) = 0x7f3b887a1000 [pid 5875] <... close resumed>) = 0 [pid 5874] <... close resumed>) = 0 [pid 5875] mkdir("./file0", 0777 [pid 5874] mkdir("./file0", 0777 [pid 5049] <... umount2 resumed>) = 0 [pid 5876] munmap(0x7f3b887a1000, 138412032 [pid 5874] <... mkdir resumed>) = 0 [pid 5874] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5876] <... munmap resumed>) = 0 [pid 5875] <... mkdir resumed>) = 0 [pid 5049] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./136/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5876] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5876] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./136/file0") = 0 [pid 5876] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5875] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./136") = 0 [pid 5049] mkdir("./137", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5878 attached [pid 5878] set_robust_list(0x555556629660, 24) = 0 [pid 5878] chdir("./137" [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5878 [pid 5878] <... chdir resumed>) = 0 [pid 5878] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5876] close(3 [pid 5878] <... prctl resumed>) = 0 [pid 5876] <... close resumed>) = 0 [pid 5878] setpgid(0, 0 [pid 5876] mkdir("./file0", 0777 [pid 5878] <... setpgid resumed>) = 0 [pid 5876] <... mkdir resumed>) = 0 [pid 5878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5873] <... mount resumed>) = 0 [pid 5876] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5878] write(3, "1000", 4) = 4 [ 137.064627][ T5873] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 137.085751][ T5874] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 137.093745][ T5876] loop0: detected capacity change from 0 to 4096 [ 137.105633][ T5875] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5878] close(3 [pid 5873] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5878] <... close resumed>) = 0 [pid 5873] <... openat resumed>) = 3 [pid 5878] symlink("/dev/binderfs", "./binderfs" [pid 5877] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5873] chdir("./file0" [pid 5878] <... symlink resumed>) = 0 [pid 5873] <... chdir resumed>) = 0 [pid 5873] ioctl(4, LOOP_CLR_FD [pid 5878] memfd_create("syzkaller", 0 [pid 5874] <... mount resumed>) = 0 [pid 5873] <... ioctl resumed>) = 0 [pid 5874] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5874] chdir("./file0" [pid 5873] close(4 [pid 5874] <... chdir resumed>) = 0 [pid 5873] <... close resumed>) = 0 [pid 5874] ioctl(4, LOOP_CLR_FD) = 0 [pid 5874] close(4 [ 137.144452][ T5876] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5878] <... memfd_create resumed>) = 3 [pid 5876] <... mount resumed>) = 0 [pid 5873] exit_group(0 [pid 5874] <... close resumed>) = 0 [pid 5877] <... write resumed>) = 2097152 [pid 5876] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5875] <... mount resumed>) = 0 [pid 5873] <... exit_group resumed>) = ? [pid 5874] exit_group(0 [pid 5876] <... openat resumed>) = 3 [pid 5878] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5877] munmap(0x7f3b887a1000, 138412032 [pid 5875] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5874] <... exit_group resumed>) = ? [pid 5873] +++ exited with 0 +++ [pid 5878] <... mmap resumed>) = 0x7f3b887a1000 [pid 5877] <... munmap resumed>) = 0 [pid 5876] chdir("./file0" [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5873, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5876] <... chdir resumed>) = 0 [pid 5875] <... openat resumed>) = 3 [pid 5874] +++ exited with 0 +++ [pid 5876] ioctl(4, LOOP_CLR_FD [pid 5875] chdir("./file0" [pid 5876] <... ioctl resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5874, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5876] close(4 [pid 5875] <... chdir resumed>) = 0 [pid 5052] umount2("./132", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5876] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./132", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5876] exit_group(0 [pid 5052] <... openat resumed>) = 3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5876] <... exit_group resumed>) = ? [pid 5052] newfstatat(3, "", [pid 5048] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5877] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5876] +++ exited with 0 +++ [pid 5875] ioctl(4, LOOP_CLR_FD [pid 5052] getdents64(3, [pid 5048] newfstatat(3, "", [pid 5875] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5876, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5875] close(4 [pid 5052] umount2("./132/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5877] <... openat resumed>) = 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5877] ioctl(4, LOOP_SET_FD, 3 [pid 5048] getdents64(3, [pid 5875] <... close resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./132/binderfs", [pid 5875] exit_group(0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5875] <... exit_group resumed>) = ? [pid 5052] unlink("./132/binderfs" [pid 5048] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... unlink resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(AT_FDCWD, "./134/binderfs", [pid 5047] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] unlink("./134/binderfs" [pid 5047] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... unlink resumed>) = 0 [pid 5875] +++ exited with 0 +++ [pid 5047] <... openat resumed>) = 3 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5875, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5048] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(3, "", [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5047] getdents64(3, [pid 5877] <... ioctl resumed>) = 0 [pid 5050] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5877] close(3 [pid 5047] newfstatat(AT_FDCWD, "./137/binderfs", [pid 5877] <... close resumed>) = 0 [pid 5877] mkdir("./file0", 0777 [pid 5050] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] newfstatat(3, "", [pid 5047] unlink("./137/binderfs" [pid 5877] <... mkdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5878] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5877] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5050] getdents64(3, [pid 5047] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 137.245864][ T5877] loop4: detected capacity change from 0 to 4096 [pid 5050] newfstatat(AT_FDCWD, "./134/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./134/binderfs") = 0 [pid 5050] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = 0 [pid 5047] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./137/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./137") = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] mkdir("./138", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5052] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(3 [pid 5052] newfstatat(AT_FDCWD, "./132/file0", [pid 5047] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] umount2("./132/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./134/file0", [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5879 ./strace-static-x86_64: Process 5879 attached [pid 5052] openat(AT_FDCWD, "./132/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5879] set_robust_list(0x555556629660, 24 [pid 5052] <... openat resumed>) = 4 [pid 5048] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5879] <... set_robust_list resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5879] chdir("./138" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5879] <... chdir resumed>) = 0 [pid 5052] getdents64(4, [pid 5048] <... openat resumed>) = 4 [ 137.294716][ T5877] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5879] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] newfstatat(4, "", [pid 5879] <... prctl resumed>) = 0 [pid 5052] getdents64(4, [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5879] setpgid(0, 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(4, [pid 5879] <... setpgid resumed>) = 0 [pid 5052] close(4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... close resumed>) = 0 [pid 5048] getdents64(4, [pid 5879] <... openat resumed>) = 3 [pid 5052] rmdir("./132/file0" [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5879] write(3, "1000", 4 [pid 5052] <... rmdir resumed>) = 0 [pid 5048] close(4 [pid 5879] <... write resumed>) = 4 [pid 5052] getdents64(3, [pid 5048] <... close resumed>) = 0 [pid 5879] close(3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] rmdir("./134/file0" [pid 5879] <... close resumed>) = 0 [pid 5052] close(3 [pid 5048] <... rmdir resumed>) = 0 [pid 5879] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... close resumed>) = 0 [pid 5879] <... symlink resumed>) = 0 [pid 5052] rmdir("./132" [pid 5048] getdents64(3, [pid 5052] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./134" [pid 5052] mkdir("./133", 0777 [pid 5048] <... rmdir resumed>) = 0 [pid 5879] memfd_create("syzkaller", 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5048] mkdir("./135", 0777 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5048] <... mkdir resumed>) = 0 [pid 5879] <... memfd_create resumed>) = 3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5879] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] close(3 [pid 5879] <... mmap resumed>) = 0x7f3b887a1000 [pid 5877] <... mount resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5877] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5877] <... openat resumed>) = 3 [pid 5050] newfstatat(AT_FDCWD, "./134/file0", [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5877] chdir("./file0" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5877] <... chdir resumed>) = 0 [pid 5050] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5877] ioctl(4, LOOP_CLR_FD [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5877] <... ioctl resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5050] <... openat resumed>) = 4 [pid 5877] close(4 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5878] <... write resumed>) = 2097152 [pid 5877] <... close resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] newfstatat(4, "", [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5880 [pid 5877] exit_group(0./strace-static-x86_64: Process 5880 attached [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5881 ./strace-static-x86_64: Process 5881 attached [pid 5880] set_robust_list(0x555556629660, 24 [pid 5877] <... exit_group resumed>) = ? [pid 5050] getdents64(4, [pid 5880] <... set_robust_list resumed>) = 0 [pid 5880] chdir("./135") = 0 [pid 5880] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5877] +++ exited with 0 +++ [pid 5881] set_robust_list(0x555556629660, 24 [pid 5880] <... prctl resumed>) = 0 [pid 5878] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5881] <... set_robust_list resumed>) = 0 [pid 5880] setpgid(0, 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5877, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5880] <... setpgid resumed>) = 0 [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5880] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... restart_syscall resumed>) = 0 [pid 5050] getdents64(4, [pid 5881] chdir("./133" [pid 5880] <... openat resumed>) = 3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5881] <... chdir resumed>) = 0 [pid 5880] write(3, "1000", 4 [pid 5051] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5878] <... munmap resumed>) = 0 [pid 5881] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5878] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] close(4 [pid 5881] <... prctl resumed>) = 0 [pid 5880] <... write resumed>) = 4 [pid 5878] <... openat resumed>) = 4 [pid 5881] setpgid(0, 0 [pid 5050] <... close resumed>) = 0 [pid 5881] <... setpgid resumed>) = 0 [pid 5878] ioctl(4, LOOP_SET_FD, 3 [pid 5050] rmdir("./134/file0" [pid 5880] close(3 [pid 5051] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5880] <... close resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5880] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5051] newfstatat(3, "", [pid 5880] memfd_create("syzkaller", 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5880] <... memfd_create resumed>) = 3 [pid 5051] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... rmdir resumed>) = 0 [pid 5880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5880] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] newfstatat(AT_FDCWD, "./133/binderfs", [pid 5050] getdents64(3, [pid 5881] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5881] write(3, "1000", 4 [pid 5051] unlink("./133/binderfs" [pid 5050] close(3 [pid 5881] <... write resumed>) = 4 [pid 5051] <... unlink resumed>) = 0 [pid 5881] close(3 [pid 5051] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... close resumed>) = 0 [pid 5881] <... close resumed>) = 0 [pid 5050] rmdir("./134" [pid 5881] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5881] memfd_create("syzkaller", 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5878] <... ioctl resumed>) = 0 [pid 5050] mkdir("./135", 0777 [pid 5881] <... memfd_create resumed>) = 3 [pid 5879] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5878] close(3 [pid 5050] <... mkdir resumed>) = 0 [pid 5881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5878] <... close resumed>) = 0 [pid 5881] <... mmap resumed>) = 0x7f3b887a1000 [pid 5878] mkdir("./file0", 0777 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5878] <... mkdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [ 137.443340][ T5878] loop2: detected capacity change from 0 to 4096 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5878] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5050] close(3 [pid 5051] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./133/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5880] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 5882 attached [pid 5051] getdents64(4, [pid 5882] set_robust_list(0x555556629660, 24 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5882] <... set_robust_list resumed>) = 0 [pid 5051] close(4 [pid 5882] chdir("./135") = 0 [pid 5051] <... close resumed>) = 0 [pid 5882] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] rmdir("./133/file0" [pid 5882] <... prctl resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5882] setpgid(0, 0 [pid 5051] getdents64(3, [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5882 [pid 5882] <... setpgid resumed>) = 0 [pid 5882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5882] <... openat resumed>) = 3 [pid 5879] <... write resumed>) = 2097152 [pid 5882] write(3, "1000", 4) = 4 [pid 5882] close(3) = 0 [pid 5882] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5882] memfd_create("syzkaller", 0 [pid 5051] close(3) = 0 [ 137.514958][ T5878] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5051] rmdir("./133") = 0 [pid 5882] <... memfd_create resumed>) = 3 [pid 5051] mkdir("./134", 0777 [pid 5882] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5882] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5883 ./strace-static-x86_64: Process 5883 attached [pid 5879] munmap(0x7f3b887a1000, 138412032 [pid 5878] <... mount resumed>) = 0 [pid 5880] <... write resumed>) = 2097152 [pid 5883] set_robust_list(0x555556629660, 24 [pid 5881] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5880] munmap(0x7f3b887a1000, 138412032 [pid 5879] <... munmap resumed>) = 0 [pid 5878] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5883] <... set_robust_list resumed>) = 0 [pid 5880] <... munmap resumed>) = 0 [pid 5878] <... openat resumed>) = 3 [pid 5883] chdir("./134" [pid 5880] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5878] chdir("./file0" [pid 5883] <... chdir resumed>) = 0 [pid 5880] <... openat resumed>) = 4 [pid 5879] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5878] <... chdir resumed>) = 0 [pid 5883] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5880] ioctl(4, LOOP_SET_FD, 3 [pid 5879] <... openat resumed>) = 4 [pid 5878] ioctl(4, LOOP_CLR_FD [pid 5883] <... prctl resumed>) = 0 [pid 5879] ioctl(4, LOOP_SET_FD, 3 [pid 5878] <... ioctl resumed>) = 0 [pid 5883] setpgid(0, 0 [pid 5878] close(4 [pid 5883] <... setpgid resumed>) = 0 [pid 5878] <... close resumed>) = 0 [pid 5883] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5883] write(3, "1000", 4) = 4 [pid 5883] close(3) = 0 [pid 5883] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5883] memfd_create("syzkaller", 0 [pid 5878] exit_group(0 [pid 5883] <... memfd_create resumed>) = 3 [pid 5883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5878] <... exit_group resumed>) = ? [pid 5883] <... mmap resumed>) = 0x7f3b887a1000 [pid 5878] +++ exited with 0 +++ [pid 5880] <... ioctl resumed>) = 0 [pid 5880] close(3 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5878, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5880] <... close resumed>) = 0 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5880] mkdir("./file0", 0777 [pid 5879] <... ioctl resumed>) = 0 [pid 5880] <... mkdir resumed>) = 0 [pid 5879] close(3) = 0 [pid 5049] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5879] mkdir("./file0", 0777 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", [pid 5879] <... mkdir resumed>) = 0 [pid 5880] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 137.628884][ T5880] loop1: detected capacity change from 0 to 4096 [ 137.636716][ T5879] loop0: detected capacity change from 0 to 4096 [pid 5049] getdents64(3, [pid 5881] <... write resumed>) = 2097152 [pid 5879] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5882] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5881] munmap(0x7f3b887a1000, 138412032 [pid 5049] unlink("./137/binderfs" [pid 5881] <... munmap resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5049] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5881] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5881] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5883] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5881] ioctl(4, LOOP_SET_FD, 3 [ 137.674233][ T5880] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 137.684932][ T5879] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5049] newfstatat(AT_FDCWD, "./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5882] <... write resumed>) = 2097152 [pid 5881] <... ioctl resumed>) = 0 [pid 5049] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5881] close(3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5881] <... close resumed>) = 0 [pid 5881] mkdir("./file0", 0777 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5879] <... mount resumed>) = 0 [pid 5049] getdents64(4, [pid 5879] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5883] <... write resumed>) = 2097152 [pid 5879] <... openat resumed>) = 3 [pid 5049] getdents64(4, [pid 5883] munmap(0x7f3b887a1000, 138412032 [pid 5881] <... mkdir resumed>) = 0 [pid 5879] chdir("./file0" [pid 5882] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5883] <... munmap resumed>) = 0 [pid 5882] <... munmap resumed>) = 0 [pid 5881] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5880] <... mount resumed>) = 0 [pid 5879] <... chdir resumed>) = 0 [pid 5049] close(4 [pid 5880] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5049] <... close resumed>) = 0 [pid 5880] chdir("./file0" [pid 5049] rmdir("./137/file0" [pid 5880] <... chdir resumed>) = 0 [ 137.723418][ T5881] loop5: detected capacity change from 0 to 4096 [pid 5880] ioctl(4, LOOP_CLR_FD) = 0 [pid 5880] close(4) = 0 [pid 5880] exit_group(0) = ? [pid 5880] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5880, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5882] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5883] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5879] ioctl(4, LOOP_CLR_FD [pid 5049] <... rmdir resumed>) = 0 [pid 5883] <... openat resumed>) = 4 [pid 5882] <... openat resumed>) = 4 [pid 5879] <... ioctl resumed>) = 0 [pid 5049] getdents64(3, [pid 5883] ioctl(4, LOOP_SET_FD, 3 [pid 5882] ioctl(4, LOOP_SET_FD, 3 [pid 5879] close(4 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5883] <... ioctl resumed>) = 0 [pid 5879] <... close resumed>) = 0 [pid 5049] close(3 [pid 5883] close(3 [pid 5049] <... close resumed>) = 0 [pid 5879] exit_group(0 [pid 5049] rmdir("./137" [pid 5879] <... exit_group resumed>) = ? [pid 5883] <... close resumed>) = 0 [pid 5879] +++ exited with 0 +++ [pid 5049] <... rmdir resumed>) = 0 [pid 5048] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] mkdir("./138", 0777 [pid 5883] mkdir("./file0", 0777 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5879, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5883] <... mkdir resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5883] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] newfstatat(3, "", [pid 5047] umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW [ 137.770972][ T5881] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 137.791131][ T5883] loop4: detected capacity change from 0 to 4096 [ 137.791444][ T5882] loop3: detected capacity change from 0 to 4096 [pid 5049] close(3) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5884 attached [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5884 [pid 5048] getdents64(3, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5884] set_robust_list(0x555556629660, 24 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] newfstatat(AT_FDCWD, "./138/binderfs", [pid 5884] <... set_robust_list resumed>) = 0 [pid 5048] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5884] chdir("./138") = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] unlink("./138/binderfs" [pid 5884] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5884] setpgid(0, 0 [pid 5048] newfstatat(AT_FDCWD, "./135/binderfs", [pid 5047] <... unlink resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5884] <... setpgid resumed>) = 0 [pid 5884] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] unlink("./135/binderfs" [pid 5884] <... openat resumed>) = 3 [pid 5881] <... mount resumed>) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5048] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5884] write(3, "1000", 4 [pid 5882] <... ioctl resumed>) = 0 [pid 5881] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5884] <... write resumed>) = 4 [pid 5882] close(3 [pid 5884] close(3 [pid 5881] <... openat resumed>) = 3 [pid 5884] <... close resumed>) = 0 [pid 5884] symlink("/dev/binderfs", "./binderfs" [pid 5881] chdir("./file0" [pid 5884] <... symlink resumed>) = 0 [pid 5882] <... close resumed>) = 0 [pid 5881] <... chdir resumed>) = 0 [pid 5881] ioctl(4, LOOP_CLR_FD [pid 5882] mkdir("./file0", 0777 [pid 5881] <... ioctl resumed>) = 0 [pid 5882] <... mkdir resumed>) = 0 [pid 5881] close(4 [pid 5884] memfd_create("syzkaller", 0 [pid 5882] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5881] <... close resumed>) = 0 [ 137.822724][ T5883] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5883] <... mount resumed>) = 0 [pid 5881] exit_group(0 [pid 5047] <... umount2 resumed>) = 0 [pid 5884] <... memfd_create resumed>) = 3 [pid 5883] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5881] <... exit_group resumed>) = ? [pid 5048] <... umount2 resumed>) = 0 [pid 5884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./138/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5883] <... openat resumed>) = 3 [pid 5047] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5883] chdir("./file0" [pid 5881] +++ exited with 0 +++ [pid 5048] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5883] <... chdir resumed>) = 0 [pid 5883] ioctl(4, LOOP_CLR_FD [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5881, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5883] <... ioctl resumed>) = 0 [pid 5883] close(4 [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5883] <... close resumed>) = 0 [pid 5052] <... restart_syscall resumed>) = 0 [pid 5883] exit_group(0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] umount2("./133", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(AT_FDCWD, "./135/file0", [pid 5047] <... openat resumed>) = 4 [pid 5883] <... exit_group resumed>) = ? [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] newfstatat(4, "", [pid 5048] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5883] +++ exited with 0 +++ [pid 5882] <... mount resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./133", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(4, [pid 5882] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5883, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [ 137.882452][ T5882] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5882] <... openat resumed>) = 3 [pid 5052] <... openat resumed>) = 3 [pid 5048] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] close(4 [pid 5882] chdir("./file0" [pid 5051] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(4, [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] rmdir("./138/file0" [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] getdents64(4, [pid 5047] <... rmdir resumed>) = 0 [pid 5052] umount2("./133/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5882] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] close(4 [pid 5052] newfstatat(AT_FDCWD, "./133/binderfs", [pid 5882] ioctl(4, LOOP_CLR_FD [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... close resumed>) = 0 [pid 5047] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5882] <... ioctl resumed>) = 0 [pid 5048] rmdir("./135/file0" [pid 5052] unlink("./133/binderfs" [pid 5047] <... close resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] rmdir("./138" [pid 5052] <... unlink resumed>) = 0 [pid 5048] getdents64(3, [pid 5047] <... rmdir resumed>) = 0 [pid 5882] close(4 [pid 5052] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] mkdir("./139", 0777 [pid 5051] <... openat resumed>) = 3 [pid 5882] <... close resumed>) = 0 [pid 5048] close(3 [pid 5047] <... mkdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5884] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... close resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5882] exit_group(0 [pid 5051] newfstatat(3, "", [pid 5882] <... exit_group resumed>) = ? [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] rmdir("./135" [pid 5047] close(3 [pid 5882] +++ exited with 0 +++ [pid 5051] getdents64(3, [pid 5048] <... rmdir resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] mkdir("./136", 0777 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5882, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5052] <... umount2 resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./134/binderfs", [pid 5050] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... mkdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5051] unlink("./134/binderfs" [pid 5050] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5885 [pid 5050] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5051] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5885 attached [pid 5051] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(3, "", [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] close(3 [pid 5885] set_robust_list(0x555556629660, 24 [pid 5050] getdents64(3, [pid 5048] <... close resumed>) = 0 [pid 5885] <... set_robust_list resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5885] chdir("./139"./strace-static-x86_64: Process 5886 attached ) = 0 [pid 5050] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5886] set_robust_list(0x555556629660, 24 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5886 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5885] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] newfstatat(AT_FDCWD, "./135/binderfs", [pid 5886] <... set_robust_list resumed>) = 0 [pid 5885] <... prctl resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5886] chdir("./136" [pid 5885] setpgid(0, 0 [pid 5052] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] unlink("./135/binderfs" [pid 5886] <... chdir resumed>) = 0 [pid 5885] <... setpgid resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... unlink resumed>) = 0 [pid 5885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] newfstatat(AT_FDCWD, "./133/file0", [pid 5886] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./134/file0", [pid 5886] <... prctl resumed>) = 0 [pid 5885] <... openat resumed>) = 3 [pid 5052] umount2("./133/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5886] setpgid(0, 0 [pid 5885] write(3, "1000", 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5886] <... setpgid resumed>) = 0 [pid 5885] <... write resumed>) = 4 [pid 5052] openat(AT_FDCWD, "./133/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5885] close(3 [pid 5884] <... write resumed>) = 2097152 [pid 5052] <... openat resumed>) = 4 [pid 5051] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5886] <... openat resumed>) = 3 [pid 5885] <... close resumed>) = 0 [pid 5884] munmap(0x7f3b887a1000, 138412032 [pid 5052] newfstatat(4, "", [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5886] write(3, "1000", 4 [pid 5885] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5886] <... write resumed>) = 4 [pid 5884] <... munmap resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... umount2 resumed>) = 0 [pid 5886] close(3 [pid 5885] <... symlink resumed>) = 0 [pid 5884] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] getdents64(4, [pid 5051] <... openat resumed>) = 4 [pid 5886] <... close resumed>) = 0 [pid 5884] <... openat resumed>) = 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5886] symlink("/dev/binderfs", "./binderfs" [pid 5884] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5886] <... symlink resumed>) = 0 [pid 5885] memfd_create("syzkaller", 0 [pid 5884] <... ioctl resumed>) = 0 [pid 5052] getdents64(4, [pid 5051] newfstatat(4, "", [pid 5050] newfstatat(AT_FDCWD, "./135/file0", [pid 5885] <... memfd_create resumed>) = 3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] close(4 [pid 5050] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5885] <... mmap resumed>) = 0x7f3b887a1000 [pid 5884] close(3 [pid 5052] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] rmdir("./133/file0" [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... rmdir resumed>) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5884] <... close resumed>) = 0 [pid 5052] getdents64(3, [pid 5051] close(4 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5884] mkdir("./file0", 0777 [pid 5051] rmdir("./134/file0") = 0 [pid 5050] <... openat resumed>) = 4 [pid 5884] <... mkdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5052] close(3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] newfstatat(4, "", [pid 5051] close(3 [pid 5052] <... close resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5884] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] rmdir("./133" [pid 5051] rmdir("./134" [pid 5050] getdents64(4, [pid 5051] <... rmdir resumed>) = 0 [pid 5051] mkdir("./135", 0777 [pid 5052] <... rmdir resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5051] close(3 [pid 5050] rmdir("./135/file0" [pid 5051] <... close resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5052] mkdir("./134", 0777 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] <... mkdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5886] memfd_create("syzkaller", 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5050] rmdir("./135" [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5887 attached [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5887 [pid 5050] mkdir("./136", 0777 [pid 5887] set_robust_list(0x555556629660, 24 [pid 5886] <... memfd_create resumed>) = 3 [pid 5052] close(3 [pid 5050] <... mkdir resumed>) = 0 [pid 5887] <... set_robust_list resumed>) = 0 [pid 5886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5887] chdir("./135" [pid 5050] close(3 [pid 5887] <... chdir resumed>) = 0 [pid 5886] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... close resumed>) = 0 [ 138.053413][ T5884] loop2: detected capacity change from 0 to 4096 [ 138.074596][ T5884] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 5888 attached [pid 5887] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5887] <... prctl resumed>) = 0 [pid 5888] set_robust_list(0x555556629660, 24 [pid 5887] setpgid(0, 0 [pid 5888] <... set_robust_list resumed>) = 0 [pid 5887] <... setpgid resumed>) = 0 [pid 5888] chdir("./134" [pid 5887] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5889 attached [pid 5888] <... chdir resumed>) = 0 [pid 5887] <... openat resumed>) = 3 [pid 5889] set_robust_list(0x555556629660, 24 [pid 5888] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5887] write(3, "1000", 4 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5888 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5889 [pid 5889] <... set_robust_list resumed>) = 0 [pid 5888] <... prctl resumed>) = 0 [pid 5889] chdir("./136" [pid 5888] setpgid(0, 0 [pid 5887] <... write resumed>) = 4 [pid 5888] <... setpgid resumed>) = 0 [pid 5887] close(3 [pid 5888] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5887] <... close resumed>) = 0 [pid 5888] <... openat resumed>) = 3 [pid 5887] symlink("/dev/binderfs", "./binderfs" [pid 5889] <... chdir resumed>) = 0 [pid 5888] write(3, "1000", 4 [pid 5887] <... symlink resumed>) = 0 [pid 5889] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5888] <... write resumed>) = 4 [pid 5887] memfd_create("syzkaller", 0) = 3 [pid 5888] close(3 [pid 5887] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5889] <... prctl resumed>) = 0 [pid 5888] <... close resumed>) = 0 [pid 5887] <... mmap resumed>) = 0x7f3b887a1000 [pid 5888] symlink("/dev/binderfs", "./binderfs" [pid 5889] setpgid(0, 0) = 0 [pid 5888] <... symlink resumed>) = 0 [pid 5889] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5888] memfd_create("syzkaller", 0 [pid 5889] <... openat resumed>) = 3 [pid 5889] write(3, "1000", 4) = 4 [pid 5884] <... mount resumed>) = 0 [pid 5889] close(3) = 0 [pid 5889] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5888] <... memfd_create resumed>) = 3 [pid 5886] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5885] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5884] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5888] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5884] <... openat resumed>) = 3 [pid 5888] <... mmap resumed>) = 0x7f3b887a1000 [pid 5889] memfd_create("syzkaller", 0) = 3 [pid 5884] chdir("./file0" [pid 5889] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5884] <... chdir resumed>) = 0 [pid 5884] ioctl(4, LOOP_CLR_FD [pid 5889] <... mmap resumed>) = 0x7f3b887a1000 [pid 5884] <... ioctl resumed>) = 0 [pid 5884] close(4 [pid 5887] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5884] <... close resumed>) = 0 [pid 5884] exit_group(0) = ? [pid 5886] <... write resumed>) = 2097152 [pid 5884] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5884, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5049] umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./138/binderfs") = 0 [pid 5888] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5886] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5885] <... write resumed>) = 2097152 [pid 5887] <... write resumed>) = 2097152 [pid 5885] munmap(0x7f3b887a1000, 138412032 [pid 5886] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5049] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5886] <... openat resumed>) = 4 [pid 5886] ioctl(4, LOOP_SET_FD, 3 [pid 5885] <... munmap resumed>) = 0 [pid 5889] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5887] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... umount2 resumed>) = 0 [pid 5887] <... munmap resumed>) = 0 [pid 5886] <... ioctl resumed>) = 0 [pid 5049] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5886] close(3 [pid 5885] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5886] <... close resumed>) = 0 [pid 5885] <... openat resumed>) = 4 [pid 5049] newfstatat(AT_FDCWD, "./138/file0", [pid 5886] mkdir("./file0", 0777 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5885] ioctl(4, LOOP_SET_FD, 3 [pid 5887] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5886] <... mkdir resumed>) = 0 [pid 5049] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5887] <... openat resumed>) = 4 [pid 5886] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5887] ioctl(4, LOOP_SET_FD, 3 [pid 5049] openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./138/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5885] <... ioctl resumed>) = 0 [pid 5049] close(3) = 0 [pid 5888] <... write resumed>) = 2097152 [pid 5885] close(3) = 0 [pid 5888] munmap(0x7f3b887a1000, 138412032 [pid 5885] mkdir("./file0", 0777 [pid 5049] rmdir("./138" [pid 5887] <... ioctl resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5887] close(3 [pid 5049] mkdir("./139", 0777 [pid 5887] <... close resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5887] mkdir("./file0", 0777 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5887] <... mkdir resumed>) = 0 [pid 5885] <... mkdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5887] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 138.323944][ T5886] loop1: detected capacity change from 0 to 4096 [ 138.350269][ T5885] loop0: detected capacity change from 0 to 4096 [ 138.351759][ T5886] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 138.367700][ T5887] loop4: detected capacity change from 0 to 4096 [pid 5049] close(3 [pid 5888] <... munmap resumed>) = 0 [pid 5885] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5890 attached [pid 5888] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5890 [pid 5888] <... openat resumed>) = 4 [pid 5890] set_robust_list(0x555556629660, 24) = 0 [pid 5888] ioctl(4, LOOP_SET_FD, 3 [pid 5890] chdir("./139") = 0 [pid 5890] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5889] <... write resumed>) = 2097152 [pid 5890] <... prctl resumed>) = 0 [pid 5889] munmap(0x7f3b887a1000, 138412032 [pid 5890] setpgid(0, 0 [pid 5889] <... munmap resumed>) = 0 [pid 5890] <... setpgid resumed>) = 0 [pid 5890] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5889] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5890] <... openat resumed>) = 3 [pid 5889] ioctl(4, LOOP_SET_FD, 3 [pid 5890] write(3, "1000", 4) = 4 [pid 5890] close(3) = 0 [ 138.403294][ T5887] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 138.414010][ T5885] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 138.438421][ T5888] loop5: detected capacity change from 0 to 4096 [pid 5890] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5890] memfd_create("syzkaller", 0) = 3 [pid 5885] <... mount resumed>) = 0 [pid 5890] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5888] <... ioctl resumed>) = 0 [pid 5885] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5890] <... mmap resumed>) = 0x7f3b887a1000 [pid 5888] close(3 [pid 5885] <... openat resumed>) = 3 [pid 5885] chdir("./file0") = 0 [pid 5888] <... close resumed>) = 0 [pid 5888] mkdir("./file0", 0777 [pid 5885] ioctl(4, LOOP_CLR_FD) = 0 [pid 5889] <... ioctl resumed>) = 0 [pid 5888] <... mkdir resumed>) = 0 [pid 5885] close(4) = 0 [pid 5888] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [ 138.459700][ T5889] loop3: detected capacity change from 0 to 4096 [pid 5885] exit_group(0 [pid 5889] close(3) = 0 [pid 5885] <... exit_group resumed>) = ? [pid 5889] mkdir("./file0", 0777) = 0 [pid 5889] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5885] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5885, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5047] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5047] umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5887] <... mount resumed>) = 0 [pid 5887] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5887] chdir("./file0" [pid 5047] newfstatat(3, "", [pid 5887] <... chdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5887] ioctl(4, LOOP_CLR_FD) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5887] close(4) = 0 [pid 5887] exit_group(0 [pid 5047] umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 138.500503][ T5888] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 138.516851][ T5889] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5047] newfstatat(AT_FDCWD, "./139/binderfs", [pid 5887] <... exit_group resumed>) = ? [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./139/binderfs" [pid 5890] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5888] <... mount resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5888] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5887] +++ exited with 0 +++ [pid 5047] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5888] <... openat resumed>) = 3 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5887, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5888] chdir("./file0") = 0 [pid 5051] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5888] ioctl(4, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5888] <... ioctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5888] close(4 [pid 5051] newfstatat(3, "", [pid 5888] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5888] exit_group(0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5888] <... exit_group resumed>) = ? [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./135/binderfs", [pid 5886] <... mount resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./135/binderfs") = 0 [pid 5886] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5886] <... openat resumed>) = 3 [pid 5886] chdir("./file0") = 0 [pid 5886] ioctl(4, LOOP_CLR_FD) = 0 [pid 5886] close(4 [pid 5888] +++ exited with 0 +++ [pid 5886] <... close resumed>) = 0 [pid 5886] exit_group(0 [pid 5889] <... mount resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5888, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5052] umount2("./134", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5889] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5886] <... exit_group resumed>) = ? [pid 5052] openat(AT_FDCWD, "./134", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5889] <... openat resumed>) = 3 [pid 5886] +++ exited with 0 +++ [pid 5889] chdir("./file0" [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5886, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5889] <... chdir resumed>) = 0 [pid 5889] ioctl(4, LOOP_CLR_FD) = 0 [pid 5889] close(4) = 0 [pid 5048] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5889] exit_group(0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5889] <... exit_group resumed>) = ? [pid 5048] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5889] +++ exited with 0 +++ [pid 5048] <... openat resumed>) = 3 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5889, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./136/binderfs", [pid 5890] <... write resumed>) = 2097152 [pid 5052] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5051] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./135/file0", [pid 5052] getdents64(3, [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./136/binderfs" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] umount2("./134/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5890] munmap(0x7f3b887a1000, 138412032 [pid 5052] newfstatat(AT_FDCWD, "./134/binderfs", [pid 5051] <... openat resumed>) = 4 [pid 5050] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... unlink resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./139/file0", [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] newfstatat(4, "", [pid 5052] unlink("./134/binderfs") = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(4, [pid 5050] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, [pid 5050] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5050] newfstatat(3, "", [pid 5047] openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... close resumed>) = 0 [pid 5890] <... munmap resumed>) = 0 [pid 5051] rmdir("./135/file0" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(4, "", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./136/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5890] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] getdents64(3, [pid 5050] unlink("./136/binderfs" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5890] <... openat resumed>) = 4 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5047] getdents64(4, [pid 5890] ioctl(4, LOOP_SET_FD, 3 [pid 5051] close(3 [pid 5050] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./135" [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... rmdir resumed>) = 0 [pid 5047] getdents64(4, [pid 5051] mkdir("./136", 0777 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5047] close(4 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./139/file0" [pid 5051] <... openat resumed>) = 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5890] <... ioctl resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5890] close(3 [pid 5047] close(3) = 0 [pid 5890] <... close resumed>) = 0 [pid 5047] rmdir("./139" [pid 5890] mkdir("./file0", 0777 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] mkdir("./140", 0777 [pid 5048] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./136/file0", [pid 5890] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] <... mkdir resumed>) = 0 [pid 5890] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5048] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] <... openat resumed>) = 3 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(4) = 0 [pid 5048] rmdir("./136/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./136") = 0 [pid 5048] mkdir("./137", 0777 [pid 5047] close(3) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5891 ./strace-static-x86_64: Process 5891 attached [pid 5048] <... openat resumed>) = 3 [ 138.666251][ T5890] loop2: detected capacity change from 0 to 4096 [ 138.703116][ T5890] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./134/file0", [pid 5891] set_robust_list(0x555556629660, 24 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5891] <... set_robust_list resumed>) = 0 [pid 5052] umount2("./134/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5891] chdir("./140" [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5891] <... chdir resumed>) = 0 [pid 5048] close(3 [pid 5891] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] <... close resumed>) = 0 [pid 5891] <... prctl resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5891] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5892 attached [pid 5891] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5892] set_robust_list(0x555556629660, 24 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5892] <... set_robust_list resumed>) = 0 [pid 5891] <... openat resumed>) = 3 [pid 5052] openat(AT_FDCWD, "./134/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5892 [pid 5052] <... openat resumed>) = 4 [pid 5052] newfstatat(4, "", [pid 5892] chdir("./137" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5052] getdents64(4, [pid 5892] <... chdir resumed>) = 0 [pid 5891] write(3, "1000", 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5892] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5891] <... write resumed>) = 4 [pid 5052] getdents64(4, [pid 5050] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5892] <... prctl resumed>) = 0 [pid 5891] close(3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5891] <... close resumed>) = 0 [pid 5891] symlink("/dev/binderfs", "./binderfs" [pid 5052] close(4 [pid 5891] <... symlink resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./136/file0", [pid 5892] setpgid(0, 0 [pid 5891] memfd_create("syzkaller", 0 [pid 5052] rmdir("./134/file0" [pid 5051] <... ioctl resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5050] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(3, [pid 5892] <... setpgid resumed>) = 0 [pid 5892] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] close(3 [pid 5892] <... openat resumed>) = 3 [pid 5892] write(3, "1000", 4) = 4 [pid 5892] close(3) = 0 [pid 5891] <... memfd_create resumed>) = 3 [pid 5892] symlink("/dev/binderfs", "./binderfs" [pid 5891] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5892] <... symlink resumed>) = 0 [pid 5891] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] close(3 [pid 5051] <... close resumed>) = 0 [pid 5892] memfd_create("syzkaller", 0 [pid 5052] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 ./strace-static-x86_64: Process 5893 attached [pid 5892] <... memfd_create resumed>) = 3 [pid 5890] <... mount resumed>) = 0 [pid 5052] rmdir("./134" [pid 5050] newfstatat(4, "", [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5893 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5893] set_robust_list(0x555556629660, 24 [pid 5892] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5890] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... rmdir resumed>) = 0 [pid 5050] getdents64(4, [pid 5052] mkdir("./135", 0777 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5893] <... set_robust_list resumed>) = 0 [pid 5892] <... mmap resumed>) = 0x7f3b887a1000 [pid 5890] <... openat resumed>) = 3 [pid 5052] <... mkdir resumed>) = 0 [pid 5050] getdents64(4, [pid 5890] chdir("./file0" [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5893] chdir("./136" [pid 5890] <... chdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] close(4 [pid 5893] <... chdir resumed>) = 0 [pid 5890] ioctl(4, LOOP_CLR_FD [pid 5050] <... close resumed>) = 0 [pid 5893] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5890] <... ioctl resumed>) = 0 [pid 5050] rmdir("./136/file0" [pid 5890] close(4 [pid 5052] <... openat resumed>) = 3 [pid 5893] <... prctl resumed>) = 0 [pid 5890] <... close resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] <... rmdir resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] getdents64(3, [pid 5890] exit_group(0 [pid 5893] setpgid(0, 0 [pid 5052] close(3 [pid 5890] <... exit_group resumed>) = ? [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] close(3 [pid 5893] <... setpgid resumed>) = 0 [pid 5890] +++ exited with 0 +++ [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... close resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5890, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5049] umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] rmdir("./136" [pid 5049] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5894 attached [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5894] set_robust_list(0x555556629660, 24 [pid 5893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5050] mkdir("./137", 0777 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./139/binderfs") = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5049] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5894] <... set_robust_list resumed>) = 0 [pid 5893] <... openat resumed>) = 3 [pid 5894] chdir("./135" [pid 5893] write(3, "1000", 4 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5894 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5894] <... chdir resumed>) = 0 [pid 5893] <... write resumed>) = 4 [pid 5050] <... openat resumed>) = 3 [pid 5893] close(3 [pid 5894] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5893] <... close resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5894] <... prctl resumed>) = 0 [pid 5893] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5894] setpgid(0, 0 [pid 5050] close(3 [pid 5894] <... setpgid resumed>) = 0 [pid 5894] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5893] <... symlink resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5891] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5894] <... openat resumed>) = 3 [pid 5894] write(3, "1000", 4 [pid 5893] memfd_create("syzkaller", 0 [pid 5892] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5895 attached [pid 5895] set_robust_list(0x555556629660, 24 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5895 [pid 5894] <... write resumed>) = 4 [pid 5895] <... set_robust_list resumed>) = 0 [pid 5895] chdir("./137") = 0 [pid 5894] close(3 [pid 5893] <... memfd_create resumed>) = 3 [pid 5894] <... close resumed>) = 0 [pid 5895] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5894] symlink("/dev/binderfs", "./binderfs" [pid 5893] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5895] <... prctl resumed>) = 0 [pid 5893] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5895] setpgid(0, 0 [pid 5049] newfstatat(AT_FDCWD, "./139/file0", [pid 5895] <... setpgid resumed>) = 0 [pid 5894] <... symlink resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5895] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5895] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5895] write(3, "1000", 4 [pid 5049] openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5895] <... write resumed>) = 4 [pid 5894] memfd_create("syzkaller", 0 [pid 5049] <... openat resumed>) = 4 [pid 5895] close(3 [pid 5049] newfstatat(4, "", [pid 5895] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5895] symlink("/dev/binderfs", "./binderfs" [pid 5049] getdents64(4, [pid 5895] <... symlink resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5895] memfd_create("syzkaller", 0 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5895] <... memfd_create resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 5895] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] rmdir("./139/file0" [pid 5895] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./139") = 0 [pid 5049] mkdir("./140", 0777) = 0 [pid 5891] <... write resumed>) = 2097152 [pid 5894] <... memfd_create resumed>) = 3 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5891] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5894] <... mmap resumed>) = 0x7f3b887a1000 [pid 5892] <... write resumed>) = 2097152 [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5896 attached [pid 5892] munmap(0x7f3b887a1000, 138412032 [pid 5896] set_robust_list(0x555556629660, 24 [pid 5892] <... munmap resumed>) = 0 [pid 5891] <... munmap resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5896 [pid 5896] <... set_robust_list resumed>) = 0 [pid 5896] chdir("./140") = 0 [pid 5896] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5892] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5891] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5892] <... openat resumed>) = 4 [pid 5891] ioctl(4, LOOP_SET_FD, 3 [pid 5896] <... prctl resumed>) = 0 [pid 5892] ioctl(4, LOOP_SET_FD, 3 [pid 5896] setpgid(0, 0) = 0 [pid 5896] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5896] write(3, "1000", 4) = 4 [pid 5896] close(3) = 0 [pid 5896] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5896] memfd_create("syzkaller", 0) = 3 [pid 5893] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5892] <... ioctl resumed>) = 0 [pid 5891] <... ioctl resumed>) = 0 [pid 5896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5892] close(3 [pid 5891] close(3 [pid 5892] <... close resumed>) = 0 [pid 5891] <... close resumed>) = 0 [pid 5896] <... mmap resumed>) = 0x7f3b887a1000 [pid 5892] mkdir("./file0", 0777 [pid 5891] mkdir("./file0", 0777 [pid 5892] <... mkdir resumed>) = 0 [pid 5891] <... mkdir resumed>) = 0 [ 139.023030][ T5891] loop0: detected capacity change from 0 to 4096 [ 139.033688][ T5892] loop1: detected capacity change from 0 to 4096 [pid 5891] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5892] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5895] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 139.066152][ T5891] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 139.083990][ T5892] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5894] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5896] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5895] <... write resumed>) = 2097152 [pid 5895] munmap(0x7f3b887a1000, 138412032 [pid 5891] <... mount resumed>) = 0 [pid 5895] <... munmap resumed>) = 0 [pid 5893] <... write resumed>) = 2097152 [pid 5891] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5895] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5891] <... openat resumed>) = 3 [pid 5895] <... openat resumed>) = 4 [pid 5891] chdir("./file0" [pid 5895] ioctl(4, LOOP_SET_FD, 3 [pid 5891] <... chdir resumed>) = 0 [pid 5893] munmap(0x7f3b887a1000, 138412032 [pid 5891] ioctl(4, LOOP_CLR_FD) = 0 [pid 5891] close(4) = 0 [pid 5891] exit_group(0) = ? [pid 5891] +++ exited with 0 +++ [pid 5895] <... ioctl resumed>) = 0 [pid 5895] close(3) = 0 [pid 5895] mkdir("./file0", 0777) = 0 [pid 5892] <... mount resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5891, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5895] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5047] umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5892] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5894] <... write resumed>) = 2097152 [pid 5893] <... munmap resumed>) = 0 [pid 5892] <... openat resumed>) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5894] munmap(0x7f3b887a1000, 138412032 [pid 5893] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5893] <... openat resumed>) = 4 [ 139.169453][ T5895] loop3: detected capacity change from 0 to 4096 [ 139.185962][ T5895] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5893] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5892] chdir("./file0" [pid 5047] umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5892] <... chdir resumed>) = 0 [pid 5894] <... munmap resumed>) = 0 [pid 5893] <... ioctl resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./140/binderfs", [pid 5894] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5893] close(3 [pid 5892] ioctl(4, LOOP_CLR_FD [pid 5894] <... openat resumed>) = 4 [pid 5893] <... close resumed>) = 0 [pid 5892] <... ioctl resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5894] ioctl(4, LOOP_SET_FD, 3 [pid 5893] mkdir("./file0", 0777 [pid 5892] close(4 [pid 5047] unlink("./140/binderfs" [pid 5892] <... close resumed>) = 0 [pid 5892] exit_group(0 [pid 5047] <... unlink resumed>) = 0 [pid 5892] <... exit_group resumed>) = ? [pid 5893] <... mkdir resumed>) = 0 [pid 5892] +++ exited with 0 +++ [pid 5047] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5893] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5892, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5048] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5048] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./137/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./137/binderfs") = 0 [pid 5048] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5896] <... write resumed>) = 2097152 [pid 5896] munmap(0x7f3b887a1000, 138412032 [pid 5894] <... ioctl resumed>) = 0 [pid 5894] close(3 [pid 5047] <... umount2 resumed>) = 0 [pid 5894] <... close resumed>) = 0 [pid 5894] mkdir("./file0", 0777 [pid 5047] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5894] <... mkdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 139.218391][ T5893] loop4: detected capacity change from 0 to 4096 [ 139.236094][ T5894] loop5: detected capacity change from 0 to 4096 [ 139.253398][ T5893] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5894] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5893] <... mount resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./140/file0", [pid 5896] <... munmap resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5896] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5896] ioctl(4, LOOP_SET_FD, 3 [pid 5893] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5893] <... openat resumed>) = 3 [pid 5047] openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5895] <... mount resumed>) = 0 [pid 5893] chdir("./file0" [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5047] newfstatat(4, "", [pid 5895] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5895] <... openat resumed>) = 3 [pid 5047] getdents64(4, [pid 5895] chdir("./file0") = 0 [pid 5893] <... chdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5893] ioctl(4, LOOP_CLR_FD [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5895] ioctl(4, LOOP_CLR_FD [pid 5893] <... ioctl resumed>) = 0 [pid 5047] close(4 [pid 5895] <... ioctl resumed>) = 0 [pid 5895] close(4 [pid 5893] close(4 [pid 5047] <... close resumed>) = 0 [pid 5895] <... close resumed>) = 0 [pid 5893] <... close resumed>) = 0 [pid 5047] rmdir("./140/file0" [pid 5896] <... ioctl resumed>) = 0 [pid 5895] exit_group(0 [pid 5896] close(3 [pid 5895] <... exit_group resumed>) = ? [pid 5896] <... close resumed>) = 0 [pid 5895] +++ exited with 0 +++ [pid 5893] exit_group(0 [pid 5047] <... rmdir resumed>) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5895, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5047] getdents64(3, [pid 5896] mkdir("./file0", 0777 [pid 5893] <... exit_group resumed>) = ? [pid 5048] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [ 139.294277][ T5894] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 139.297874][ T5896] loop2: detected capacity change from 0 to 4096 [pid 5896] <... mkdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(3 [pid 5048] newfstatat(AT_FDCWD, "./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5896] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5048] <... openat resumed>) = 4 [pid 5893] +++ exited with 0 +++ [pid 5048] newfstatat(4, "", [pid 5047] <... close resumed>) = 0 [pid 5894] <... mount resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5893, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] rmdir("./140" [pid 5894] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, [pid 5047] <... rmdir resumed>) = 0 [pid 5050] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5894] <... openat resumed>) = 3 [pid 5048] close(4 [pid 5047] mkdir("./141", 0777 [pid 5894] chdir("./file0" [pid 5051] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... close resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] rmdir("./137/file0") = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 5050] newfstatat(3, "", [pid 5048] getdents64(3, [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5894] <... chdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5050] getdents64(3, [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5894] ioctl(4, LOOP_CLR_FD [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5894] <... ioctl resumed>) = 0 [pid 5051] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] close(3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5894] close(4 [pid 5050] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5894] <... close resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./136/binderfs", [pid 5894] exit_group(0 [pid 5050] newfstatat(AT_FDCWD, "./137/binderfs", [pid 5048] <... close resumed>) = 0 [pid 5047] close(3 [pid 5894] <... exit_group resumed>) = ? [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... close resumed>) = 0 [pid 5051] unlink("./136/binderfs" [pid 5048] rmdir("./137") = 0 [pid 5048] mkdir("./138", 0777 [pid 5894] +++ exited with 0 +++ [pid 5048] <... mkdir resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5894, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] <... unlink resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] unlink("./137/binderfs" [pid 5052] umount2("./135", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] openat(AT_FDCWD, "./135", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5052] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5050] <... unlink resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5897 [pid 5050] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5897 attached [pid 5897] set_robust_list(0x555556629660, 24 [pid 5052] newfstatat(3, "", [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... close resumed>) = 0 [pid 5052] getdents64(3, [ 139.359056][ T5896] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5897] <... set_robust_list resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./135/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5897] chdir("./141" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./135/binderfs", [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5898 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./135/binderfs") = 0 ./strace-static-x86_64: Process 5898 attached [pid 5052] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5898] set_robust_list(0x555556629660, 24) = 0 [pid 5898] chdir("./138") = 0 [pid 5898] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... umount2 resumed>) = 0 [pid 5898] <... prctl resumed>) = 0 [pid 5898] setpgid(0, 0) = 0 [pid 5898] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5898] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5898] write(3, "1000", 4 [pid 5897] <... chdir resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./136/file0", [pid 5898] <... write resumed>) = 4 [pid 5898] close(3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5898] <... close resumed>) = 0 [pid 5898] symlink("/dev/binderfs", "./binderfs" [pid 5051] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5898] <... symlink resumed>) = 0 [pid 5897] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5897] <... prctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5897] setpgid(0, 0 [pid 5051] <... openat resumed>) = 4 [pid 5897] <... setpgid resumed>) = 0 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5898] memfd_create("syzkaller", 0 [pid 5897] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5896] <... mount resumed>) = 0 [pid 5051] getdents64(4, [pid 5050] <... umount2 resumed>) = 0 [pid 5898] <... memfd_create resumed>) = 3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5898] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5897] <... openat resumed>) = 3 [pid 5896] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... umount2 resumed>) = 0 [pid 5051] getdents64(4, [pid 5897] write(3, "1000", 4 [pid 5052] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5897] <... write resumed>) = 4 [pid 5051] close(4 [pid 5050] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5897] close(3 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./136/file0" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5897] <... close resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./137/file0", [pid 5897] symlink("/dev/binderfs", "./binderfs" [pid 5898] <... mmap resumed>) = 0x7f3b887a1000 [pid 5897] <... symlink resumed>) = 0 [pid 5896] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] getdents64(3, [pid 5897] memfd_create("syzkaller", 0 [pid 5896] chdir("./file0" [pid 5052] newfstatat(AT_FDCWD, "./135/file0", [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] close(3 [pid 5897] <... memfd_create resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5896] <... chdir resumed>) = 0 [pid 5052] umount2("./135/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5897] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5896] ioctl(4, LOOP_CLR_FD [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] rmdir("./136" [pid 5050] <... openat resumed>) = 4 [pid 5052] openat(AT_FDCWD, "./135/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] newfstatat(4, "", [pid 5896] <... ioctl resumed>) = 0 [pid 5896] close(4) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5897] <... mmap resumed>) = 0x7f3b887a1000 [pid 5896] exit_group(0 [pid 5050] getdents64(4, [pid 5896] <... exit_group resumed>) = ? [pid 5896] +++ exited with 0 +++ [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] newfstatat(4, "", [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5896, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(4, [pid 5051] mkdir("./137", 0777 [pid 5050] getdents64(4, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] close(4 [pid 5049] <... openat resumed>) = 3 [pid 5052] getdents64(4, [pid 5050] <... close resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] rmdir("./137/file0" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... openat resumed>) = 3 [pid 5049] umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5052] close(4 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] getdents64(3, [pid 5049] newfstatat(AT_FDCWD, "./140/binderfs", [pid 5051] close(3 [pid 5052] <... close resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] rmdir("./135/file0" [pid 5051] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5052] <... rmdir resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] rmdir("./137") = 0 [pid 5052] getdents64(3, [pid 5049] unlink("./140/binderfs" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5899 attached [pid 5049] <... unlink resumed>) = 0 [pid 5052] close(3 [pid 5899] set_robust_list(0x555556629660, 24 [pid 5052] <... close resumed>) = 0 [pid 5899] <... set_robust_list resumed>) = 0 [pid 5052] rmdir("./135") = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5899 [pid 5052] mkdir("./136", 0777 [pid 5899] chdir("./137" [pid 5052] <... mkdir resumed>) = 0 [pid 5050] mkdir("./138", 0777 [pid 5899] <... chdir resumed>) = 0 [pid 5899] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5899] setpgid(0, 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5899] <... setpgid resumed>) = 0 [pid 5899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5898] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... openat resumed>) = 3 [pid 5899] <... openat resumed>) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5050] <... openat resumed>) = 3 [pid 5899] write(3, "1000", 4 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... close resumed>) = 0 [pid 5050] close(3 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5899] <... write resumed>) = 4 [pid 5050] <... close resumed>) = 0 ./strace-static-x86_64: Process 5900 attached [pid 5899] close(3 [pid 5897] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5899] <... close resumed>) = 0 [pid 5900] set_robust_list(0x555556629660, 24 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5900 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5899] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5900] <... set_robust_list resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5901 [pid 5900] chdir("./136"./strace-static-x86_64: Process 5901 attached [pid 5901] set_robust_list(0x555556629660, 24 [pid 5900] <... chdir resumed>) = 0 [pid 5899] memfd_create("syzkaller", 0 [pid 5900] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5901] <... set_robust_list resumed>) = 0 [pid 5900] setpgid(0, 0 [pid 5901] chdir("./138" [pid 5900] <... setpgid resumed>) = 0 [pid 5901] <... chdir resumed>) = 0 [pid 5900] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5899] <... memfd_create resumed>) = 3 [pid 5899] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5901] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5899] <... mmap resumed>) = 0x7f3b887a1000 [pid 5901] <... prctl resumed>) = 0 [pid 5900] <... openat resumed>) = 3 [pid 5901] setpgid(0, 0) = 0 [pid 5901] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5900] write(3, "1000", 4 [pid 5049] <... umount2 resumed>) = 0 [pid 5900] <... write resumed>) = 4 [pid 5900] close(3 [pid 5049] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5900] <... close resumed>) = 0 [pid 5900] symlink("/dev/binderfs", "./binderfs" [pid 5901] write(3, "1000", 4 [pid 5900] <... symlink resumed>) = 0 [pid 5898] <... write resumed>) = 2097152 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./140/file0", [pid 5901] <... write resumed>) = 4 [pid 5897] <... write resumed>) = 2097152 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5901] close(3) = 0 [pid 5049] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5901] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5900] memfd_create("syzkaller", 0 [pid 5897] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5901] memfd_create("syzkaller", 0 [pid 5049] openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5901] <... memfd_create resumed>) = 3 [pid 5898] munmap(0x7f3b887a1000, 138412032 [pid 5901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5898] <... munmap resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5901] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5900] <... memfd_create resumed>) = 3 [pid 5897] <... munmap resumed>) = 0 [pid 5049] getdents64(4, [pid 5900] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5900] <... mmap resumed>) = 0x7f3b887a1000 [pid 5897] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5898] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5049] rmdir("./140/file0" [pid 5897] <... openat resumed>) = 4 [pid 5898] <... openat resumed>) = 4 [pid 5898] ioctl(4, LOOP_SET_FD, 3 [pid 5897] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... rmdir resumed>) = 0 [pid 5898] <... ioctl resumed>) = 0 [pid 5900] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5899] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5898] close(3 [pid 5897] <... ioctl resumed>) = 0 [pid 5049] getdents64(3, [pid 5898] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./140" [pid 5901] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5898] mkdir("./file0", 0777 [pid 5897] close(3 [pid 5049] <... rmdir resumed>) = 0 [pid 5897] <... close resumed>) = 0 [pid 5049] mkdir("./141", 0777 [pid 5897] mkdir("./file0", 0777) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5898] <... mkdir resumed>) = 0 [pid 5897] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5049] <... openat resumed>) = 3 [ 139.661054][ T5898] loop1: detected capacity change from 0 to 4096 [ 139.673654][ T5897] loop0: detected capacity change from 0 to 4096 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5898] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5902 attached , child_tidptr=0x555556629650) = 5902 [pid 5902] set_robust_list(0x555556629660, 24) = 0 [pid 5900] <... write resumed>) = 2097152 [pid 5902] chdir("./141" [pid 5901] <... write resumed>) = 2097152 [pid 5902] <... chdir resumed>) = 0 [pid 5902] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5902] setpgid(0, 0 [pid 5901] munmap(0x7f3b887a1000, 138412032 [pid 5902] <... setpgid resumed>) = 0 [ 139.706167][ T5897] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 139.716984][ T5898] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5902] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5900] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5902] write(3, "1000", 4) = 4 [pid 5901] <... munmap resumed>) = 0 [pid 5902] close(3) = 0 [pid 5902] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5901] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5902] memfd_create("syzkaller", 0 [pid 5901] <... openat resumed>) = 4 [pid 5901] ioctl(4, LOOP_SET_FD, 3 [pid 5900] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5899] <... write resumed>) = 2097152 [pid 5898] <... mount resumed>) = 0 [pid 5897] <... mount resumed>) = 0 [pid 5899] munmap(0x7f3b887a1000, 138412032 [pid 5897] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5901] <... ioctl resumed>) = 0 [pid 5902] <... memfd_create resumed>) = 3 [pid 5900] <... openat resumed>) = 4 [pid 5899] <... munmap resumed>) = 0 [pid 5898] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5897] <... openat resumed>) = 3 [pid 5902] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5901] close(3 [pid 5900] ioctl(4, LOOP_SET_FD, 3 [pid 5899] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5901] <... close resumed>) = 0 [pid 5899] <... openat resumed>) = 4 [pid 5898] <... openat resumed>) = 3 [pid 5897] chdir("./file0" [pid 5902] <... mmap resumed>) = 0x7f3b887a1000 [pid 5899] ioctl(4, LOOP_SET_FD, 3 [pid 5901] mkdir("./file0", 0777 [pid 5898] chdir("./file0" [pid 5897] <... chdir resumed>) = 0 [pid 5898] <... chdir resumed>) = 0 [pid 5897] ioctl(4, LOOP_CLR_FD [pid 5899] <... ioctl resumed>) = 0 [pid 5901] <... mkdir resumed>) = 0 [pid 5900] <... ioctl resumed>) = 0 [pid 5898] ioctl(4, LOOP_CLR_FD [pid 5897] <... ioctl resumed>) = 0 [pid 5901] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5898] <... ioctl resumed>) = 0 [pid 5897] close(4 [pid 5898] close(4) = 0 [ 139.779444][ T5901] loop3: detected capacity change from 0 to 4096 [ 139.800382][ T5900] loop5: detected capacity change from 0 to 4096 [ 139.800941][ T5899] loop4: detected capacity change from 0 to 4096 [pid 5902] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5900] close(3 [pid 5899] close(3 [pid 5898] exit_group(0 [pid 5897] <... close resumed>) = 0 [pid 5900] <... close resumed>) = 0 [pid 5900] mkdir("./file0", 0777 [pid 5899] <... close resumed>) = 0 [pid 5897] exit_group(0 [pid 5900] <... mkdir resumed>) = 0 [pid 5899] mkdir("./file0", 0777 [pid 5898] <... exit_group resumed>) = ? [pid 5897] <... exit_group resumed>) = ? [pid 5899] <... mkdir resumed>) = 0 [pid 5898] +++ exited with 0 +++ [pid 5897] +++ exited with 0 +++ [pid 5900] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5899] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5898, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5897, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5048] umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./141/binderfs") = 0 [pid 5047] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [ 139.829784][ T5901] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 139.854020][ T5899] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 139.871390][ T5900] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5048] umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./138/binderfs") = 0 [pid 5048] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5901] <... mount resumed>) = 0 [pid 5901] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5901] chdir("./file0") = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5901] ioctl(4, LOOP_CLR_FD [pid 5048] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5901] <... ioctl resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5901] close(4 [pid 5048] newfstatat(AT_FDCWD, "./138/file0", [pid 5901] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5901] exit_group(0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5901] <... exit_group resumed>) = ? [pid 5048] openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5902] <... write resumed>) = 2097152 [pid 5901] +++ exited with 0 +++ [pid 5047] <... umount2 resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5901, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5048] newfstatat(4, "", [pid 5050] umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5902] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(4, [pid 5050] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... openat resumed>) = 3 [pid 5048] getdents64(4, [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] close(4 [pid 5902] <... munmap resumed>) = 0 [pid 5050] umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./138/file0" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./138/binderfs") = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5050] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5902] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./138" [pid 5902] <... openat resumed>) = 4 [pid 5902] ioctl(4, LOOP_SET_FD, 3 [pid 5047] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... rmdir resumed>) = 0 [pid 5899] <... mount resumed>) = 0 [pid 5048] mkdir("./139", 0777 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5899] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./141/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5899] chdir("./file0" [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5899] <... chdir resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./141/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./141" [pid 5899] ioctl(4, LOOP_CLR_FD [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5899] <... ioctl resumed>) = 0 [pid 5899] close(4 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5899] <... close resumed>) = 0 [pid 5899] exit_group(0 [pid 5048] close(3 [pid 5047] <... rmdir resumed>) = 0 [pid 5899] <... exit_group resumed>) = ? [pid 5047] mkdir("./142", 0777) = 0 [pid 5899] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5899, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5048] <... close resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5902] <... ioctl resumed>) = 0 [pid 5051] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5902] close(3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] close(3 [pid 5902] <... close resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... close resumed>) = 0 [pid 5902] mkdir("./file0", 0777 [pid 5051] <... openat resumed>) = 3 [pid 5902] <... mkdir resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./137/binderfs", [pid 5902] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5903 attached ./strace-static-x86_64: Process 5904 attached [pid 5051] unlink("./137/binderfs" [pid 5050] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5903 [pid 5903] set_robust_list(0x555556629660, 24 [pid 5900] <... mount resumed>) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5903] <... set_robust_list resumed>) = 0 [ 139.952942][ T5902] loop2: detected capacity change from 0 to 4096 [pid 5050] newfstatat(AT_FDCWD, "./138/file0", [pid 5903] chdir("./139" [pid 5900] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5904] set_robust_list(0x555556629660, 24 [pid 5900] <... openat resumed>) = 3 [pid 5900] chdir("./file0" [pid 5051] <... umount2 resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5904 [pid 5904] <... set_robust_list resumed>) = 0 [pid 5900] <... chdir resumed>) = 0 [pid 5904] chdir("./142" [pid 5900] ioctl(4, LOOP_CLR_FD [pid 5904] <... chdir resumed>) = 0 [pid 5900] <... ioctl resumed>) = 0 [pid 5904] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5900] close(4 [pid 5051] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5904] <... prctl resumed>) = 0 [pid 5900] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5903] <... chdir resumed>) = 0 [pid 5050] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5904] setpgid(0, 0 [pid 5903] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5900] exit_group(0 [pid 5051] newfstatat(AT_FDCWD, "./137/file0", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5904] <... setpgid resumed>) = 0 [pid 5900] <... exit_group resumed>) = ? [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5904] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5900] +++ exited with 0 +++ [pid 5051] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 4 [pid 5903] <... prctl resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(4, "", [pid 5904] <... openat resumed>) = 3 [pid 5903] setpgid(0, 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5900, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5051] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5904] write(3, "1000", 4 [pid 5903] <... setpgid resumed>) = 0 [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5051] <... openat resumed>) = 4 [pid 5050] getdents64(4, [pid 5904] <... write resumed>) = 4 [pid 5903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... restart_syscall resumed>) = 0 [pid 5904] close(3 [pid 5051] newfstatat(4, "", [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5904] <... close resumed>) = 0 [pid 5903] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, [pid 5904] symlink("/dev/binderfs", "./binderfs" [pid 5052] umount2("./136", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(4, [pid 5904] <... symlink resumed>) = 0 [pid 5903] write(3, "1000", 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5904] memfd_create("syzkaller", 0 [pid 5903] <... write resumed>) = 4 [pid 5052] openat(AT_FDCWD, "./136", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] getdents64(4, [pid 5050] close(4 [pid 5904] <... memfd_create resumed>) = 3 [pid 5903] close(3 [pid 5052] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./138/file0" [pid 5903] <... close resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5051] close(4 [pid 5903] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5903] <... symlink resumed>) = 0 [pid 5052] getdents64(3, [pid 5051] rmdir("./137/file0" [pid 5050] getdents64(3, [pid 5904] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5904] <... mmap resumed>) = 0x7f3b887a1000 [pid 5903] memfd_create("syzkaller", 0 [pid 5052] umount2("./136/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(3, [pid 5050] close(3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] close(3 [pid 5050] <... close resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./136/binderfs", [pid 5051] rmdir("./137" [ 139.993671][ T5902] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5050] rmdir("./138" [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5051] mkdir("./138", 0777) = 0 [pid 5052] unlink("./136/binderfs" [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] <... unlink resumed>) = 0 [pid 5052] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5903] <... memfd_create resumed>) = 3 [pid 5050] mkdir("./139", 0777) = 0 [pid 5903] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5052] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] newfstatat(AT_FDCWD, "./136/file0", [pid 5051] close(3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... close resumed>) = 0 ./strace-static-x86_64: Process 5905 attached [pid 5052] umount2("./136/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5905] set_robust_list(0x555556629660, 24 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5905] <... set_robust_list resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./136/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5906 attached [pid 5905] chdir("./139" [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5905 [pid 5906] set_robust_list(0x555556629660, 24 [pid 5905] <... chdir resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5906] <... set_robust_list resumed>) = 0 [pid 5905] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] newfstatat(4, "", [pid 5906] chdir("./138" [pid 5905] <... prctl resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5905] setpgid(0, 0 [pid 5906] <... chdir resumed>) = 0 [pid 5905] <... setpgid resumed>) = 0 [pid 5052] getdents64(4, [pid 5906] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5906 [pid 5906] <... prctl resumed>) = 0 [pid 5906] setpgid(0, 0 [pid 5905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5905] <... openat resumed>) = 3 [pid 5052] getdents64(4, [pid 5906] <... setpgid resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5906] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5905] write(3, "1000", 4 [pid 5052] close(4 [pid 5906] <... openat resumed>) = 3 [pid 5905] <... write resumed>) = 4 [pid 5052] <... close resumed>) = 0 [pid 5905] close(3 [pid 5052] rmdir("./136/file0" [pid 5905] <... close resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5906] write(3, "1000", 4 [pid 5905] symlink("/dev/binderfs", "./binderfs" [pid 5906] <... write resumed>) = 4 [pid 5905] <... symlink resumed>) = 0 [pid 5052] getdents64(3, [pid 5906] close(3 [pid 5905] memfd_create("syzkaller", 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3 [pid 5906] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5906] symlink("/dev/binderfs", "./binderfs" [pid 5902] <... mount resumed>) = 0 [pid 5052] rmdir("./136" [pid 5906] <... symlink resumed>) = 0 [pid 5905] <... memfd_create resumed>) = 3 [pid 5902] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... rmdir resumed>) = 0 [pid 5905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5902] <... openat resumed>) = 3 [pid 5052] mkdir("./137", 0777 [pid 5905] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... mkdir resumed>) = 0 [pid 5906] memfd_create("syzkaller", 0 [pid 5902] chdir("./file0") = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5902] ioctl(4, LOOP_CLR_FD [pid 5052] <... openat resumed>) = 3 [pid 5902] <... ioctl resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5902] close(4 [pid 5052] <... ioctl resumed>) = 0 [pid 5902] <... close resumed>) = 0 [pid 5052] close(3 [pid 5902] exit_group(0 [pid 5052] <... close resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5907 attached [pid 5906] <... memfd_create resumed>) = 3 [pid 5902] <... exit_group resumed>) = ? [pid 5906] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5902] +++ exited with 0 +++ [pid 5907] set_robust_list(0x555556629660, 24 [pid 5906] <... mmap resumed>) = 0x7f3b887a1000 [pid 5907] <... set_robust_list resumed>) = 0 [pid 5907] chdir("./137" [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5907 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5902, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5907] <... chdir resumed>) = 0 [pid 5049] umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", [pid 5907] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5907] <... prctl resumed>) = 0 [pid 5903] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5907] setpgid(0, 0 [pid 5049] umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./141/binderfs", [pid 5907] <... setpgid resumed>) = 0 [pid 5904] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./141/binderfs") = 0 [pid 5049] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5907] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5907] write(3, "1000", 4) = 4 [pid 5907] close(3) = 0 [pid 5907] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5907] memfd_create("syzkaller", 0 [pid 5905] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5904] <... write resumed>) = 2097152 [pid 5903] <... write resumed>) = 2097152 [pid 5907] <... memfd_create resumed>) = 3 [pid 5906] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5904] munmap(0x7f3b887a1000, 138412032 [pid 5903] munmap(0x7f3b887a1000, 138412032 [pid 5907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5904] <... munmap resumed>) = 0 [pid 5907] <... mmap resumed>) = 0x7f3b887a1000 [pid 5904] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5903] <... munmap resumed>) = 0 [pid 5904] <... openat resumed>) = 4 [pid 5903] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5049] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5904] ioctl(4, LOOP_SET_FD, 3 [pid 5903] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./141/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5903] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./141/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./141") = 0 [pid 5049] mkdir("./142", 0777) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5905] <... write resumed>) = 2097152 [pid 5049] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3 [pid 5904] <... ioctl resumed>) = 0 [pid 5903] <... ioctl resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5908 attached [pid 5908] set_robust_list(0x555556629660, 24) = 0 [pid 5908] chdir("./142" [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5908 [pid 5908] <... chdir resumed>) = 0 [pid 5908] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5908] setpgid(0, 0 [pid 5907] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5905] munmap(0x7f3b887a1000, 138412032 [pid 5904] close(3 [pid 5903] close(3 [pid 5904] <... close resumed>) = 0 [pid 5903] <... close resumed>) = 0 [pid 5908] <... setpgid resumed>) = 0 [pid 5904] mkdir("./file0", 0777 [pid 5903] mkdir("./file0", 0777 [pid 5908] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5908] write(3, "1000", 4 [pid 5903] <... mkdir resumed>) = 0 [pid 5908] <... write resumed>) = 4 [pid 5906] <... write resumed>) = 2097152 [pid 5904] <... mkdir resumed>) = 0 [pid 5903] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5908] close(3) = 0 [ 140.300805][ T5904] loop0: detected capacity change from 0 to 4096 [ 140.313426][ T5903] loop1: detected capacity change from 0 to 4096 [pid 5908] symlink("/dev/binderfs", "./binderfs" [pid 5904] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5908] <... symlink resumed>) = 0 [pid 5908] memfd_create("syzkaller", 0 [pid 5906] munmap(0x7f3b887a1000, 138412032 [pid 5908] <... memfd_create resumed>) = 3 [pid 5906] <... munmap resumed>) = 0 [pid 5905] <... munmap resumed>) = 0 [pid 5908] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5906] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5906] ioctl(4, LOOP_SET_FD, 3 [pid 5905] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5906] <... ioctl resumed>) = 0 [pid 5905] <... openat resumed>) = 4 [pid 5905] ioctl(4, LOOP_SET_FD, 3 [pid 5907] <... write resumed>) = 2097152 [pid 5906] close(3 [pid 5905] <... ioctl resumed>) = 0 [pid 5907] munmap(0x7f3b887a1000, 138412032 [pid 5905] close(3 [pid 5906] <... close resumed>) = 0 [pid 5905] <... close resumed>) = 0 [pid 5905] mkdir("./file0", 0777 [pid 5906] mkdir("./file0", 0777) = 0 [pid 5905] <... mkdir resumed>) = 0 [ 140.359673][ T5903] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 140.371416][ T5904] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 140.384215][ T5906] loop4: detected capacity change from 0 to 4096 [ 140.393963][ T5905] loop3: detected capacity change from 0 to 4096 [pid 5905] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5906] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5907] <... munmap resumed>) = 0 [pid 5907] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5907] ioctl(4, LOOP_SET_FD, 3 [pid 5904] <... mount resumed>) = 0 [pid 5907] <... ioctl resumed>) = 0 [pid 5908] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5907] close(3 [pid 5904] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5907] <... close resumed>) = 0 [pid 5905] <... mount resumed>) = 0 [pid 5904] <... openat resumed>) = 3 [pid 5907] mkdir("./file0", 0777) = 0 [pid 5904] chdir("./file0" [pid 5905] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5904] <... chdir resumed>) = 0 [pid 5905] <... openat resumed>) = 3 [pid 5904] ioctl(4, LOOP_CLR_FD [pid 5907] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5905] chdir("./file0" [pid 5904] <... ioctl resumed>) = 0 [ 140.407982][ T5905] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 140.409418][ T5906] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 140.436176][ T5907] loop5: detected capacity change from 0 to 4096 [pid 5905] <... chdir resumed>) = 0 [pid 5904] close(4 [pid 5905] ioctl(4, LOOP_CLR_FD [pid 5904] <... close resumed>) = 0 [pid 5905] <... ioctl resumed>) = 0 [pid 5904] exit_group(0 [pid 5905] close(4) = 0 [pid 5905] exit_group(0 [pid 5903] <... mount resumed>) = 0 [pid 5905] <... exit_group resumed>) = ? [pid 5903] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5905] +++ exited with 0 +++ [pid 5904] <... exit_group resumed>) = ? [pid 5903] <... openat resumed>) = 3 [pid 5904] +++ exited with 0 +++ [pid 5903] chdir("./file0" [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5905, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5903] <... chdir resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5904, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5903] ioctl(4, LOOP_CLR_FD [pid 5050] umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... restart_syscall resumed>) = 0 [pid 5903] <... ioctl resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5903] close(4 [pid 5050] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5903] <... close resumed>) = 0 [pid 5047] umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5903] exit_group(0 [pid 5050] newfstatat(3, "", [pid 5047] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5903] <... exit_group resumed>) = ? [pid 5050] getdents64(3, [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./142/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./142/binderfs") = 0 [pid 5050] umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5906] <... mount resumed>) = 0 [pid 5903] +++ exited with 0 +++ [pid 5050] newfstatat(AT_FDCWD, "./139/binderfs", [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5903, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5906] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5906] chdir("./file0") = 0 [pid 5906] ioctl(4, LOOP_CLR_FD) = 0 [pid 5906] close(4) = 0 [pid 5906] exit_group(0) = ? [pid 5908] <... write resumed>) = 2097152 [pid 5906] +++ exited with 0 +++ [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5906, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5051] umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./138/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./138/binderfs") = 0 [pid 5051] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... restart_syscall resumed>) = 0 [pid 5050] unlink("./139/binderfs" [pid 5908] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... unlink resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5048] umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 140.469611][ T5907] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5048] newfstatat(3, "", [pid 5047] newfstatat(AT_FDCWD, "./142/file0", [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] getdents64(3, [pid 5047] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(AT_FDCWD, "./139/binderfs", [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] unlink("./139/binderfs" [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5047] close(4 [pid 5051] <... umount2 resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5048] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] rmdir("./142/file0" [pid 5051] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5908] <... munmap resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./138/file0", [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] close(3 [pid 5051] newfstatat(4, "", [pid 5047] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] rmdir("./142" [pid 5051] getdents64(4, [pid 5050] <... umount2 resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5908] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] mkdir("./143", 0777 [pid 5051] getdents64(4, [pid 5048] <... umount2 resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./138/file0") = 0 [pid 5048] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... mkdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... openat resumed>) = 3 [pid 5048] newfstatat(AT_FDCWD, "./139/file0", [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./138" [pid 5050] newfstatat(AT_FDCWD, "./139/file0", [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5908] <... openat resumed>) = 4 [pid 5050] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5908] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(3 [pid 5051] mkdir("./139", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5909 attached , child_tidptr=0x555556629650) = 5909 [pid 5048] openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... close resumed>) = 0 [pid 5909] set_robust_list(0x555556629660, 24 [pid 5050] openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 4 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5909] <... set_robust_list resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", ./strace-static-x86_64: Process 5910 attached [pid 5909] chdir("./139" [pid 5050] newfstatat(4, "", [pid 5910] set_robust_list(0x555556629660, 24 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5910 [pid 5910] <... set_robust_list resumed>) = 0 [pid 5050] getdents64(4, [pid 5048] getdents64(4, [pid 5910] chdir("./143" [pid 5909] <... chdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5910] <... chdir resumed>) = 0 [pid 5050] getdents64(4, [pid 5048] getdents64(4, [pid 5908] <... ioctl resumed>) = 0 [pid 5910] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5908] close(3 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5910] <... prctl resumed>) = 0 [pid 5909] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] close(4 [pid 5908] <... close resumed>) = 0 [pid 5048] close(4 [pid 5910] setpgid(0, 0 [pid 5909] <... prctl resumed>) = 0 [pid 5908] mkdir("./file0", 0777 [pid 5907] <... mount resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5910] <... setpgid resumed>) = 0 [pid 5909] setpgid(0, 0 [pid 5048] <... close resumed>) = 0 [pid 5910] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5909] <... setpgid resumed>) = 0 [pid 5907] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] rmdir("./139/file0" [pid 5910] <... openat resumed>) = 3 [pid 5909] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5908] <... mkdir resumed>) = 0 [pid 5907] <... openat resumed>) = 3 [pid 5048] rmdir("./139/file0" [pid 5050] <... rmdir resumed>) = 0 [pid 5910] write(3, "1000", 4 [pid 5909] <... openat resumed>) = 3 [pid 5910] <... write resumed>) = 4 [pid 5909] write(3, "1000", 4 [pid 5908] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5907] chdir("./file0" [pid 5050] getdents64(3, [pid 5048] <... rmdir resumed>) = 0 [pid 5910] close(3 [pid 5909] <... write resumed>) = 4 [pid 5910] <... close resumed>) = 0 [pid 5909] close(3 [pid 5907] <... chdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] getdents64(3, [pid 5909] <... close resumed>) = 0 [pid 5907] ioctl(4, LOOP_CLR_FD [pid 5909] symlink("/dev/binderfs", "./binderfs" [pid 5907] <... ioctl resumed>) = 0 [pid 5909] <... symlink resumed>) = 0 [pid 5907] close(4) = 0 [pid 5907] exit_group(0 [pid 5909] memfd_create("syzkaller", 0 [pid 5910] symlink("/dev/binderfs", "./binderfs" [pid 5907] <... exit_group resumed>) = ? [pid 5050] close(3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5910] <... symlink resumed>) = 0 [pid 5907] +++ exited with 0 +++ [pid 5050] <... close resumed>) = 0 [pid 5048] close(3 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5907, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5910] memfd_create("syzkaller", 0 [pid 5050] rmdir("./139" [pid 5048] <... close resumed>) = 0 [pid 5909] <... memfd_create resumed>) = 3 [pid 5048] rmdir("./139" [pid 5909] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5909] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] umount2("./137", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] mkdir("./140", 0777 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] mkdir("./140", 0777 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... mkdir resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./137", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 3 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5910] <... memfd_create resumed>) = 3 [ 140.581981][ T5908] loop2: detected capacity change from 0 to 4096 [ 140.610907][ T5908] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] newfstatat(3, "", [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5910] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] getdents64(3, [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] close(3 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] umount2("./137/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] close(3 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./137/binderfs", [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5912 attached ./strace-static-x86_64: Process 5911 attached [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5911 [pid 5052] unlink("./137/binderfs" [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5912 [pid 5052] <... unlink resumed>) = 0 [pid 5052] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5911] set_robust_list(0x555556629660, 24 [pid 5912] set_robust_list(0x555556629660, 24 [pid 5052] <... umount2 resumed>) = 0 [pid 5911] <... set_robust_list resumed>) = 0 [pid 5912] <... set_robust_list resumed>) = 0 [pid 5052] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5912] chdir("./140" [pid 5911] chdir("./140" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5912] <... chdir resumed>) = 0 [pid 5911] <... chdir resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./137/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5912] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5911] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5912] <... prctl resumed>) = 0 [pid 5911] <... prctl resumed>) = 0 [pid 5052] umount2("./137/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5912] setpgid(0, 0) = 0 [pid 5911] setpgid(0, 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5911] <... setpgid resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./137/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5911] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... openat resumed>) = 4 [pid 5912] <... openat resumed>) = 3 [pid 5911] <... openat resumed>) = 3 [pid 5052] newfstatat(4, "", [pid 5912] write(3, "1000", 4 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5912] <... write resumed>) = 4 [pid 5912] close(3) = 0 [pid 5052] getdents64(4, [pid 5912] symlink("/dev/binderfs", "./binderfs" [pid 5911] write(3, "1000", 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5912] <... symlink resumed>) = 0 [pid 5911] <... write resumed>) = 4 [pid 5908] <... mount resumed>) = 0 [pid 5052] close(4 [pid 5908] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5912] memfd_create("syzkaller", 0 [pid 5911] close(3 [pid 5908] <... openat resumed>) = 3 [pid 5052] <... close resumed>) = 0 [pid 5909] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5908] chdir("./file0" [pid 5911] <... close resumed>) = 0 [pid 5052] rmdir("./137/file0" [pid 5911] symlink("/dev/binderfs", "./binderfs" [pid 5908] <... chdir resumed>) = 0 [pid 5911] <... symlink resumed>) = 0 [pid 5912] <... memfd_create resumed>) = 3 [pid 5911] memfd_create("syzkaller", 0 [pid 5910] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5908] ioctl(4, LOOP_CLR_FD [pid 5052] <... rmdir resumed>) = 0 [pid 5912] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5908] <... ioctl resumed>) = 0 [pid 5911] <... memfd_create resumed>) = 3 [pid 5908] close(4 [pid 5052] getdents64(3, [pid 5908] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5908] exit_group(0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./137" [pid 5911] <... mmap resumed>) = 0x7f3b887a1000 [pid 5908] <... exit_group resumed>) = ? [pid 5052] <... rmdir resumed>) = 0 [pid 5908] +++ exited with 0 +++ [pid 5052] mkdir("./138", 0777) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5908, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5049] umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./142/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] unlink("./142/binderfs") = 0 [pid 5049] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5913 ./strace-static-x86_64: Process 5913 attached [pid 5913] set_robust_list(0x555556629660, 24 [pid 5909] <... write resumed>) = 2097152 [pid 5913] <... set_robust_list resumed>) = 0 [pid 5909] munmap(0x7f3b887a1000, 138412032 [pid 5913] chdir("./138" [pid 5910] <... write resumed>) = 2097152 [pid 5909] <... munmap resumed>) = 0 [pid 5913] <... chdir resumed>) = 0 [pid 5913] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5913] setpgid(0, 0 [pid 5910] munmap(0x7f3b887a1000, 138412032 [pid 5913] <... setpgid resumed>) = 0 [pid 5910] <... munmap resumed>) = 0 [pid 5913] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5912] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5911] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5910] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5909] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5913] <... openat resumed>) = 3 [pid 5910] <... openat resumed>) = 4 [pid 5909] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = 0 [pid 5049] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5913] write(3, "1000", 4 [pid 5049] newfstatat(AT_FDCWD, "./142/file0", [pid 5913] <... write resumed>) = 4 [pid 5913] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5913] <... close resumed>) = 0 [pid 5909] ioctl(4, LOOP_SET_FD, 3 [pid 5049] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5913] symlink("/dev/binderfs", "./binderfs" [pid 5910] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5913] <... symlink resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5909] <... ioctl resumed>) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5913] memfd_create("syzkaller", 0 [pid 5909] close(3 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5909] <... close resumed>) = 0 [pid 5049] close(4 [pid 5913] <... memfd_create resumed>) = 3 [pid 5913] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5909] mkdir("./file0", 0777 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./142/file0" [pid 5910] <... ioctl resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5910] close(3) = 0 [pid 5910] mkdir("./file0", 0777) = 0 [pid 5909] <... mkdir resumed>) = 0 [pid 5913] <... mmap resumed>) = 0x7f3b887a1000 [pid 5909] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5049] getdents64(3, [ 140.874914][ T5910] loop0: detected capacity change from 0 to 4096 [ 140.882287][ T5909] loop4: detected capacity change from 0 to 4096 [pid 5910] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3 [pid 5911] <... write resumed>) = 2097152 [pid 5049] <... close resumed>) = 0 [pid 5911] munmap(0x7f3b887a1000, 138412032 [pid 5049] rmdir("./142" [pid 5912] <... write resumed>) = 2097152 [pid 5049] <... rmdir resumed>) = 0 [pid 5049] mkdir("./143", 0777 [pid 5912] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5912] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5912] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5911] <... munmap resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5911] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5913] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5912] <... ioctl resumed>) = 0 [pid 5911] <... openat resumed>) = 4 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5911] ioctl(4, LOOP_SET_FD, 3 [pid 5912] close(3) = 0 [pid 5912] mkdir("./file0", 0777) = 0 [pid 5910] <... mount resumed>) = 0 [ 140.924134][ T5910] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 140.940352][ T5909] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 140.946272][ T5912] loop1: detected capacity change from 0 to 4096 [pid 5910] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5909] <... mount resumed>) = 0 [pid 5910] <... openat resumed>) = 3 [pid 5910] chdir("./file0" [pid 5909] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5910] <... chdir resumed>) = 0 [pid 5910] ioctl(4, LOOP_CLR_FD [pid 5913] <... write resumed>) = 2097152 [pid 5912] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5911] <... ioctl resumed>) = 0 [pid 5909] <... openat resumed>) = 3 [pid 5049] close(3 [pid 5913] munmap(0x7f3b887a1000, 138412032 [pid 5910] <... ioctl resumed>) = 0 [pid 5911] close(3 [pid 5909] chdir("./file0" [pid 5049] <... close resumed>) = 0 [pid 5913] <... munmap resumed>) = 0 [pid 5911] <... close resumed>) = 0 [pid 5910] close(4 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5910] <... close resumed>) = 0 [pid 5911] mkdir("./file0", 0777 [pid 5910] exit_group(0 [pid 5909] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5914 attached [pid 5911] <... mkdir resumed>) = 0 [pid 5910] <... exit_group resumed>) = ? [pid 5909] ioctl(4, LOOP_CLR_FD [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5914 [pid 5909] <... ioctl resumed>) = 0 [pid 5909] close(4) = 0 [pid 5909] exit_group(0) = ? [pid 5911] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5910] +++ exited with 0 +++ [pid 5909] +++ exited with 0 +++ [pid 5914] set_robust_list(0x555556629660, 24) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5909, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5910, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5047] umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./143/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./143/binderfs") = 0 [ 140.976620][ T5911] loop3: detected capacity change from 0 to 4096 [ 140.998428][ T5912] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5047] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5913] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5914] chdir("./143" [pid 5051] umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5914] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5914] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5914] <... prctl resumed>) = 0 [pid 5914] setpgid(0, 0 [pid 5051] <... openat resumed>) = 3 [pid 5914] <... setpgid resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5914] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5913] <... openat resumed>) = 4 [pid 5911] <... mount resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5914] <... openat resumed>) = 3 [ 141.018626][ T5911] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5911] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] getdents64(3, [pid 5914] write(3, "1000", 4 [pid 5913] ioctl(4, LOOP_SET_FD, 3 [pid 5911] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5914] <... write resumed>) = 4 [pid 5911] chdir("./file0" [pid 5051] umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = 0 [pid 5914] close(3 [pid 5911] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5914] <... close resumed>) = 0 [pid 5911] ioctl(4, LOOP_CLR_FD [pid 5051] newfstatat(AT_FDCWD, "./139/binderfs", [pid 5914] symlink("/dev/binderfs", "./binderfs" [pid 5911] <... ioctl resumed>) = 0 [pid 5047] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5911] close(4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5911] <... close resumed>) = 0 [pid 5051] unlink("./139/binderfs" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... unlink resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./143/file0", [pid 5911] exit_group(0 [pid 5914] <... symlink resumed>) = 0 [pid 5051] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5911] <... exit_group resumed>) = ? [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5913] <... ioctl resumed>) = 0 [pid 5914] memfd_create("syzkaller", 0 [pid 5911] +++ exited with 0 +++ [pid 5047] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5914] <... memfd_create resumed>) = 3 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5911, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5914] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5914] <... mmap resumed>) = 0x7f3b887a1000 [pid 5913] close(3) = 0 [pid 5912] <... mount resumed>) = 0 [pid 5050] umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 4 [pid 5913] mkdir("./file0", 0777 [pid 5912] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5913] <... mkdir resumed>) = 0 [pid 5912] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] newfstatat(4, "", [pid 5913] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5912] chdir("./file0" [pid 5051] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(3, "", [ 141.048826][ T5913] loop5: detected capacity change from 0 to 4096 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5912] <... chdir resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./139/file0", [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5912] ioctl(4, LOOP_CLR_FD [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./140/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5912] <... ioctl resumed>) = 0 [pid 5050] unlink("./140/binderfs" [pid 5912] close(4 [pid 5050] <... unlink resumed>) = 0 [pid 5912] <... close resumed>) = 0 [pid 5050] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5912] exit_group(0) = ? [pid 5912] +++ exited with 0 +++ [pid 5051] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] getdents64(4, [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] close(4 [pid 5051] <... openat resumed>) = 4 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5912, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5047] <... close resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5047] rmdir("./143/file0") = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5051] getdents64(4, [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... close resumed>) = 0 [pid 5051] close(4 [pid 5047] rmdir("./143" [pid 5051] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] rmdir("./139/file0" [pid 5048] newfstatat(3, "", [pid 5047] <... rmdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5047] mkdir("./144", 0777 [pid 5051] getdents64(3, [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] <... mkdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] newfstatat(AT_FDCWD, "./140/binderfs", [pid 5051] close(3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] <... close resumed>) = 0 [pid 5048] unlink("./140/binderfs" [pid 5047] <... openat resumed>) = 3 [pid 5051] rmdir("./139" [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] <... rmdir resumed>) = 0 [pid 5048] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(3 [pid 5051] mkdir("./140", 0777 [pid 5047] <... close resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5915 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... umount2 resumed>) = 0 [pid 5050] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./140/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] <... openat resumed>) = 3 [pid 5050] openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5915 attached [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] <... openat resumed>) = 4 [pid 5915] set_robust_list(0x555556629660, 24 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] newfstatat(4, "", [pid 5915] <... set_robust_list resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] close(3 [pid 5915] chdir("./144" [pid 5050] getdents64(4, [pid 5915] <... chdir resumed>) = 0 [ 141.092566][ T5913] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5915] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... close resumed>) = 0 [pid 5050] getdents64(4, [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./140/file0"./strace-static-x86_64: Process 5916 attached [pid 5915] <... prctl resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5915] setpgid(0, 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5916 [pid 5916] set_robust_list(0x555556629660, 24 [pid 5915] <... setpgid resumed>) = 0 [pid 5916] <... set_robust_list resumed>) = 0 [pid 5916] chdir("./140" [pid 5915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5915] <... openat resumed>) = 3 [pid 5050] rmdir("./140" [pid 5916] <... chdir resumed>) = 0 [pid 5915] write(3, "1000", 4 [pid 5914] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... rmdir resumed>) = 0 [pid 5916] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5915] <... write resumed>) = 4 [pid 5050] mkdir("./141", 0777 [pid 5915] close(3 [pid 5050] <... mkdir resumed>) = 0 [pid 5916] setpgid(0, 0 [pid 5915] <... close resumed>) = 0 [pid 5916] <... setpgid resumed>) = 0 [pid 5915] symlink("/dev/binderfs", "./binderfs" [pid 5916] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5915] <... symlink resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5915] memfd_create("syzkaller", 0 [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5916] <... openat resumed>) = 3 [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5917 attached [pid 5915] <... memfd_create resumed>) = 3 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5917 [pid 5917] set_robust_list(0x555556629660, 24 [pid 5915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5917] <... set_robust_list resumed>) = 0 [pid 5915] <... mmap resumed>) = 0x7f3b887a1000 [pid 5917] chdir("./141" [pid 5916] write(3, "1000", 4 [pid 5917] <... chdir resumed>) = 0 [pid 5048] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5917] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5917] setpgid(0, 0) = 0 [pid 5048] newfstatat(AT_FDCWD, "./140/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5917] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5917] <... openat resumed>) = 3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5917] write(3, "1000", 4 [pid 5048] openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5917] <... write resumed>) = 4 [pid 5916] <... write resumed>) = 4 [pid 5048] <... openat resumed>) = 4 [pid 5917] close(3) = 0 [pid 5916] close(3) = 0 [pid 5917] symlink("/dev/binderfs", "./binderfs" [pid 5916] symlink("/dev/binderfs", "./binderfs" [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5916] <... symlink resumed>) = 0 [pid 5913] <... mount resumed>) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5917] <... symlink resumed>) = 0 [pid 5048] close(4 [pid 5916] memfd_create("syzkaller", 0 [pid 5048] <... close resumed>) = 0 [pid 5917] memfd_create("syzkaller", 0 [pid 5048] rmdir("./140/file0" [pid 5916] <... memfd_create resumed>) = 3 [pid 5913] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... rmdir resumed>) = 0 [pid 5913] <... openat resumed>) = 3 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5913] chdir("./file0" [pid 5916] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] close(3 [pid 5916] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... close resumed>) = 0 [pid 5917] <... memfd_create resumed>) = 3 [pid 5913] <... chdir resumed>) = 0 [pid 5048] rmdir("./140" [pid 5913] ioctl(4, LOOP_CLR_FD [pid 5048] <... rmdir resumed>) = 0 [pid 5913] <... ioctl resumed>) = 0 [pid 5917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5913] close(4 [pid 5048] mkdir("./141", 0777 [pid 5913] <... close resumed>) = 0 [pid 5913] exit_group(0 [pid 5048] <... mkdir resumed>) = 0 [pid 5913] <... exit_group resumed>) = ? [pid 5913] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5913, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5917] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] umount2("./138", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] close(3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... close resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./138", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5918 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5918 attached [pid 5052] umount2("./138/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5918] set_robust_list(0x555556629660, 24 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5918] <... set_robust_list resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./138/binderfs", [pid 5918] chdir("./141" [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./138/binderfs") = 0 [pid 5918] <... chdir resumed>) = 0 [pid 5914] <... write resumed>) = 2097152 [pid 5052] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5918] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5914] munmap(0x7f3b887a1000, 138412032 [pid 5918] setpgid(0, 0) = 0 [pid 5918] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5914] <... munmap resumed>) = 0 [pid 5918] <... openat resumed>) = 3 [pid 5918] write(3, "1000", 4) = 4 [pid 5918] close(3 [pid 5914] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5918] <... close resumed>) = 0 [pid 5914] <... openat resumed>) = 4 [pid 5918] symlink("/dev/binderfs", "./binderfs" [pid 5914] ioctl(4, LOOP_SET_FD, 3 [pid 5918] <... symlink resumed>) = 0 [pid 5918] memfd_create("syzkaller", 0) = 3 [pid 5918] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5915] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5914] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5914] close(3) = 0 [pid 5914] mkdir("./file0", 0777) = 0 [pid 5916] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5917] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 141.298139][ T5914] loop2: detected capacity change from 0 to 4096 [pid 5914] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./138/file0", [pid 5916] <... write resumed>) = 2097152 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./138/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./138/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", [pid 5916] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./138/file0") = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5914] <... mount resumed>) = 0 [pid 5052] close(3 [pid 5914] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... close resumed>) = 0 [pid 5915] <... write resumed>) = 2097152 [pid 5914] <... openat resumed>) = 3 [pid 5052] rmdir("./138" [pid 5916] <... munmap resumed>) = 0 [pid 5914] chdir("./file0" [pid 5916] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5052] <... rmdir resumed>) = 0 [ 141.354072][ T5914] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5916] ioctl(4, LOOP_SET_FD, 3 [pid 5918] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5915] munmap(0x7f3b887a1000, 138412032 [pid 5914] <... chdir resumed>) = 0 [pid 5052] mkdir("./139", 0777 [pid 5917] <... write resumed>) = 2097152 [pid 5916] <... ioctl resumed>) = 0 [pid 5914] ioctl(4, LOOP_CLR_FD [pid 5052] <... mkdir resumed>) = 0 [pid 5917] munmap(0x7f3b887a1000, 138412032 [pid 5916] close(3 [pid 5914] <... ioctl resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5917] <... munmap resumed>) = 0 [pid 5916] <... close resumed>) = 0 [pid 5915] <... munmap resumed>) = 0 [pid 5914] close(4 [pid 5052] <... openat resumed>) = 3 [pid 5915] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5914] <... close resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5914] exit_group(0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5914] <... exit_group resumed>) = ? [pid 5916] mkdir("./file0", 0777) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5919 [pid 5916] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5915] <... openat resumed>) = 4 [pid 5914] +++ exited with 0 +++ [pid 5917] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5915] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5919 attached [pid 5917] <... openat resumed>) = 4 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5914, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5919] set_robust_list(0x555556629660, 24 [pid 5049] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5919] <... set_robust_list resumed>) = 0 [pid 5917] ioctl(4, LOOP_SET_FD, 3 [pid 5919] chdir("./139" [pid 5049] umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5919] <... chdir resumed>) = 0 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5919] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5919] <... prctl resumed>) = 0 [ 141.410789][ T5916] loop4: detected capacity change from 0 to 4096 [ 141.445691][ T5916] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5049] umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5919] setpgid(0, 0) = 0 [pid 5918] <... write resumed>) = 2097152 [pid 5915] <... ioctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5919] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5918] munmap(0x7f3b887a1000, 138412032 [pid 5049] newfstatat(AT_FDCWD, "./143/binderfs", [pid 5918] <... munmap resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./143/binderfs" [pid 5915] close(3) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5917] <... ioctl resumed>) = 0 [pid 5915] mkdir("./file0", 0777 [pid 5917] close(3 [pid 5919] <... openat resumed>) = 3 [pid 5917] <... close resumed>) = 0 [pid 5919] write(3, "1000", 4 [pid 5049] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5919] <... write resumed>) = 4 [pid 5917] mkdir("./file0", 0777 [pid 5915] <... mkdir resumed>) = 0 [pid 5919] close(3) = 0 [pid 5919] symlink("/dev/binderfs", "./binderfs" [pid 5917] <... mkdir resumed>) = 0 [pid 5919] <... symlink resumed>) = 0 [pid 5915] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5049] <... umount2 resumed>) = 0 [pid 5919] memfd_create("syzkaller", 0 [pid 5917] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5919] <... memfd_create resumed>) = 3 [pid 5049] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5919] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] newfstatat(AT_FDCWD, "./143/file0", [ 141.463480][ T5915] loop0: detected capacity change from 0 to 4096 [ 141.471911][ T5917] loop3: detected capacity change from 0 to 4096 [ 141.501201][ T5915] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5918] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5918] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./143/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3 [pid 5916] <... mount resumed>) = 0 [pid 5916] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5916] chdir("./file0") = 0 [pid 5049] <... close resumed>) = 0 [pid 5916] ioctl(4, LOOP_CLR_FD [pid 5049] rmdir("./143" [pid 5916] <... ioctl resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5916] close(4 [pid 5049] mkdir("./144", 0777 [pid 5918] <... ioctl resumed>) = 0 [pid 5917] <... mount resumed>) = 0 [pid 5916] <... close resumed>) = 0 [pid 5915] <... mount resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5918] close(3) = 0 [ 141.511981][ T5917] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 141.515256][ T5918] loop1: detected capacity change from 0 to 4096 [pid 5916] exit_group(0 [pid 5917] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... openat resumed>) = 3 [pid 5917] <... openat resumed>) = 3 [pid 5916] <... exit_group resumed>) = ? [pid 5915] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5918] mkdir("./file0", 0777 [pid 5917] chdir("./file0" [pid 5916] +++ exited with 0 +++ [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5915] <... openat resumed>) = 3 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5916, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] close(3 [pid 5918] <... mkdir resumed>) = 0 [pid 5917] <... chdir resumed>) = 0 [pid 5915] chdir("./file0" [pid 5049] <... close resumed>) = 0 [pid 5918] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5917] ioctl(4, LOOP_CLR_FD [pid 5915] <... chdir resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5920 attached [pid 5917] <... ioctl resumed>) = 0 [pid 5915] ioctl(4, LOOP_CLR_FD [pid 5920] set_robust_list(0x555556629660, 24 [pid 5917] close(4 [pid 5915] <... ioctl resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5920 [pid 5920] <... set_robust_list resumed>) = 0 [pid 5917] <... close resumed>) = 0 [pid 5915] close(4 [pid 5920] chdir("./144") = 0 [pid 5920] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5920] setpgid(0, 0) = 0 [pid 5920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5920] write(3, "1000", 4) = 4 [pid 5920] close(3) = 0 [pid 5920] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5051] umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5920] memfd_create("syzkaller", 0 [pid 5917] exit_group(0 [pid 5915] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5919] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5917] <... exit_group resumed>) = ? [pid 5915] exit_group(0 [pid 5051] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5917] +++ exited with 0 +++ [pid 5915] <... exit_group resumed>) = ? [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 5920] <... memfd_create resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5917, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5051] getdents64(3, [pid 5920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./140/binderfs", [pid 5050] umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5915] +++ exited with 0 +++ [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] unlink("./140/binderfs" [pid 5050] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5915, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5051] <... unlink resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5051] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... umount2 resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./141/binderfs", [pid 5047] <... openat resumed>) = 3 [pid 5051] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] newfstatat(3, "", [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] unlink("./141/binderfs" [pid 5051] newfstatat(AT_FDCWD, "./140/file0", [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5047] getdents64(3, [pid 5051] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... openat resumed>) = 4 [ 141.581562][ T5918] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5051] newfstatat(4, "", [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] newfstatat(AT_FDCWD, "./144/binderfs", [pid 5051] getdents64(4, [pid 5918] <... mount resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5918] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5918] <... openat resumed>) = 3 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./140/file0" [pid 5918] chdir("./file0") = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5918] ioctl(4, LOOP_CLR_FD [pid 5051] getdents64(3, [pid 5918] <... ioctl resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] unlink("./144/binderfs" [pid 5918] close(4 [pid 5051] close(3 [pid 5919] <... write resumed>) = 2097152 [pid 5047] <... unlink resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5919] munmap(0x7f3b887a1000, 138412032 [pid 5051] rmdir("./140" [pid 5918] <... close resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5918] exit_group(0 [pid 5051] mkdir("./141", 0777 [pid 5919] <... munmap resumed>) = 0 [pid 5918] <... exit_group resumed>) = ? [pid 5051] <... mkdir resumed>) = 0 [pid 5047] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5918] +++ exited with 0 +++ [pid 5051] <... ioctl resumed>) = 0 [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5918, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5048] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5921 attached [pid 5919] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5048] <... restart_syscall resumed>) = 0 [pid 5921] set_robust_list(0x555556629660, 24 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5921 [pid 5921] <... set_robust_list resumed>) = 0 [pid 5920] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5919] <... openat resumed>) = 4 [pid 5048] umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./141/binderfs") = 0 [pid 5048] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5919] ioctl(4, LOOP_SET_FD, 3 [pid 5921] chdir("./141") = 0 [pid 5921] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5919] <... ioctl resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5050] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5921] setpgid(0, 0 [pid 5919] close(3 [pid 5921] <... setpgid resumed>) = 0 [pid 5919] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5919] mkdir("./file0", 0777 [pid 5050] newfstatat(AT_FDCWD, "./141/file0", [pid 5921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5919] <... mkdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5921] write(3, "1000", 4 [pid 5919] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5050] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5921] <... write resumed>) = 4 [pid 5921] close(3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5921] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5921] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... openat resumed>) = 4 [pid 5921] <... symlink resumed>) = 0 [pid 5050] newfstatat(4, "", [pid 5047] <... umount2 resumed>) = 0 [pid 5921] memfd_create("syzkaller", 0 [pid 5920] <... write resumed>) = 2097152 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5921] <... memfd_create resumed>) = 3 [pid 5050] getdents64(4, [pid 5921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] newfstatat(AT_FDCWD, "./144/file0", [pid 5050] getdents64(4, [pid 5921] <... mmap resumed>) = 0x7f3b887a1000 [pid 5920] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] close(4 [pid 5047] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] rmdir("./141/file0" [pid 5047] openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... rmdir resumed>) = 0 [pid 5047] <... openat resumed>) = 4 [pid 5050] getdents64(3, [pid 5047] newfstatat(4, "", [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./141" [pid 5047] getdents64(4, [pid 5050] <... rmdir resumed>) = 0 [pid 5920] <... munmap resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] mkdir("./142", 0777 [pid 5047] close(4) = 0 [pid 5920] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5050] <... mkdir resumed>) = 0 [pid 5047] rmdir("./144/file0" [pid 5920] <... openat resumed>) = 4 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5920] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... openat resumed>) = 3 [pid 5047] <... rmdir resumed>) = 0 [ 141.702771][ T5919] loop5: detected capacity change from 0 to 4096 [ 141.724506][ T5919] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5048] <... umount2 resumed>) = 0 [pid 5047] getdents64(3, [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(3 [pid 5050] <... close resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./141/file0", [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... close resumed>) = 0 ./strace-static-x86_64: Process 5922 attached [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] rmdir("./144" [pid 5922] set_robust_list(0x555556629660, 24 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5922 [pid 5048] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5922] <... set_robust_list resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... rmdir resumed>) = 0 [pid 5920] <... ioctl resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] mkdir("./145", 0777 [pid 5922] chdir("./142" [pid 5920] close(3 [pid 5048] <... openat resumed>) = 4 [pid 5920] <... close resumed>) = 0 [pid 5920] mkdir("./file0", 0777 [pid 5922] <... chdir resumed>) = 0 [pid 5920] <... mkdir resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5047] <... mkdir resumed>) = 0 [ 141.773727][ T5920] loop2: detected capacity change from 0 to 4096 [pid 5922] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5922] <... prctl resumed>) = 0 [pid 5921] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5920] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5919] <... mount resumed>) = 0 [pid 5048] getdents64(4, [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5922] setpgid(0, 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... openat resumed>) = 3 [pid 5048] getdents64(4, [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5919] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] close(4 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5922] <... setpgid resumed>) = 0 [pid 5919] <... openat resumed>) = 3 [pid 5048] <... close resumed>) = 0 [pid 5047] close(3 [pid 5048] rmdir("./141/file0" [pid 5047] <... close resumed>) = 0 [pid 5922] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5919] chdir("./file0" [pid 5048] <... rmdir resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] getdents64(3, ./strace-static-x86_64: Process 5923 attached [pid 5922] <... openat resumed>) = 3 [pid 5919] <... chdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5919] ioctl(4, LOOP_CLR_FD [pid 5048] close(3 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5923 [pid 5923] set_robust_list(0x555556629660, 24 [pid 5922] write(3, "1000", 4 [pid 5919] <... ioctl resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5922] <... write resumed>) = 4 [pid 5919] close(4 [pid 5048] rmdir("./141" [pid 5923] <... set_robust_list resumed>) = 0 [pid 5919] <... close resumed>) = 0 [pid 5923] chdir("./145" [pid 5919] exit_group(0 [pid 5048] <... rmdir resumed>) = 0 [pid 5923] <... chdir resumed>) = 0 [pid 5922] close(3 [pid 5921] <... write resumed>) = 2097152 [pid 5919] <... exit_group resumed>) = ? [pid 5048] mkdir("./142", 0777 [pid 5923] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5922] <... close resumed>) = 0 [pid 5922] symlink("/dev/binderfs", "./binderfs" [pid 5923] <... prctl resumed>) = 0 [pid 5923] setpgid(0, 0) = 0 [pid 5923] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5922] <... symlink resumed>) = 0 [pid 5923] <... openat resumed>) = 3 [pid 5919] +++ exited with 0 +++ [pid 5048] <... mkdir resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5919, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5052] umount2("./139", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] openat(AT_FDCWD, "./139", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] <... openat resumed>) = 3 [pid 5048] close(3 [pid 5923] write(3, "1000", 4 [pid 5052] newfstatat(3, "", [pid 5048] <... close resumed>) = 0 [pid 5923] <... write resumed>) = 4 [ 141.834455][ T5920] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5923] close(3 [pid 5922] memfd_create("syzkaller", 0 [pid 5921] munmap(0x7f3b887a1000, 138412032 [pid 5920] <... mount resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5920] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5920] chdir("./file0") = 0 [pid 5920] ioctl(4, LOOP_CLR_FD [pid 5052] getdents64(3, [pid 5920] <... ioctl resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5920] close(4 [pid 5052] umount2("./139/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5920] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5920] exit_group(0 [pid 5052] newfstatat(AT_FDCWD, "./139/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./139/binderfs") = 0 [pid 5920] <... exit_group resumed>) = ? [pid 5052] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5920] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5920, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5921] <... munmap resumed>) = 0 [pid 5923] <... close resumed>) = 0 [pid 5049] umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5923] symlink("/dev/binderfs", "./binderfs" [pid 5922] <... memfd_create resumed>) = 3 [pid 5921] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5924 [pid 5049] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5923] <... symlink resumed>) = 0 [pid 5049] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5924 attached [pid 5923] memfd_create("syzkaller", 0 [pid 5922] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5921] <... openat resumed>) = 4 [pid 5052] <... umount2 resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5922] <... mmap resumed>) = 0x7f3b887a1000 [pid 5921] ioctl(4, LOOP_SET_FD, 3 [pid 5923] <... memfd_create resumed>) = 3 [pid 5924] set_robust_list(0x555556629660, 24 [pid 5052] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5924] <... set_robust_list resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5924] chdir("./142" [pid 5052] newfstatat(AT_FDCWD, "./139/file0", [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5924] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] umount2("./139/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5924] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./144/binderfs", [pid 5052] openat(AT_FDCWD, "./139/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5924] <... prctl resumed>) = 0 [pid 5049] unlink("./144/binderfs" [pid 5924] setpgid(0, 0 [pid 5052] <... openat resumed>) = 4 [pid 5049] <... unlink resumed>) = 0 [pid 5924] <... setpgid resumed>) = 0 [pid 5923] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] newfstatat(4, "", [pid 5049] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5924] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5923] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5924] <... openat resumed>) = 3 [pid 5052] getdents64(4, [pid 5924] write(3, "1000", 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5924] <... write resumed>) = 4 [pid 5052] getdents64(4, [pid 5924] close(3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5924] <... close resumed>) = 0 [pid 5052] close(4 [pid 5924] symlink("/dev/binderfs", "./binderfs" [pid 5052] <... close resumed>) = 0 [pid 5924] <... symlink resumed>) = 0 [pid 5052] rmdir("./139/file0") = 0 [pid 5924] memfd_create("syzkaller", 0 [pid 5921] <... ioctl resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5921] close(3) = 0 [pid 5921] mkdir("./file0", 0777 [pid 5052] rmdir("./139" [pid 5921] <... mkdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5924] <... memfd_create resumed>) = 3 [pid 5924] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5921] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [ 141.923788][ T5921] loop4: detected capacity change from 0 to 4096 [pid 5052] mkdir("./140", 0777) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = 0 [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5925 [pid 5049] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5925 attached [pid 5925] set_robust_list(0x555556629660, 24) = 0 [pid 5049] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5925] chdir("./140" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./144/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5925] <... chdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5925] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5049] openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5925] <... prctl resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5925] setpgid(0, 0 [pid 5049] newfstatat(4, "", [pid 5925] <... setpgid resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5925] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] getdents64(4, [pid 5925] <... openat resumed>) = 3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5925] write(3, "1000", 4 [pid 5049] getdents64(4, [pid 5925] <... write resumed>) = 4 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5925] close(3 [pid 5049] close(4 [pid 5925] <... close resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5925] symlink("/dev/binderfs", "./binderfs" [pid 5049] rmdir("./144/file0" [pid 5925] <... symlink resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5925] memfd_create("syzkaller", 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./144") = 0 [ 141.986905][ T5921] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5925] <... memfd_create resumed>) = 3 [pid 5049] mkdir("./145", 0777 [pid 5925] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5925] <... mmap resumed>) = 0x7f3b887a1000 [pid 5922] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5923] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5926 ./strace-static-x86_64: Process 5926 attached [pid 5926] set_robust_list(0x555556629660, 24) = 0 [pid 5924] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5926] chdir("./145") = 0 [pid 5926] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5921] <... mount resumed>) = 0 [pid 5926] setpgid(0, 0) = 0 [pid 5926] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5921] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5926] <... openat resumed>) = 3 [pid 5926] write(3, "1000", 4 [pid 5921] <... openat resumed>) = 3 [pid 5926] <... write resumed>) = 4 [pid 5921] chdir("./file0" [pid 5926] close(3 [pid 5921] <... chdir resumed>) = 0 [pid 5926] <... close resumed>) = 0 [pid 5926] symlink("/dev/binderfs", "./binderfs" [pid 5921] ioctl(4, LOOP_CLR_FD [pid 5926] <... symlink resumed>) = 0 [pid 5921] <... ioctl resumed>) = 0 [pid 5926] memfd_create("syzkaller", 0) = 3 [pid 5926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5922] <... write resumed>) = 2097152 [pid 5921] close(4) = 0 [pid 5922] munmap(0x7f3b887a1000, 138412032 [pid 5921] exit_group(0) = ? [pid 5921] +++ exited with 0 +++ [pid 5925] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5924] <... write resumed>) = 2097152 [pid 5923] <... write resumed>) = 2097152 [pid 5922] <... munmap resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5921, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5924] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5051] umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5926] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5924] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5923] munmap(0x7f3b887a1000, 138412032 [pid 5922] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5924] <... openat resumed>) = 4 [pid 5922] <... openat resumed>) = 4 [pid 5051] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5924] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... openat resumed>) = 3 [pid 5922] ioctl(4, LOOP_SET_FD, 3 [pid 5051] newfstatat(3, "", [pid 5924] <... ioctl resumed>) = 0 [pid 5924] close(3) = 0 [pid 5923] <... munmap resumed>) = 0 [pid 5924] mkdir("./file0", 0777) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5924] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5923] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] getdents64(3, [pid 5922] <... ioctl resumed>) = 0 [pid 5922] close(3 [pid 5923] <... openat resumed>) = 4 [pid 5922] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5923] ioctl(4, LOOP_SET_FD, 3 [pid 5922] mkdir("./file0", 0777 [pid 5051] umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5922] <... mkdir resumed>) = 0 [pid 5922] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5923] <... ioctl resumed>) = 0 [ 142.175292][ T5924] loop1: detected capacity change from 0 to 4096 [ 142.182485][ T5922] loop3: detected capacity change from 0 to 4096 [ 142.197679][ T5924] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 142.210538][ T5923] loop0: detected capacity change from 0 to 4096 [pid 5051] newfstatat(AT_FDCWD, "./141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5923] close(3 [pid 5051] unlink("./141/binderfs" [pid 5923] <... close resumed>) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5051] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5923] mkdir("./file0", 0777) = 0 [pid 5926] <... write resumed>) = 2097152 [pid 5923] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5926] munmap(0x7f3b887a1000, 138412032 [pid 5925] <... write resumed>) = 2097152 [ 142.219521][ T5922] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5925] munmap(0x7f3b887a1000, 138412032 [pid 5926] <... munmap resumed>) = 0 [pid 5925] <... munmap resumed>) = 0 [pid 5925] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5926] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5925] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5926] <... openat resumed>) = 4 [pid 5922] <... mount resumed>) = 0 [pid 5051] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5926] ioctl(4, LOOP_SET_FD, 3 [pid 5922] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5925] <... ioctl resumed>) = 0 [pid 5925] close(3) = 0 [pid 5925] mkdir("./file0", 0777 [pid 5926] <... ioctl resumed>) = 0 [pid 5923] <... mount resumed>) = 0 [pid 5922] <... openat resumed>) = 3 [pid 5051] newfstatat(AT_FDCWD, "./141/file0", [pid 5925] <... mkdir resumed>) = 0 [pid 5923] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5922] chdir("./file0" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5926] close(3 [pid 5923] <... openat resumed>) = 3 [pid 5926] <... close resumed>) = 0 [pid 5923] chdir("./file0" [pid 5922] <... chdir resumed>) = 0 [pid 5926] mkdir("./file0", 0777 [pid 5051] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5925] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5923] <... chdir resumed>) = 0 [pid 5922] ioctl(4, LOOP_CLR_FD [pid 5926] <... mkdir resumed>) = 0 [pid 5922] <... ioctl resumed>) = 0 [pid 5923] ioctl(4, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5923] <... ioctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5923] close(4 [ 142.246626][ T5923] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 142.275361][ T5925] loop5: detected capacity change from 0 to 4096 [ 142.279801][ T5926] loop2: detected capacity change from 0 to 4096 [pid 5926] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5923] <... close resumed>) = 0 [pid 5922] close(4 [pid 5051] <... openat resumed>) = 4 [pid 5922] <... close resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5923] exit_group(0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5923] <... exit_group resumed>) = ? [pid 5051] getdents64(4, [pid 5923] +++ exited with 0 +++ [pid 5922] exit_group(0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5922] <... exit_group resumed>) = ? [pid 5051] close(4 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5923, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] <... close resumed>) = 0 [pid 5047] umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] rmdir("./141/file0" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... rmdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5922] +++ exited with 0 +++ [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5922, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5051] rmdir("./141" [pid 5047] newfstatat(AT_FDCWD, "./145/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./145/binderfs" [pid 5051] <... rmdir resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5047] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5050] umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./145/file0", [pid 5924] <... mount resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... openat resumed>) = 4 [pid 5924] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] mkdir("./142", 0777 [pid 5047] newfstatat(4, "", [pid 5050] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] newfstatat(3, "", [pid 5047] getdents64(4, [pid 5924] <... openat resumed>) = 3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5924] chdir("./file0" [pid 5051] <... mkdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5047] getdents64(4, [pid 5924] <... chdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5924] ioctl(4, LOOP_CLR_FD [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 142.307157][ T5926] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 142.318762][ T5925] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5047] close(4 [pid 5924] <... ioctl resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... close resumed>) = 0 [pid 5924] close(4 [pid 5047] rmdir("./145/file0") = 0 [pid 5924] <... close resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3 [pid 5924] exit_group(0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5047] <... close resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] newfstatat(AT_FDCWD, "./142/binderfs", [pid 5047] rmdir("./145" [pid 5924] <... exit_group resumed>) = ? [pid 5926] <... mount resumed>) = 0 [pid 5925] <... mount resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5924] +++ exited with 0 +++ [pid 5047] mkdir("./146", 0777 [pid 5926] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5924, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5047] <... mkdir resumed>) = 0 [pid 5051] close(3 [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5926] <... openat resumed>) = 3 [pid 5925] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5927 attached [pid 5926] chdir("./file0" [pid 5925] <... openat resumed>) = 3 [pid 5048] umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 3 [pid 5927] set_robust_list(0x555556629660, 24 [pid 5926] <... chdir resumed>) = 0 [pid 5925] chdir("./file0" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5926] ioctl(4, LOOP_CLR_FD [pid 5925] <... chdir resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5927 [pid 5048] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5926] <... ioctl resumed>) = 0 [pid 5925] ioctl(4, LOOP_CLR_FD [pid 5927] <... set_robust_list resumed>) = 0 [pid 5926] close(4 [pid 5925] <... ioctl resumed>) = 0 [pid 5050] unlink("./142/binderfs" [pid 5048] <... openat resumed>) = 3 [pid 5927] chdir("./142" [pid 5926] <... close resumed>) = 0 [pid 5925] close(4 [pid 5048] newfstatat(3, "", [pid 5925] <... close resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5050] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5927] <... chdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5926] exit_group(0 [pid 5925] exit_group(0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5926] <... exit_group resumed>) = ? [pid 5048] umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./142/binderfs", [pid 5926] +++ exited with 0 +++ [pid 5925] <... exit_group resumed>) = ? [pid 5050] <... umount2 resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5926, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5048] unlink("./142/binderfs" [pid 5925] +++ exited with 0 +++ [pid 5048] <... unlink resumed>) = 0 [pid 5927] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5927] <... prctl resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5925, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5927] setpgid(0, 0 [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5050] newfstatat(AT_FDCWD, "./142/file0", [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... restart_syscall resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] umount2("./140", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./145/binderfs", [pid 5927] <... setpgid resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./140", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... openat resumed>) = 4 [pid 5049] unlink("./145/binderfs" [pid 5052] <... openat resumed>) = 3 [pid 5927] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", [pid 5050] newfstatat(4, "", [pid 5049] <... unlink resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(4, [pid 5927] write(3, "1000", 4 [pid 5052] getdents64(3, [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5927] <... write resumed>) = 4 [pid 5050] getdents64(4, [pid 5927] close(3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] close(4 [pid 5052] umount2("./140/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] rmdir("./142/file0" [pid 5052] newfstatat(AT_FDCWD, "./140/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5927] <... close resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5927] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5052] unlink("./140/binderfs" [pid 5050] getdents64(3, [pid 5052] <... unlink resumed>) = 0 [pid 5927] memfd_create("syzkaller", 0 [pid 5052] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./142") = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5927] <... memfd_create resumed>) = 3 [pid 5050] mkdir("./143", 0777 [pid 5047] <... ioctl resumed>) = 0 [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5049] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5928 attached [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5049] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5928] set_robust_list(0x555556629660, 24 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5928 [pid 5050] close(3 [pid 5049] newfstatat(AT_FDCWD, "./145/file0", [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5927] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5929 attached [pid 5927] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5929] set_robust_list(0x555556629660, 24 [pid 5928] <... set_robust_list resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5928] chdir("./146" [pid 5929] <... set_robust_list resumed>) = 0 [pid 5928] <... chdir resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5928] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5929] chdir("./143" [pid 5049] newfstatat(4, "", [pid 5048] newfstatat(AT_FDCWD, "./142/file0", [pid 5928] <... prctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5928] setpgid(0, 0 [pid 5049] getdents64(4, [pid 5048] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5929 [pid 5928] <... setpgid resumed>) = 0 [pid 5929] <... chdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5929] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5928] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... umount2 resumed>) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5929] <... prctl resumed>) = 0 [pid 5049] close(4) = 0 [pid 5929] setpgid(0, 0 [pid 5049] rmdir("./145/file0" [pid 5048] openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5928] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 4 [pid 5049] <... rmdir resumed>) = 0 [pid 5929] <... setpgid resumed>) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] newfstatat(4, "", [pid 5049] close(3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, [pid 5049] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] rmdir("./145" [pid 5928] write(3, "1000", 4 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5929] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5928] <... write resumed>) = 4 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] close(4) = 0 [pid 5928] close(3 [pid 5049] mkdir("./146", 0777 [pid 5048] rmdir("./142/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./142" [pid 5049] <... mkdir resumed>) = 0 [pid 5928] <... close resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... rmdir resumed>) = 0 [pid 5929] <... openat resumed>) = 3 [pid 5928] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... openat resumed>) = 3 [pid 5048] mkdir("./143", 0777 [pid 5929] write(3, "1000", 4 [pid 5928] <... symlink resumed>) = 0 [pid 5927] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... mkdir resumed>) = 0 [pid 5929] <... write resumed>) = 4 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] close(3) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5929] close(3 [pid 5928] memfd_create("syzkaller", 0 [pid 5052] newfstatat(AT_FDCWD, "./140/file0", [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5930 attached [pid 5929] <... close resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5930 ./strace-static-x86_64: Process 5931 attached [pid 5930] set_robust_list(0x555556629660, 24 [pid 5929] symlink("/dev/binderfs", "./binderfs" [pid 5928] <... memfd_create resumed>) = 3 [pid 5052] umount2("./140/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5931] set_robust_list(0x555556629660, 24 [pid 5928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5930] <... set_robust_list resumed>) = 0 [pid 5929] <... symlink resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5931 [pid 5052] openat(AT_FDCWD, "./140/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5931] <... set_robust_list resumed>) = 0 [pid 5930] chdir("./143" [pid 5931] chdir("./146" [pid 5930] <... chdir resumed>) = 0 [pid 5052] <... openat resumed>) = 4 [pid 5931] <... chdir resumed>) = 0 [pid 5930] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5929] memfd_create("syzkaller", 0 [pid 5052] newfstatat(4, "", [pid 5931] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5931] setpgid(0, 0) = 0 [pid 5931] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5930] <... prctl resumed>) = 0 [pid 5929] <... memfd_create resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5930] setpgid(0, 0 [pid 5929] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5930] <... setpgid resumed>) = 0 [pid 5052] getdents64(4, [pid 5931] <... openat resumed>) = 3 [pid 5930] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5929] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, [pid 5931] write(3, "1000", 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4 [pid 5931] <... write resumed>) = 4 [pid 5052] <... close resumed>) = 0 [pid 5930] <... openat resumed>) = 3 [pid 5052] rmdir("./140/file0" [pid 5931] close(3) = 0 [pid 5931] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5930] write(3, "1000", 4) = 4 [pid 5052] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, [pid 5927] <... write resumed>) = 2097152 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3 [pid 5930] close(3) = 0 [pid 5930] symlink("/dev/binderfs", "./binderfs" [pid 5931] memfd_create("syzkaller", 0 [pid 5930] <... symlink resumed>) = 0 [pid 5927] munmap(0x7f3b887a1000, 138412032 [pid 5930] memfd_create("syzkaller", 0 [pid 5927] <... munmap resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5931] <... memfd_create resumed>) = 3 [pid 5931] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5052] rmdir("./140") = 0 [pid 5930] <... memfd_create resumed>) = 3 [pid 5052] mkdir("./141", 0777 [pid 5930] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5052] <... mkdir resumed>) = 0 [pid 5927] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5927] ioctl(4, LOOP_SET_FD, 3 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5927] <... ioctl resumed>) = 0 [pid 5928] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5927] close(3./strace-static-x86_64: Process 5932 attached ) = 0 [ 142.624690][ T5927] loop4: detected capacity change from 0 to 4096 [pid 5932] set_robust_list(0x555556629660, 24 [pid 5927] mkdir("./file0", 0777 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5932 [pid 5927] <... mkdir resumed>) = 0 [pid 5927] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5932] <... set_robust_list resumed>) = 0 [pid 5932] chdir("./141" [pid 5929] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5932] <... chdir resumed>) = 0 [pid 5932] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5932] setpgid(0, 0) = 0 [pid 5932] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5932] write(3, "1000", 4) = 4 [pid 5932] close(3) = 0 [pid 5932] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5931] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 142.666341][ T5927] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5930] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5932] memfd_create("syzkaller", 0) = 3 [pid 5928] <... write resumed>) = 2097152 [pid 5932] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5928] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5929] <... write resumed>) = 2097152 [pid 5929] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5928] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5928] ioctl(4, LOOP_SET_FD, 3 [pid 5929] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5931] <... write resumed>) = 2097152 [pid 5930] <... write resumed>) = 2097152 [pid 5929] <... openat resumed>) = 4 [pid 5929] ioctl(4, LOOP_SET_FD, 3 [pid 5931] munmap(0x7f3b887a1000, 138412032 [pid 5928] <... ioctl resumed>) = 0 [pid 5931] <... munmap resumed>) = 0 [pid 5930] munmap(0x7f3b887a1000, 138412032 [pid 5931] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5930] <... munmap resumed>) = 0 [pid 5929] <... ioctl resumed>) = 0 [pid 5928] close(3 [pid 5927] <... mount resumed>) = 0 [pid 5931] <... openat resumed>) = 4 [pid 5929] close(3 [pid 5927] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5931] ioctl(4, LOOP_SET_FD, 3 [pid 5929] <... close resumed>) = 0 [pid 5928] <... close resumed>) = 0 [pid 5927] <... openat resumed>) = 3 [pid 5932] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5930] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5929] mkdir("./file0", 0777 [pid 5928] mkdir("./file0", 0777 [pid 5927] chdir("./file0" [pid 5931] <... ioctl resumed>) = 0 [pid 5928] <... mkdir resumed>) = 0 [pid 5927] <... chdir resumed>) = 0 [pid 5930] <... openat resumed>) = 4 [ 142.766651][ T5928] loop0: detected capacity change from 0 to 4096 [ 142.783320][ T5929] loop3: detected capacity change from 0 to 4096 [ 142.804772][ T5931] loop2: detected capacity change from 0 to 4096 [pid 5931] close(3 [pid 5930] ioctl(4, LOOP_SET_FD, 3 [pid 5928] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5927] ioctl(4, LOOP_CLR_FD) = 0 [pid 5927] close(4 [pid 5930] <... ioctl resumed>) = 0 [pid 5927] <... close resumed>) = 0 [pid 5927] exit_group(0) = ? [pid 5927] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5927, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5051] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5051] umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5931] <... close resumed>) = 0 [pid 5931] mkdir("./file0", 0777) = 0 [pid 5051] newfstatat(3, "", [pid 5931] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5930] close(3 [pid 5929] <... mkdir resumed>) = 0 [pid 5930] <... close resumed>) = 0 [pid 5929] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5930] mkdir("./file0", 0777 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5930] <... mkdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./142/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./142/binderfs") = 0 [pid 5051] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 142.815262][ T5930] loop1: detected capacity change from 0 to 4096 [ 142.821677][ T5928] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 142.836257][ T5929] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 142.846881][ T5931] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5930] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5932] <... write resumed>) = 2097152 [pid 5051] <... umount2 resumed>) = 0 [pid 5932] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5051] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./142/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5932] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 142.861406][ T5930] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5932] <... openat resumed>) = 4 [pid 5051] openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5932] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./142/file0" [pid 5928] <... mount resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5928] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5930] <... mount resumed>) = 0 [pid 5932] <... ioctl resumed>) = 0 [pid 5931] <... mount resumed>) = 0 [pid 5930] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5929] <... mount resumed>) = 0 [pid 5928] <... openat resumed>) = 3 [pid 5051] getdents64(3, [pid 5932] close(3 [pid 5931] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5930] <... openat resumed>) = 3 [pid 5929] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5928] chdir("./file0" [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5932] <... close resumed>) = 0 [pid 5931] <... openat resumed>) = 3 [pid 5930] chdir("./file0" [pid 5929] <... openat resumed>) = 3 [pid 5928] <... chdir resumed>) = 0 [pid 5051] close(3 [pid 5932] mkdir("./file0", 0777 [pid 5931] chdir("./file0" [pid 5930] <... chdir resumed>) = 0 [pid 5929] chdir("./file0" [pid 5928] ioctl(4, LOOP_CLR_FD [pid 5931] <... chdir resumed>) = 0 [pid 5930] ioctl(4, LOOP_CLR_FD [pid 5929] <... chdir resumed>) = 0 [pid 5928] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5931] ioctl(4, LOOP_CLR_FD [pid 5930] <... ioctl resumed>) = 0 [pid 5929] ioctl(4, LOOP_CLR_FD [pid 5928] close(4 [pid 5051] rmdir("./142" [pid 5932] <... mkdir resumed>) = 0 [pid 5929] <... ioctl resumed>) = 0 [pid 5928] <... close resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5931] <... ioctl resumed>) = 0 [pid 5930] close(4 [pid 5932] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5931] close(4 [pid 5929] close(4 [pid 5928] exit_group(0 [ 142.912025][ T5932] loop5: detected capacity change from 0 to 4096 [pid 5051] mkdir("./143", 0777 [pid 5930] <... close resumed>) = 0 [pid 5931] <... close resumed>) = 0 [pid 5929] <... close resumed>) = 0 [pid 5928] <... exit_group resumed>) = ? [pid 5051] <... mkdir resumed>) = 0 [pid 5929] exit_group(0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5929] <... exit_group resumed>) = ? [pid 5928] +++ exited with 0 +++ [pid 5051] <... openat resumed>) = 3 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5928, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5047] umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5931] exit_group(0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5047] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] newfstatat(3, "", [pid 5931] <... exit_group resumed>) = ? [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5929] +++ exited with 0 +++ [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5929, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5931] +++ exited with 0 +++ [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5931, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5047] getdents64(3, [pid 5050] umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5930] exit_group(0 [pid 5051] close(3 [pid 5050] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(3, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5933 attached [pid 5930] <... exit_group resumed>) = ? [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] newfstatat(AT_FDCWD, "./146/binderfs", [pid 5933] set_robust_list(0x555556629660, 24 [pid 5050] umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 3 [pid 5933] <... set_robust_list resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(3, "", [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5933] chdir("./143" [pid 5930] +++ exited with 0 +++ [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5933 [pid 5050] newfstatat(AT_FDCWD, "./143/binderfs", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] unlink("./146/binderfs" [pid 5933] <... chdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] getdents64(3, [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5930, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5933] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] unlink("./143/binderfs" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... unlink resumed>) = 0 [pid 5933] <... prctl resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5049] umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5933] setpgid(0, 0 [pid 5050] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5933] <... setpgid resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./146/binderfs", [pid 5047] <... umount2 resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] unlink("./146/binderfs") = 0 [pid 5049] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5933] <... openat resumed>) = 3 [pid 5048] umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5933] write(3, "1000", 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./146/file0", [pid 5933] <... write resumed>) = 4 [pid 5048] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5933] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5933] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5933] symlink("/dev/binderfs", "./binderfs" [pid 5047] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] newfstatat(3, "", [pid 5933] <... symlink resumed>) = 0 [pid 5932] <... mount resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] getdents64(3, [pid 5047] openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 142.952388][ T5932] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5932] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... openat resumed>) = 4 [pid 5933] memfd_create("syzkaller", 0 [pid 5932] <... openat resumed>) = 3 [pid 5932] chdir("./file0") = 0 [pid 5932] ioctl(4, LOOP_CLR_FD) = 0 [pid 5932] close(4) = 0 [pid 5932] exit_group(0) = ? [pid 5932] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5932, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5047] newfstatat(4, "", [pid 5052] umount2("./141", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./141", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./141/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./141/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5933] <... memfd_create resumed>) = 3 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] unlink("./141/binderfs" [pid 5050] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(4, [pid 5933] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... unlink resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./143/binderfs", [pid 5052] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] getdents64(4, [pid 5048] unlink("./143/binderfs" [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] newfstatat(AT_FDCWD, "./143/file0", [pid 5049] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... unlink resumed>) = 0 [pid 5047] close(4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] rmdir("./146/file0" [pid 5049] newfstatat(AT_FDCWD, "./146/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... rmdir resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5050] <... openat resumed>) = 4 [pid 5049] getdents64(4, [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] newfstatat(4, "", [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5047] <... close resumed>) = 0 [pid 5050] getdents64(4, [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5052] <... umount2 resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... close resumed>) = 0 [pid 5047] rmdir("./146" [pid 5050] getdents64(4, [pid 5049] rmdir("./146/file0" [pid 5047] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] mkdir("./147", 0777 [pid 5050] close(4) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5050] rmdir("./143/file0" [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] getdents64(3, [pid 5050] <... rmdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5050] close(3) = 0 [pid 5049] close(3 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] rmdir("./143" [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./146" [pid 5047] close(3 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5050] mkdir("./144", 0777 [pid 5047] <... close resumed>) = 0 [pid 5049] mkdir("./147", 0777 [pid 5050] <... mkdir resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./141/file0", [pid 5050] <... openat resumed>) = 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./141/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./141/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... openat resumed>) = 3 [pid 5052] <... openat resumed>) = 4 [pid 5049] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5934 attached [pid 5052] newfstatat(4, "", [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5934 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] close(3 [pid 5049] close(3 [pid 5934] set_robust_list(0x555556629660, 24 [pid 5050] <... close resumed>) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] getdents64(4, [pid 5049] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] getdents64(4, [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5935 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5936 ./strace-static-x86_64: Process 5936 attached [pid 5052] close(4) = 0 [pid 5052] rmdir("./141/file0") = 0 ./strace-static-x86_64: Process 5935 attached [pid 5936] set_robust_list(0x555556629660, 24 [pid 5934] <... set_robust_list resumed>) = 0 [pid 5052] getdents64(3, [pid 5936] <... set_robust_list resumed>) = 0 [pid 5935] set_robust_list(0x555556629660, 24 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5934] chdir("./147" [pid 5936] chdir("./147" [pid 5935] <... set_robust_list resumed>) = 0 [pid 5052] close(3 [pid 5936] <... chdir resumed>) = 0 [pid 5935] chdir("./144" [pid 5934] <... chdir resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5934] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] rmdir("./141") = 0 [pid 5936] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5935] <... chdir resumed>) = 0 [pid 5934] <... prctl resumed>) = 0 [pid 5933] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] mkdir("./142", 0777 [pid 5048] <... umount2 resumed>) = 0 [pid 5936] <... prctl resumed>) = 0 [pid 5935] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5934] setpgid(0, 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5936] setpgid(0, 0 [pid 5935] <... prctl resumed>) = 0 [pid 5934] <... setpgid resumed>) = 0 [pid 5048] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5936] <... setpgid resumed>) = 0 [pid 5935] setpgid(0, 0 [pid 5934] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5936] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5935] <... setpgid resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5936] <... openat resumed>) = 3 [pid 5935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5048] newfstatat(AT_FDCWD, "./143/file0", [pid 5936] write(3, "1000", 4 [pid 5935] <... openat resumed>) = 3 [pid 5052] <... openat resumed>) = 3 [pid 5936] <... write resumed>) = 4 [pid 5935] write(3, "1000", 4 [pid 5934] <... openat resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5936] close(3 [pid 5935] <... write resumed>) = 4 [pid 5934] write(3, "1000", 4 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5936] <... close resumed>) = 0 [pid 5935] close(3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5936] symlink("/dev/binderfs", "./binderfs" [pid 5935] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5936] <... symlink resumed>) = 0 [pid 5935] symlink("/dev/binderfs", "./binderfs" [pid 5934] <... write resumed>) = 4 [pid 5052] close(3 [pid 5935] <... symlink resumed>) = 0 [pid 5934] close(3 [pid 5052] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5936] memfd_create("syzkaller", 0 [pid 5048] <... openat resumed>) = 4 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5934] <... close resumed>) = 0 [pid 5935] memfd_create("syzkaller", 0 [pid 5934] symlink("/dev/binderfs", "./binderfs" [pid 5048] newfstatat(4, "", [pid 5934] <... symlink resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5936] <... memfd_create resumed>) = 3 [pid 5048] getdents64(4, [pid 5936] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5937 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5937 attached [pid 5936] <... mmap resumed>) = 0x7f3b887a1000 [pid 5935] <... memfd_create resumed>) = 3 [pid 5934] memfd_create("syzkaller", 0 [pid 5937] set_robust_list(0x555556629660, 24) = 0 [pid 5048] getdents64(4, [pid 5937] chdir("./142" [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./143/file0") = 0 [pid 5935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] getdents64(3, [pid 5935] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5937] <... chdir resumed>) = 0 [pid 5937] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./143" [pid 5937] <... prctl resumed>) = 0 [pid 5937] setpgid(0, 0 [pid 5934] <... memfd_create resumed>) = 3 [pid 5048] <... rmdir resumed>) = 0 [pid 5937] <... setpgid resumed>) = 0 [pid 5048] mkdir("./144", 0777 [pid 5934] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5934] <... mmap resumed>) = 0x7f3b887a1000 [pid 5937] write(3, "1000", 4 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5937] <... write resumed>) = 4 [pid 5937] close(3 [pid 5048] <... openat resumed>) = 3 [pid 5937] <... close resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5937] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5937] <... symlink resumed>) = 0 [pid 5048] close(3) = 0 [pid 5937] memfd_create("syzkaller", 0 [pid 5933] <... write resumed>) = 2097152 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5933] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5938 ./strace-static-x86_64: Process 5938 attached [pid 5937] <... memfd_create resumed>) = 3 [pid 5938] set_robust_list(0x555556629660, 24 [pid 5937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5938] <... set_robust_list resumed>) = 0 [pid 5938] chdir("./144") = 0 [pid 5938] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5937] <... mmap resumed>) = 0x7f3b887a1000 [pid 5938] <... prctl resumed>) = 0 [pid 5938] setpgid(0, 0) = 0 [pid 5938] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5933] <... munmap resumed>) = 0 [pid 5938] write(3, "1000", 4 [pid 5933] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5938] <... write resumed>) = 4 [pid 5933] <... openat resumed>) = 4 [pid 5938] close(3) = 0 [pid 5938] symlink("/dev/binderfs", "./binderfs" [pid 5933] ioctl(4, LOOP_SET_FD, 3 [pid 5938] <... symlink resumed>) = 0 [pid 5938] memfd_create("syzkaller", 0) = 3 [pid 5938] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5935] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5934] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5936] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5933] <... ioctl resumed>) = 0 [pid 5933] close(3) = 0 [pid 5933] mkdir("./file0", 0777) = 0 [ 143.225042][ T5933] loop4: detected capacity change from 0 to 4096 [pid 5933] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5937] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5935] <... write resumed>) = 2097152 [pid 5936] <... write resumed>) = 2097152 [pid 5936] munmap(0x7f3b887a1000, 138412032 [pid 5938] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5936] <... munmap resumed>) = 0 [ 143.284803][ T5933] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5936] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5936] ioctl(4, LOOP_SET_FD, 3 [pid 5934] <... write resumed>) = 2097152 [pid 5934] munmap(0x7f3b887a1000, 138412032 [pid 5935] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5936] <... ioctl resumed>) = 0 [pid 5936] close(3) = 0 [pid 5936] mkdir("./file0", 0777) = 0 [pid 5936] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5934] <... munmap resumed>) = 0 [pid 5933] <... mount resumed>) = 0 [ 143.363530][ T5936] loop2: detected capacity change from 0 to 4096 [ 143.387546][ T5936] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5937] <... write resumed>) = 2097152 [pid 5935] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5934] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5933] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5935] <... openat resumed>) = 4 [pid 5933] <... openat resumed>) = 3 [pid 5934] <... openat resumed>) = 4 [pid 5935] ioctl(4, LOOP_SET_FD, 3 [pid 5934] ioctl(4, LOOP_SET_FD, 3 [pid 5933] chdir("./file0" [pid 5935] <... ioctl resumed>) = 0 [pid 5935] close(3) = 0 [pid 5935] mkdir("./file0", 0777 [pid 5937] munmap(0x7f3b887a1000, 138412032 [pid 5934] <... ioctl resumed>) = 0 [pid 5933] <... chdir resumed>) = 0 [pid 5937] <... munmap resumed>) = 0 [pid 5935] <... mkdir resumed>) = 0 [pid 5934] close(3 [pid 5933] ioctl(4, LOOP_CLR_FD [pid 5934] <... close resumed>) = 0 [pid 5933] <... ioctl resumed>) = 0 [pid 5934] mkdir("./file0", 0777 [pid 5933] close(4) = 0 [pid 5934] <... mkdir resumed>) = 0 [pid 5933] exit_group(0 [ 143.416593][ T5935] loop3: detected capacity change from 0 to 4096 [ 143.423543][ T5934] loop0: detected capacity change from 0 to 4096 [pid 5934] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5933] <... exit_group resumed>) = ? [pid 5938] <... write resumed>) = 2097152 [pid 5935] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5938] munmap(0x7f3b887a1000, 138412032 [pid 5933] +++ exited with 0 +++ [pid 5937] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5933, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5937] <... openat resumed>) = 4 [pid 5937] ioctl(4, LOOP_SET_FD, 3 [pid 5938] <... munmap resumed>) = 0 [pid 5936] <... mount resumed>) = 0 [pid 5051] umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5936] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5051] umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5936] chdir("./file0" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5936] <... chdir resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./143/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./143/binderfs" [pid 5936] ioctl(4, LOOP_CLR_FD [pid 5051] <... unlink resumed>) = 0 [pid 5936] <... ioctl resumed>) = 0 [pid 5051] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5936] close(4) = 0 [pid 5937] <... ioctl resumed>) = 0 [pid 5937] close(3) = 0 [pid 5937] mkdir("./file0", 0777 [pid 5936] exit_group(0 [pid 5938] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5937] <... mkdir resumed>) = 0 [pid 5936] <... exit_group resumed>) = ? [pid 5938] <... openat resumed>) = 4 [pid 5937] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5936] +++ exited with 0 +++ [ 143.457469][ T5934] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 143.471265][ T5935] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 143.485709][ T5937] loop5: detected capacity change from 0 to 4096 [pid 5938] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5936, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5938] close(3) = 0 [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5938] mkdir("./file0", 0777 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5938] <... mkdir resumed>) = 0 [pid 5938] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5937] <... mount resumed>) = 0 [pid 5934] <... mount resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5049] umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5935] <... mount resumed>) = 0 [pid 5051] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5937] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5934] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5934] <... openat resumed>) = 3 [pid 5051] newfstatat(AT_FDCWD, "./143/file0", [pid 5049] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 3 [pid 5937] <... openat resumed>) = 3 [pid 5935] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5935] <... openat resumed>) = 3 [pid 5051] openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5935] chdir("./file0" [pid 5051] <... openat resumed>) = 4 [pid 5935] <... chdir resumed>) = 0 [pid 5935] ioctl(4, LOOP_CLR_FD [pid 5934] chdir("./file0" [pid 5937] chdir("./file0" [pid 5935] <... ioctl resumed>) = 0 [pid 5934] <... chdir resumed>) = 0 [pid 5937] <... chdir resumed>) = 0 [pid 5935] close(4 [pid 5934] ioctl(4, LOOP_CLR_FD [pid 5937] ioctl(4, LOOP_CLR_FD [pid 5935] <... close resumed>) = 0 [pid 5049] newfstatat(3, "", [pid 5937] <... ioctl resumed>) = 0 [pid 5935] exit_group(0 [pid 5934] <... ioctl resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5937] close(4 [pid 5935] <... exit_group resumed>) = ? [pid 5934] close(4 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5937] <... close resumed>) = 0 [pid 5935] +++ exited with 0 +++ [pid 5934] <... close resumed>) = 0 [pid 5051] getdents64(4, [pid 5934] exit_group(0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5935, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5934] <... exit_group resumed>) = ? [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./143/file0") = 0 [pid 5050] umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5934] +++ exited with 0 +++ [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(3, [pid 5050] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5934, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5049] getdents64(3, [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5937] exit_group(0 [pid 5051] close(3 [pid 5050] newfstatat(3, "", [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... restart_syscall resumed>) = 0 [pid 5937] <... exit_group resumed>) = ? [pid 5051] <... close resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5937] +++ exited with 0 +++ [pid 5051] rmdir("./143" [pid 5050] getdents64(3, [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5937, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5051] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./147/binderfs", [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] mkdir("./144", 0777 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] umount2("./142", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... mkdir resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./144/binderfs", [pid 5047] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] newfstatat(3, "", [pid 5052] openat(AT_FDCWD, "./142", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] unlink("./144/binderfs" [pid 5049] unlink("./147/binderfs" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... unlink resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [ 143.535892][ T5938] loop1: detected capacity change from 0 to 4096 [ 143.535996][ T5937] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 143.571915][ T5938] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5047] getdents64(3, [pid 5052] newfstatat(3, "", [pid 5051] <... openat resumed>) = 3 [pid 5050] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5047] umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(3, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] newfstatat(AT_FDCWD, "./147/binderfs", [pid 5052] umount2("./142/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... close resumed>) = 0 [pid 5047] unlink("./147/binderfs" [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... unlink resumed>) = 0 [pid 5938] <... mount resumed>) = 0 [pid 5047] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] newfstatat(AT_FDCWD, "./142/binderfs", ./strace-static-x86_64: Process 5939 attached {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5938] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5939 [pid 5938] <... openat resumed>) = 3 [pid 5052] unlink("./142/binderfs" [pid 5939] set_robust_list(0x555556629660, 24 [pid 5938] chdir("./file0") = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5938] ioctl(4, LOOP_CLR_FD) = 0 [pid 5938] close(4) = 0 [pid 5938] exit_group(0) = ? [pid 5052] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5939] <... set_robust_list resumed>) = 0 [pid 5938] +++ exited with 0 +++ [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5938, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5939] chdir("./144" [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5939] <... chdir resumed>) = 0 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5939] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5048] umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5939] setpgid(0, 0) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5939] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... umount2 resumed>) = 0 [pid 5049] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(3, "", [pid 5049] newfstatat(AT_FDCWD, "./147/file0", [pid 5939] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] getdents64(3, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(4, "", [pid 5048] newfstatat(AT_FDCWD, "./144/binderfs", [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] unlink("./144/binderfs" [pid 5050] <... umount2 resumed>) = 0 [pid 5050] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./144/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(4, [pid 5048] <... unlink resumed>) = 0 [pid 5050] getdents64(4, [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] close(4 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./144/file0") = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./144") = 0 [pid 5049] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5052] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] mkdir("./145", 0777 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./142/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./142/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5939] write(3, "1000", 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... mkdir resumed>) = 0 [pid 5049] rmdir("./147/file0" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./142/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] newfstatat(AT_FDCWD, "./147/file0", [pid 5052] <... openat resumed>) = 4 [pid 5050] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5047] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(4, [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] close(3 [pid 5939] <... write resumed>) = 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... rmdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, [pid 5050] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] getdents64(4, [pid 5939] close(3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] getdents64(3, [pid 5047] close(4 [pid 5939] <... close resumed>) = 0 [pid 5939] symlink("/dev/binderfs", "./binderfs" [pid 5052] close(4 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... close resumed>) = 0 [pid 5939] <... symlink resumed>) = 0 [pid 5049] close(3 [pid 5047] rmdir("./147/file0") = 0 ./strace-static-x86_64: Process 5940 attached [pid 5939] memfd_create("syzkaller", 0 [pid 5052] <... close resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5047] getdents64(3, [pid 5052] rmdir("./142/file0" [pid 5049] rmdir("./147" [pid 5940] set_robust_list(0x555556629660, 24 [pid 5052] <... rmdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5940] <... set_robust_list resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5940 [pid 5049] <... rmdir resumed>) = 0 [pid 5047] close(3 [pid 5940] chdir("./145" [pid 5052] getdents64(3, [pid 5049] mkdir("./148", 0777 [pid 5940] <... chdir resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... close resumed>) = 0 [pid 5940] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5052] close(3 [pid 5047] rmdir("./147" [pid 5052] <... close resumed>) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5939] <... memfd_create resumed>) = 3 [pid 5052] rmdir("./142" [pid 5049] <... mkdir resumed>) = 0 [pid 5940] <... prctl resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5940] setpgid(0, 0 [pid 5049] <... openat resumed>) = 3 [pid 5940] <... setpgid resumed>) = 0 [pid 5939] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5940] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5939] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] mkdir("./143", 0777 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5940] <... openat resumed>) = 3 [pid 5052] <... mkdir resumed>) = 0 [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] mkdir("./148", 0777) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5941 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5047] <... openat resumed>) = 3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5940] write(3, "1000", 4 [pid 5052] close(3 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5940] <... write resumed>) = 4 [pid 5052] <... close resumed>) = 0 [pid 5047] close(3 [pid 5940] close(3 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... close resumed>) = 0 [pid 5940] <... close resumed>) = 0 [pid 5940] symlink("/dev/binderfs", "./binderfs" [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5941 attached [pid 5940] <... symlink resumed>) = 0 [pid 5941] set_robust_list(0x555556629660, 24 [pid 5940] memfd_create("syzkaller", 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5941] <... set_robust_list resumed>) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5942 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5943 ./strace-static-x86_64: Process 5943 attached ./strace-static-x86_64: Process 5942 attached [pid 5943] set_robust_list(0x555556629660, 24 [pid 5941] chdir("./148" [pid 5942] set_robust_list(0x555556629660, 24 [pid 5943] <... set_robust_list resumed>) = 0 [pid 5942] <... set_robust_list resumed>) = 0 [pid 5943] chdir("./143" [pid 5942] chdir("./148" [pid 5943] <... chdir resumed>) = 0 [pid 5942] <... chdir resumed>) = 0 [pid 5943] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5942] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5943] <... prctl resumed>) = 0 [pid 5942] <... prctl resumed>) = 0 [pid 5943] setpgid(0, 0 [pid 5942] setpgid(0, 0 [pid 5943] <... setpgid resumed>) = 0 [pid 5941] <... chdir resumed>) = 0 [pid 5942] <... setpgid resumed>) = 0 [pid 5943] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5942] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5943] <... openat resumed>) = 3 [pid 5941] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5940] <... memfd_create resumed>) = 3 [pid 5942] <... openat resumed>) = 3 [pid 5943] write(3, "1000", 4 [pid 5941] <... prctl resumed>) = 0 [pid 5942] write(3, "1000", 4 [pid 5943] <... write resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5941] setpgid(0, 0 [pid 5942] <... write resumed>) = 4 [pid 5943] close(3 [pid 5941] <... setpgid resumed>) = 0 [pid 5940] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] newfstatat(AT_FDCWD, "./144/file0", [pid 5942] close(3 [pid 5943] <... close resumed>) = 0 [pid 5941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5940] <... mmap resumed>) = 0x7f3b887a1000 [pid 5942] <... close resumed>) = 0 [pid 5943] symlink("/dev/binderfs", "./binderfs" [pid 5941] <... openat resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5942] symlink("/dev/binderfs", "./binderfs" [pid 5943] <... symlink resumed>) = 0 [pid 5941] write(3, "1000", 4 [pid 5048] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5942] <... symlink resumed>) = 0 [pid 5943] memfd_create("syzkaller", 0 [pid 5941] <... write resumed>) = 4 [pid 5942] memfd_create("syzkaller", 0 [pid 5943] <... memfd_create resumed>) = 3 [pid 5941] close(3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5943] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5941] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5942] <... memfd_create resumed>) = 3 [pid 5943] <... mmap resumed>) = 0x7f3b887a1000 [pid 5942] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5941] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... openat resumed>) = 4 [pid 5942] <... mmap resumed>) = 0x7f3b887a1000 [pid 5941] <... symlink resumed>) = 0 [pid 5048] newfstatat(4, "", [pid 5941] memfd_create("syzkaller", 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5941] <... memfd_create resumed>) = 3 [pid 5048] getdents64(4, [pid 5941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5941] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./144/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./144") = 0 [pid 5048] mkdir("./145", 0777 [pid 5939] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... mkdir resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5942] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5943] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5940] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5941] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5939] <... write resumed>) = 2097152 ./strace-static-x86_64: Process 5944 attached [pid 5942] <... write resumed>) = 2097152 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5944 [pid 5944] set_robust_list(0x555556629660, 24) = 0 [pid 5944] chdir("./145") = 0 [pid 5944] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5944] setpgid(0, 0 [pid 5942] munmap(0x7f3b887a1000, 138412032 [pid 5939] munmap(0x7f3b887a1000, 138412032 [pid 5944] <... setpgid resumed>) = 0 [pid 5939] <... munmap resumed>) = 0 [pid 5944] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5939] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5944] <... openat resumed>) = 3 [pid 5943] <... write resumed>) = 2097152 [pid 5940] <... write resumed>) = 2097152 [pid 5939] <... openat resumed>) = 4 [pid 5944] write(3, "1000", 4 [pid 5942] <... munmap resumed>) = 0 [pid 5943] munmap(0x7f3b887a1000, 138412032 [pid 5940] munmap(0x7f3b887a1000, 138412032 [pid 5939] ioctl(4, LOOP_SET_FD, 3 [pid 5944] <... write resumed>) = 4 [pid 5942] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5943] <... munmap resumed>) = 0 [pid 5941] <... write resumed>) = 2097152 [pid 5944] close(3 [pid 5942] <... openat resumed>) = 4 [pid 5940] <... munmap resumed>) = 0 [pid 5939] <... ioctl resumed>) = 0 [pid 5943] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5943] ioctl(4, LOOP_SET_FD, 3 [pid 5944] <... close resumed>) = 0 [pid 5942] ioctl(4, LOOP_SET_FD, 3 [pid 5941] munmap(0x7f3b887a1000, 138412032 [pid 5940] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5939] close(3 [pid 5944] symlink("/dev/binderfs", "./binderfs" [pid 5943] <... ioctl resumed>) = 0 [pid 5943] close(3) = 0 [pid 5943] mkdir("./file0", 0777) = 0 [pid 5943] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5944] <... symlink resumed>) = 0 [pid 5942] <... ioctl resumed>) = 0 [pid 5941] <... munmap resumed>) = 0 [pid 5940] <... openat resumed>) = 4 [pid 5939] <... close resumed>) = 0 [pid 5942] close(3 [pid 5940] ioctl(4, LOOP_SET_FD, 3 [pid 5939] mkdir("./file0", 0777 [pid 5941] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5939] <... mkdir resumed>) = 0 [pid 5944] memfd_create("syzkaller", 0 [pid 5942] <... close resumed>) = 0 [pid 5941] ioctl(4, LOOP_SET_FD, 3 [pid 5940] <... ioctl resumed>) = 0 [pid 5939] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5944] <... memfd_create resumed>) = 3 [pid 5942] mkdir("./file0", 0777 [pid 5940] close(3 [pid 5944] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5942] <... mkdir resumed>) = 0 [ 143.960195][ T5939] loop4: detected capacity change from 0 to 4096 [ 143.972130][ T5943] loop5: detected capacity change from 0 to 4096 [ 143.973774][ T5942] loop0: detected capacity change from 0 to 4096 [ 143.994304][ T5940] loop3: detected capacity change from 0 to 4096 [ 143.994705][ T5943] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5944] <... mmap resumed>) = 0x7f3b887a1000 [pid 5942] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5940] <... close resumed>) = 0 [pid 5940] mkdir("./file0", 0777) = 0 [pid 5940] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5941] <... ioctl resumed>) = 0 [pid 5941] close(3) = 0 [pid 5941] mkdir("./file0", 0777) = 0 [pid 5941] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5939] <... mount resumed>) = 0 [pid 5939] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 144.009896][ T5939] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 144.019138][ T5942] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 144.019662][ T5941] loop2: detected capacity change from 0 to 4096 [ 144.040581][ T5940] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5940] <... mount resumed>) = 0 [pid 5939] chdir("./file0" [pid 5944] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5940] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5939] <... chdir resumed>) = 0 [pid 5940] <... openat resumed>) = 3 [pid 5939] ioctl(4, LOOP_CLR_FD [pid 5940] chdir("./file0" [pid 5939] <... ioctl resumed>) = 0 [pid 5940] <... chdir resumed>) = 0 [pid 5939] close(4 [pid 5940] ioctl(4, LOOP_CLR_FD [pid 5939] <... close resumed>) = 0 [pid 5940] <... ioctl resumed>) = 0 [pid 5939] exit_group(0 [pid 5940] close(4 [pid 5939] <... exit_group resumed>) = ? [pid 5943] <... mount resumed>) = 0 [pid 5940] <... close resumed>) = 0 [pid 5939] +++ exited with 0 +++ [pid 5943] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5939, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5943] <... openat resumed>) = 3 [pid 5940] exit_group(0 [pid 5943] chdir("./file0") = 0 [pid 5940] <... exit_group resumed>) = ? [pid 5051] umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5943] ioctl(4, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5943] <... ioctl resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5943] close(4 [pid 5051] <... openat resumed>) = 3 [pid 5943] <... close resumed>) = 0 [pid 5943] exit_group(0 [pid 5051] newfstatat(3, "", [pid 5943] <... exit_group resumed>) = ? [pid 5943] +++ exited with 0 +++ [pid 5940] +++ exited with 0 +++ [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5943, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5051] getdents64(3, [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5940, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] newfstatat(AT_FDCWD, "./144/binderfs", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] unlink("./144/binderfs" [pid 5050] <... openat resumed>) = 3 [pid 5051] <... unlink resumed>) = 0 [pid 5050] newfstatat(3, "", [pid 5052] umount2("./143", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = 0 [pid 5050] getdents64(3, [pid 5052] openat(AT_FDCWD, "./143", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5942] <... mount resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5051] newfstatat(AT_FDCWD, "./144/file0", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5942] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] newfstatat(AT_FDCWD, "./145/binderfs", [pid 5942] <... openat resumed>) = 3 [pid 5052] getdents64(3, [pid 5051] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5942] chdir("./file0" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 144.068657][ T5941] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5050] unlink("./145/binderfs" [pid 5942] <... chdir resumed>) = 0 [pid 5052] umount2("./143/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... unlink resumed>) = 0 [pid 5942] ioctl(4, LOOP_CLR_FD [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... openat resumed>) = 4 [pid 5944] <... write resumed>) = 2097152 [pid 5050] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5944] munmap(0x7f3b887a1000, 138412032 [pid 5942] <... ioctl resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./143/binderfs", [pid 5051] newfstatat(4, "", [pid 5942] close(4) = 0 [pid 5942] exit_group(0) = ? [pid 5942] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5942, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5047] umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] getdents64(4, [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] unlink("./143/binderfs" [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5944] <... munmap resumed>) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5051] getdents64(4, [pid 5941] <... mount resumed>) = 0 [pid 5052] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5941] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5944] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5941] <... openat resumed>) = 3 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] close(4 [pid 5050] <... umount2 resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./148/binderfs", [pid 5944] <... openat resumed>) = 4 [pid 5941] chdir("./file0" [pid 5051] <... close resumed>) = 0 [pid 5050] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5944] ioctl(4, LOOP_SET_FD, 3 [pid 5941] <... chdir resumed>) = 0 [pid 5052] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] rmdir("./144/file0" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5944] <... ioctl resumed>) = 0 [pid 5941] ioctl(4, LOOP_CLR_FD [pid 5050] newfstatat(AT_FDCWD, "./145/file0", [pid 5047] unlink("./148/binderfs" [pid 5941] <... ioctl resumed>) = 0 [pid 5944] close(3 [pid 5941] close(4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5941] <... close resumed>) = 0 [pid 5047] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5944] <... close resumed>) = 0 [pid 5941] exit_group(0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5941] <... exit_group resumed>) = ? [pid 5944] mkdir("./file0", 0777 [pid 5941] +++ exited with 0 +++ [pid 5052] newfstatat(AT_FDCWD, "./143/file0", [pid 5050] openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5944] <... mkdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5941, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5052] umount2("./143/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5944] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./143/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] getdents64(3, [pid 5050] <... openat resumed>) = 4 [pid 5049] umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] newfstatat(4, "", [pid 5052] <... openat resumed>) = 4 [pid 5051] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(4, "", [pid 5051] <... close resumed>) = 0 [pid 5050] getdents64(4, [pid 5049] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] rmdir("./144" [pid 5049] <... openat resumed>) = 3 [pid 5052] getdents64(4, [pid 5049] newfstatat(3, "", [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(3, [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] getdents64(4, [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] close(4 [pid 5051] mkdir("./145", 0777 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... close resumed>) = 0 [pid 5050] close(4 [pid 5049] umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] rmdir("./143/file0" [pid 5050] <... close resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5050] rmdir("./145/file0" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] getdents64(3, [pid 5050] <... rmdir resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./148/binderfs", [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] unlink("./148/binderfs" [pid 5052] rmdir("./143" [pid 5050] getdents64(3, [pid 5049] <... unlink resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] mkdir("./144", 0777 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] close(3 [pid 5052] <... mkdir resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] rmdir("./145" [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5050] <... rmdir resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5051] close(3 [pid 5050] mkdir("./146", 0777 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5050] <... mkdir resumed>) = 0 [pid 5052] <... close resumed>) = 0 [ 144.183489][ T5944] loop1: detected capacity change from 0 to 4096 [ 144.223143][ T5944] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5945 ./strace-static-x86_64: Process 5945 attached [pid 5945] set_robust_list(0x555556629660, 24) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5945] chdir("./144" [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5945] <... chdir resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5047] newfstatat(AT_FDCWD, "./148/file0", ./strace-static-x86_64: Process 5946 attached [pid 5945] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5946] set_robust_list(0x555556629660, 24 [pid 5945] <... prctl resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5946 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5946] <... set_robust_list resumed>) = 0 [pid 5945] setpgid(0, 0 [pid 5050] close(3 [pid 5047] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5946] chdir("./145" [pid 5945] <... setpgid resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5946] <... chdir resumed>) = 0 [pid 5945] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... umount2 resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5946] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5947 attached ) = 0 [pid 5945] <... openat resumed>) = 3 [pid 5047] <... openat resumed>) = 4 [pid 5947] set_robust_list(0x555556629660, 24 [pid 5946] setpgid(0, 0 [pid 5945] write(3, "1000", 4 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5947 [pid 5047] newfstatat(4, "", [pid 5946] <... setpgid resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5947] <... set_robust_list resumed>) = 0 [pid 5946] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5945] <... write resumed>) = 4 [pid 5047] getdents64(4, [pid 5947] chdir("./146" [pid 5946] <... openat resumed>) = 3 [pid 5945] close(3) = 0 [pid 5945] symlink("/dev/binderfs", "./binderfs" [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5945] <... symlink resumed>) = 0 [pid 5947] <... chdir resumed>) = 0 [pid 5946] write(3, "1000", 4 [pid 5945] memfd_create("syzkaller", 0 [pid 5047] getdents64(4, [pid 5947] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5946] <... write resumed>) = 4 [pid 5945] <... memfd_create resumed>) = 3 [pid 5944] <... mount resumed>) = 0 [pid 5049] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5945] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5944] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5945] <... mmap resumed>) = 0x7f3b887a1000 [pid 5944] <... openat resumed>) = 3 [pid 5049] newfstatat(AT_FDCWD, "./148/file0", [pid 5947] <... prctl resumed>) = 0 [pid 5946] close(3 [pid 5944] chdir("./file0" [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5947] setpgid(0, 0 [pid 5946] <... close resumed>) = 0 [pid 5944] <... chdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] close(4 [pid 5947] <... setpgid resumed>) = 0 [pid 5946] symlink("/dev/binderfs", "./binderfs" [pid 5047] <... close resumed>) = 0 [pid 5947] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5946] <... symlink resumed>) = 0 [pid 5944] ioctl(4, LOOP_CLR_FD [pid 5049] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] rmdir("./148/file0" [pid 5944] <... ioctl resumed>) = 0 [pid 5947] <... openat resumed>) = 3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5947] write(3, "1000", 4 [pid 5946] memfd_create("syzkaller", 0 [pid 5944] close(4 [pid 5049] openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... rmdir resumed>) = 0 [pid 5947] <... write resumed>) = 4 [pid 5946] <... memfd_create resumed>) = 3 [pid 5944] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5047] getdents64(3, [pid 5947] close(3 [pid 5946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5944] exit_group(0 [pid 5049] newfstatat(4, "", [pid 5947] <... close resumed>) = 0 [pid 5946] <... mmap resumed>) = 0x7f3b887a1000 [pid 5944] <... exit_group resumed>) = ? [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5947] symlink("/dev/binderfs", "./binderfs" [pid 5944] +++ exited with 0 +++ [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5944, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5047] close(3 [pid 5049] getdents64(4, [pid 5947] <... symlink resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... close resumed>) = 0 [pid 5049] close(4 [pid 5048] umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] rmdir("./148/file0" [pid 5048] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5049] getdents64(3, [pid 5048] newfstatat(3, "", [pid 5047] rmdir("./148" [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] close(3 [pid 5048] getdents64(3, [pid 5047] <... rmdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] mkdir("./149", 0777 [pid 5049] rmdir("./148" [pid 5048] umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... mkdir resumed>) = 0 [pid 5947] memfd_create("syzkaller", 0 [pid 5049] mkdir("./149", 0777 [pid 5048] newfstatat(AT_FDCWD, "./145/binderfs", [pid 5049] <... mkdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./145/binderfs") = 0 [pid 5048] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5947] <... memfd_create resumed>) = 3 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5947] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... openat resumed>) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5948 ./strace-static-x86_64: Process 5948 attached [pid 5948] set_robust_list(0x555556629660, 24) = 0 [pid 5948] chdir("./149") = 0 [pid 5948] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5948] setpgid(0, 0) = 0 [pid 5948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5945] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5948] <... openat resumed>) = 3 [pid 5948] write(3, "1000", 4) = 4 [pid 5948] close(3) = 0 [pid 5948] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5948] memfd_create("syzkaller", 0) = 3 [pid 5948] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] close(3) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./145/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5949 [pid 5048] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5949 attached ) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5949] set_robust_list(0x555556629660, 24) = 0 [pid 5949] chdir("./149" [pid 5048] close(4) = 0 [pid 5949] <... chdir resumed>) = 0 [pid 5048] rmdir("./145/file0") = 0 [pid 5949] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5949] <... prctl resumed>) = 0 [pid 5946] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] rmdir("./145" [pid 5949] setpgid(0, 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5949] <... setpgid resumed>) = 0 [pid 5048] mkdir("./146", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5950 [pid 5949] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5950 attached ) = 3 [pid 5950] set_robust_list(0x555556629660, 24 [pid 5949] write(3, "1000", 4 [pid 5947] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5950] <... set_robust_list resumed>) = 0 [pid 5949] <... write resumed>) = 4 [pid 5950] chdir("./146" [pid 5949] close(3 [pid 5950] <... chdir resumed>) = 0 [pid 5949] <... close resumed>) = 0 [pid 5945] <... write resumed>) = 2097152 [pid 5950] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5949] symlink("/dev/binderfs", "./binderfs" [pid 5945] munmap(0x7f3b887a1000, 138412032 [pid 5950] <... prctl resumed>) = 0 [pid 5949] <... symlink resumed>) = 0 [pid 5948] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5945] <... munmap resumed>) = 0 [pid 5950] setpgid(0, 0) = 0 [pid 5950] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5949] memfd_create("syzkaller", 0 [pid 5950] write(3, "1000", 4) = 4 [pid 5950] close(3) = 0 [pid 5950] symlink("/dev/binderfs", "./binderfs" [pid 5949] <... memfd_create resumed>) = 3 [pid 5946] <... write resumed>) = 2097152 [pid 5945] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5950] <... symlink resumed>) = 0 [pid 5949] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5950] memfd_create("syzkaller", 0 [pid 5949] <... mmap resumed>) = 0x7f3b887a1000 [pid 5945] <... openat resumed>) = 4 [pid 5945] ioctl(4, LOOP_SET_FD, 3 [pid 5950] <... memfd_create resumed>) = 3 [pid 5950] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5945] <... ioctl resumed>) = 0 [pid 5946] munmap(0x7f3b887a1000, 138412032 [pid 5945] close(3 [pid 5946] <... munmap resumed>) = 0 [pid 5945] <... close resumed>) = 0 [pid 5945] mkdir("./file0", 0777 [pid 5946] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5945] <... mkdir resumed>) = 0 [pid 5946] <... openat resumed>) = 4 [pid 5946] ioctl(4, LOOP_SET_FD, 3 [pid 5945] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5947] <... write resumed>) = 2097152 [pid 5946] <... ioctl resumed>) = 0 [pid 5945] <... mount resumed>) = 0 [pid 5946] close(3 [pid 5945] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5946] <... close resumed>) = 0 [pid 5947] munmap(0x7f3b887a1000, 138412032 [pid 5946] mkdir("./file0", 0777 [pid 5945] <... openat resumed>) = 3 [pid 5950] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5947] <... munmap resumed>) = 0 [pid 5946] <... mkdir resumed>) = 0 [pid 5948] <... write resumed>) = 2097152 [pid 5946] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5945] chdir("./file0" [ 144.512849][ T5945] loop5: detected capacity change from 0 to 4096 [ 144.545201][ T5946] loop4: detected capacity change from 0 to 4096 [ 144.553171][ T5945] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5948] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5945] <... chdir resumed>) = 0 [pid 5947] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5947] ioctl(4, LOOP_SET_FD, 3 [pid 5948] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5945] ioctl(4, LOOP_CLR_FD [pid 5948] <... openat resumed>) = 4 [pid 5948] ioctl(4, LOOP_SET_FD, 3 [pid 5945] <... ioctl resumed>) = 0 [pid 5945] close(4) = 0 [pid 5948] <... ioctl resumed>) = 0 [pid 5945] exit_group(0 [pid 5948] close(3 [pid 5945] <... exit_group resumed>) = ? [pid 5948] <... close resumed>) = 0 [pid 5945] +++ exited with 0 +++ [pid 5948] mkdir("./file0", 0777 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5945, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5948] <... mkdir resumed>) = 0 [pid 5948] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./144", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./144", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5947] <... ioctl resumed>) = 0 [pid 5052] getdents64(3, [pid 5947] close(3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5947] <... close resumed>) = 0 [pid 5052] umount2("./144/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5947] mkdir("./file0", 0777 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5947] <... mkdir resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./144/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5949] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5947] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] unlink("./144/binderfs") = 0 [ 144.587179][ T5946] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 144.594723][ T5947] loop3: detected capacity change from 0 to 4096 [ 144.603659][ T5948] loop2: detected capacity change from 0 to 4096 [ 144.620491][ T5948] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5950] <... write resumed>) = 2097152 [pid 5950] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5946] <... mount resumed>) = 0 [pid 5946] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5950] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5946] <... openat resumed>) = 3 [pid 5950] <... openat resumed>) = 4 [pid 5949] <... write resumed>) = 2097152 [pid 5946] chdir("./file0" [pid 5950] ioctl(4, LOOP_SET_FD, 3 [pid 5948] <... mount resumed>) = 0 [pid 5946] <... chdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [ 144.636025][ T5947] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5949] munmap(0x7f3b887a1000, 138412032 [pid 5946] ioctl(4, LOOP_CLR_FD [pid 5947] <... mount resumed>) = 0 [pid 5946] <... ioctl resumed>) = 0 [pid 5948] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5946] close(4 [pid 5052] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5946] <... close resumed>) = 0 [pid 5947] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5949] <... munmap resumed>) = 0 [pid 5948] <... openat resumed>) = 3 [pid 5947] <... openat resumed>) = 3 [pid 5946] exit_group(0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5946] <... exit_group resumed>) = ? [pid 5948] chdir("./file0" [pid 5052] newfstatat(AT_FDCWD, "./144/file0", [pid 5948] <... chdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./144/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./144/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5947] chdir("./file0" [pid 5946] +++ exited with 0 +++ [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5946, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5052] getdents64(4, [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5948] ioctl(4, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... restart_syscall resumed>) = 0 [pid 5948] <... ioctl resumed>) = 0 [pid 5052] getdents64(4, [pid 5948] close(4 [pid 5947] <... chdir resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5949] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5948] <... close resumed>) = 0 [pid 5947] ioctl(4, LOOP_CLR_FD [pid 5052] close(4 [pid 5051] umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5949] <... openat resumed>) = 4 [pid 5948] exit_group(0 [pid 5947] <... ioctl resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5949] ioctl(4, LOOP_SET_FD, 3 [pid 5948] <... exit_group resumed>) = ? [pid 5947] close(4 [pid 5052] rmdir("./144/file0" [pid 5051] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5950] <... ioctl resumed>) = 0 [pid 5947] <... close resumed>) = 0 [pid 5950] close(3 [pid 5947] exit_group(0 [pid 5051] <... openat resumed>) = 3 [pid 5950] <... close resumed>) = 0 [pid 5947] <... exit_group resumed>) = ? [pid 5051] newfstatat(3, "", [pid 5950] mkdir("./file0", 0777 [pid 5948] +++ exited with 0 +++ [pid 5947] +++ exited with 0 +++ [pid 5052] <... rmdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5947, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5950] <... mkdir resumed>) = 0 [pid 5051] umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5948, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5051] newfstatat(AT_FDCWD, "./145/binderfs", [pid 5049] <... restart_syscall resumed>) = 0 [pid 5950] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] getdents64(3, [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] unlink("./145/binderfs" [pid 5050] umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] close(3 [pid 5051] <... unlink resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5051] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] rmdir("./144" [pid 5050] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... rmdir resumed>) = 0 [pid 5050] newfstatat(3, "", [pid 5049] <... openat resumed>) = 3 [pid 5052] mkdir("./145", 0777 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] newfstatat(3, "", [pid 5052] <... mkdir resumed>) = 0 [ 144.697431][ T5950] loop1: detected capacity change from 0 to 4096 [ 144.721411][ T5949] loop0: detected capacity change from 0 to 4096 [pid 5050] getdents64(3, [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] getdents64(3, [pid 5949] <... ioctl resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5949] close(3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5051] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5949] <... close resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./146/binderfs", [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5949] mkdir("./file0", 0777 [pid 5052] close(3 [pid 5051] newfstatat(AT_FDCWD, "./145/file0", [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] newfstatat(AT_FDCWD, "./149/binderfs", [pid 5949] <... mkdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./146/binderfs" [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5049] unlink("./149/binderfs" [pid 5052] <... close resumed>) = 0 [pid 5051] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... unlink resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5951 attached [ 144.740986][ T5950] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5949] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5951] set_robust_list(0x555556629660, 24 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5951 [pid 5951] <... set_robust_list resumed>) = 0 [pid 5951] chdir("./145") = 0 [pid 5051] <... openat resumed>) = 4 [pid 5951] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] newfstatat(4, "", [pid 5951] <... prctl resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5951] setpgid(0, 0 [pid 5051] getdents64(4, [pid 5951] <... setpgid resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5951] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] getdents64(4, [pid 5951] <... openat resumed>) = 3 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5951] write(3, "1000", 4 [pid 5051] close(4 [pid 5951] <... write resumed>) = 4 [pid 5051] <... close resumed>) = 0 [pid 5951] close(3 [pid 5051] rmdir("./145/file0" [pid 5951] <... close resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5951] symlink("/dev/binderfs", "./binderfs" [pid 5051] getdents64(3, [pid 5951] <... symlink resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3 [pid 5049] <... umount2 resumed>) = 0 [pid 5951] memfd_create("syzkaller", 0 [pid 5051] <... close resumed>) = 0 [pid 5049] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5951] <... memfd_create resumed>) = 3 [pid 5051] rmdir("./145" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5951] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5950] <... mount resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./149/file0", [pid 5951] <... mmap resumed>) = 0x7f3b887a1000 [ 144.775068][ T5949] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5950] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] mkdir("./146", 0777 [pid 5050] <... umount2 resumed>) = 0 [pid 5950] <... openat resumed>) = 3 [pid 5050] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5950] chdir("./file0" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5950] <... chdir resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./146/file0", [pid 5950] ioctl(4, LOOP_CLR_FD) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5950] close(4 [pid 5050] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5950] <... close resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... openat resumed>) = 4 [pid 5051] <... openat resumed>) = 3 [pid 5049] newfstatat(4, "", [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] getdents64(4, [pid 5051] close(3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... close resumed>) = 0 [pid 5049] getdents64(4, [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 ./strace-static-x86_64: Process 5952 attached [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5952 [pid 5050] openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] rmdir("./149/file0" [pid 5952] set_robust_list(0x555556629660, 24 [pid 5950] exit_group(0 [pid 5050] <... openat resumed>) = 4 [pid 5049] <... rmdir resumed>) = 0 [pid 5952] <... set_robust_list resumed>) = 0 [pid 5950] <... exit_group resumed>) = ? [pid 5050] newfstatat(4, "", [pid 5049] getdents64(3, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(4, [pid 5049] close(3 [pid 5952] chdir("./146" [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] <... close resumed>) = 0 [pid 5952] <... chdir resumed>) = 0 [pid 5950] +++ exited with 0 +++ [pid 5050] getdents64(4, [pid 5049] rmdir("./149" [pid 5952] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5949] <... mount resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5952] <... prctl resumed>) = 0 [pid 5949] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] close(4 [pid 5049] mkdir("./150", 0777 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5950, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5952] setpgid(0, 0 [pid 5949] <... openat resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5952] <... setpgid resumed>) = 0 [pid 5949] chdir("./file0" [pid 5050] rmdir("./146/file0" [pid 5048] <... restart_syscall resumed>) = 0 [pid 5952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5949] <... chdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5952] <... openat resumed>) = 3 [pid 5949] ioctl(4, LOOP_CLR_FD [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5952] write(3, "1000", 4 [pid 5949] <... ioctl resumed>) = 0 [pid 5050] getdents64(3, [pid 5048] umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5952] <... write resumed>) = 4 [pid 5949] close(4 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5952] close(3 [pid 5050] close(3 [pid 5952] <... close resumed>) = 0 [pid 5949] <... close resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5949] exit_group(0 [pid 5049] close(3 [pid 5048] <... openat resumed>) = 3 [pid 5949] <... exit_group resumed>) = ? [pid 5049] <... close resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5949] +++ exited with 0 +++ [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5952] symlink("/dev/binderfs", "./binderfs" [pid 5050] rmdir("./146" [pid 5048] getdents64(3, [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5949, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5952] <... symlink resumed>) = 0 [pid 5951] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./146/binderfs", ./strace-static-x86_64: Process 5953 attached [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5953 [pid 5953] set_robust_list(0x555556629660, 24 [pid 5952] memfd_create("syzkaller", 0 [pid 5050] mkdir("./147", 0777 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5953] <... set_robust_list resumed>) = 0 [pid 5048] unlink("./146/binderfs" [pid 5953] chdir("./150" [pid 5048] <... unlink resumed>) = 0 [pid 5953] <... chdir resumed>) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5048] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5953] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5952] <... memfd_create resumed>) = 3 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5953] <... prctl resumed>) = 0 [pid 5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] <... openat resumed>) = 3 [pid 5047] openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5953] setpgid(0, 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5048] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 3 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(3, "", [pid 5050] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... close resumed>) = 0 [pid 5047] getdents64(3, [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] newfstatat(AT_FDCWD, "./146/file0", [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5953] <... setpgid resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5954 attached ) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5954 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5954] set_robust_list(0x555556629660, 24 [pid 5953] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] newfstatat(AT_FDCWD, "./149/binderfs", [pid 5954] <... set_robust_list resumed>) = 0 [pid 5952] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5954] chdir("./147" [pid 5953] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 4 [pid 5047] unlink("./149/binderfs" [pid 5953] write(3, "1000", 4 [pid 5048] newfstatat(4, "", [pid 5047] <... unlink resumed>) = 0 [pid 5953] <... write resumed>) = 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5954] <... chdir resumed>) = 0 [pid 5953] close(3 [pid 5048] getdents64(4, [pid 5047] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5954] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5953] <... close resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5953] symlink("/dev/binderfs", "./binderfs" [pid 5048] getdents64(4, [pid 5954] <... prctl resumed>) = 0 [pid 5953] <... symlink resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5954] setpgid(0, 0) = 0 [pid 5954] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5953] memfd_create("syzkaller", 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./146/file0" [pid 5047] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... rmdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5954] <... openat resumed>) = 3 [pid 5953] <... memfd_create resumed>) = 3 [pid 5048] getdents64(3, [pid 5954] write(3, "1000", 4 [pid 5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] newfstatat(AT_FDCWD, "./149/file0", [pid 5954] <... write resumed>) = 4 [pid 5953] <... mmap resumed>) = 0x7f3b887a1000 [pid 5954] close(3 [pid 5048] close(3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... close resumed>) = 0 [pid 5048] rmdir("./146") = 0 [pid 5048] mkdir("./147", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5954] <... close resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5047] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5954] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5954] <... symlink resumed>) = 0 [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5954] memfd_create("syzkaller", 0 [pid 5047] openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5955 [pid 5047] newfstatat(4, "", ./strace-static-x86_64: Process 5955 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5955] set_robust_list(0x555556629660, 24) = 0 [pid 5955] chdir("./147") = 0 [pid 5955] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5955] setpgid(0, 0) = 0 [pid 5955] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5954] <... memfd_create resumed>) = 3 [pid 5047] close(4 [pid 5954] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] <... close resumed>) = 0 [pid 5954] <... mmap resumed>) = 0x7f3b887a1000 [pid 5955] write(3, "1000", 4 [pid 5047] rmdir("./149/file0" [pid 5955] <... write resumed>) = 4 [pid 5955] close(3 [pid 5047] <... rmdir resumed>) = 0 [pid 5955] <... close resumed>) = 0 [pid 5955] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] getdents64(3, [pid 5955] memfd_create("syzkaller", 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./149" [pid 5955] <... memfd_create resumed>) = 3 [pid 5955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5951] <... write resumed>) = 2097152 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] mkdir("./150", 0777) = 0 [pid 5951] munmap(0x7f3b887a1000, 138412032 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5951] <... munmap resumed>) = 0 [pid 5951] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] <... openat resumed>) = 3 [pid 5951] <... openat resumed>) = 4 [pid 5047] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5047] close(3 [pid 5952] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5951] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... close resumed>) = 0 [pid 5951] <... ioctl resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5953] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 5956 attached [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5956 [pid 5954] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5956] set_robust_list(0x555556629660, 24) = 0 [pid 5956] chdir("./150" [pid 5951] close(3) = 0 [pid 5951] mkdir("./file0", 0777) = 0 [ 145.073235][ T5951] loop5: detected capacity change from 0 to 4096 [pid 5951] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5956] <... chdir resumed>) = 0 [pid 5953] <... write resumed>) = 2097152 [pid 5956] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5955] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5956] <... prctl resumed>) = 0 [pid 5953] munmap(0x7f3b887a1000, 138412032 [pid 5952] <... write resumed>) = 2097152 [pid 5956] setpgid(0, 0 [pid 5952] munmap(0x7f3b887a1000, 138412032 [pid 5956] <... setpgid resumed>) = 0 [pid 5956] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5954] <... write resumed>) = 2097152 [pid 5952] <... munmap resumed>) = 0 [pid 5956] <... openat resumed>) = 3 [pid 5956] write(3, "1000", 4) = 4 [pid 5956] close(3) = 0 [pid 5954] munmap(0x7f3b887a1000, 138412032 [pid 5952] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5956] symlink("/dev/binderfs", "./binderfs" [pid 5952] <... openat resumed>) = 4 [pid 5953] <... munmap resumed>) = 0 [ 145.115150][ T5951] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5953] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5954] <... munmap resumed>) = 0 [pid 5956] <... symlink resumed>) = 0 [pid 5953] ioctl(4, LOOP_SET_FD, 3 [pid 5952] ioctl(4, LOOP_SET_FD, 3 [pid 5956] memfd_create("syzkaller", 0 [pid 5951] <... mount resumed>) = 0 [pid 5956] <... memfd_create resumed>) = 3 [pid 5951] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5956] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5954] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5953] <... ioctl resumed>) = 0 [pid 5952] <... ioctl resumed>) = 0 [pid 5951] <... openat resumed>) = 3 [pid 5956] <... mmap resumed>) = 0x7f3b887a1000 [pid 5954] <... openat resumed>) = 4 [pid 5953] close(3 [pid 5952] close(3 [pid 5951] chdir("./file0" [pid 5954] ioctl(4, LOOP_SET_FD, 3 [pid 5953] <... close resumed>) = 0 [pid 5952] <... close resumed>) = 0 [pid 5951] <... chdir resumed>) = 0 [pid 5951] ioctl(4, LOOP_CLR_FD [pid 5952] mkdir("./file0", 0777 [pid 5953] mkdir("./file0", 0777) = 0 [pid 5954] <... ioctl resumed>) = 0 [pid 5953] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5952] <... mkdir resumed>) = 0 [pid 5951] <... ioctl resumed>) = 0 [pid 5955] <... write resumed>) = 2097152 [pid 5951] close(4 [pid 5954] close(3 [pid 5952] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5951] <... close resumed>) = 0 [pid 5955] munmap(0x7f3b887a1000, 138412032 [pid 5954] <... close resumed>) = 0 [pid 5951] exit_group(0 [pid 5954] mkdir("./file0", 0777 [pid 5951] <... exit_group resumed>) = ? [pid 5951] +++ exited with 0 +++ [pid 5954] <... mkdir resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5951, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5052] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 145.177502][ T5953] loop2: detected capacity change from 0 to 4096 [ 145.185604][ T5952] loop4: detected capacity change from 0 to 4096 [ 145.197404][ T5954] loop3: detected capacity change from 0 to 4096 [ 145.214403][ T5953] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] umount2("./145", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5955] <... munmap resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5954] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] openat(AT_FDCWD, "./145", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", [pid 5955] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5955] <... openat resumed>) = 4 [pid 5052] getdents64(3, [pid 5955] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./145/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./145/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5955] <... ioctl resumed>) = 0 [pid 5052] unlink("./145/binderfs" [pid 5955] close(3 [pid 5052] <... unlink resumed>) = 0 [pid 5955] <... close resumed>) = 0 [pid 5052] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5955] mkdir("./file0", 0777 [pid 5052] <... umount2 resumed>) = 0 [pid 5955] <... mkdir resumed>) = 0 [pid 5052] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./145/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./145/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./145/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5955] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] <... openat resumed>) = 4 [pid 5953] <... mount resumed>) = 0 [ 145.236833][ T5952] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 145.252184][ T5954] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 145.265460][ T5955] loop1: detected capacity change from 0 to 4096 [pid 5052] newfstatat(4, "", [pid 5953] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5953] <... openat resumed>) = 3 [pid 5052] getdents64(4, [pid 5953] chdir("./file0" [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5953] <... chdir resumed>) = 0 [pid 5052] getdents64(4, [pid 5953] ioctl(4, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5953] <... ioctl resumed>) = 0 [pid 5052] close(4 [pid 5953] close(4 [pid 5052] <... close resumed>) = 0 [pid 5953] <... close resumed>) = 0 [pid 5052] rmdir("./145/file0" [pid 5953] exit_group(0 [pid 5052] <... rmdir resumed>) = 0 [pid 5953] <... exit_group resumed>) = ? [pid 5052] getdents64(3, [pid 5953] +++ exited with 0 +++ [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5953, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5052] rmdir("./145" [pid 5956] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... rmdir resumed>) = 0 [pid 5052] mkdir("./146", 0777 [pid 5955] <... mount resumed>) = 0 [pid 5954] <... mount resumed>) = 0 [pid 5952] <... mount resumed>) = 0 [pid 5955] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5954] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5952] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5955] <... openat resumed>) = 3 [pid 5954] <... openat resumed>) = 3 [pid 5952] <... openat resumed>) = 3 [pid 5052] <... mkdir resumed>) = 0 [pid 5049] umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5955] chdir("./file0" [pid 5952] chdir("./file0" [pid 5955] <... chdir resumed>) = 0 [pid 5952] <... chdir resumed>) = 0 [pid 5955] ioctl(4, LOOP_CLR_FD [pid 5952] ioctl(4, LOOP_CLR_FD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5955] <... ioctl resumed>) = 0 [pid 5954] chdir("./file0" [pid 5952] <... ioctl resumed>) = 0 [pid 5955] close(4 [pid 5954] <... chdir resumed>) = 0 [pid 5952] close(4 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5955] <... close resumed>) = 0 [pid 5954] ioctl(4, LOOP_CLR_FD [pid 5952] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5955] exit_group(0 [pid 5954] <... ioctl resumed>) = 0 [pid 5952] exit_group(0 [pid 5955] <... exit_group resumed>) = ? [pid 5954] close(4 [pid 5952] <... exit_group resumed>) = ? [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] <... openat resumed>) = 3 [pid 5955] +++ exited with 0 +++ [pid 5954] <... close resumed>) = 0 [pid 5952] +++ exited with 0 +++ [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5954] exit_group(0 [ 145.294917][ T5955] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5052] close(3) = 0 [pid 5954] <... exit_group resumed>) = ? [pid 5049] newfstatat(3, "", [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5955, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5956] <... write resumed>) = 2097152 [pid 5954] +++ exited with 0 +++ [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5952, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5954, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... openat resumed>) = 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] newfstatat(3, "", [pid 5050] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] newfstatat(AT_FDCWD, "./150/binderfs", [pid 5050] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5957 attached [pid 5956] munmap(0x7f3b887a1000, 138412032 [pid 5050] newfstatat(3, "", [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(3, "", [pid 5957] set_robust_list(0x555556629660, 24 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5957 [pid 5051] getdents64(3, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] unlink("./150/binderfs" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5957] <... set_robust_list resumed>) = 0 [pid 5050] getdents64(3, [pid 5048] getdents64(3, [pid 5957] chdir("./146" [pid 5049] <... unlink resumed>) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5957] <... chdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5957] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5957] setpgid(0, 0 [pid 5050] newfstatat(AT_FDCWD, "./147/binderfs", [pid 5048] newfstatat(AT_FDCWD, "./147/binderfs", [pid 5957] <... setpgid resumed>) = 0 [pid 5957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5957] <... openat resumed>) = 3 [pid 5956] <... munmap resumed>) = 0 [pid 5957] write(3, "1000", 4) = 4 [pid 5956] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5957] close(3 [pid 5956] <... openat resumed>) = 4 [pid 5957] <... close resumed>) = 0 [pid 5957] symlink("/dev/binderfs", "./binderfs" [pid 5956] ioctl(4, LOOP_SET_FD, 3 [pid 5957] <... symlink resumed>) = 0 [pid 5051] umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] unlink("./147/binderfs" [pid 5048] unlink("./147/binderfs" [pid 5957] memfd_create("syzkaller", 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... unlink resumed>) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./146/binderfs", [pid 5050] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./146/binderfs" [pid 5957] <... memfd_create resumed>) = 3 [pid 5051] <... unlink resumed>) = 0 [pid 5051] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5049] <... umount2 resumed>) = 0 [pid 5956] <... ioctl resumed>) = 0 [pid 5956] close(3) = 0 [pid 5956] mkdir("./file0", 0777) = 0 [ 145.379679][ T5956] loop0: detected capacity change from 0 to 4096 [pid 5956] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5051] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./150/file0", [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] newfstatat(AT_FDCWD, "./146/file0", [pid 5049] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5049] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] getdents64(4, [pid 5051] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] close(4) = 0 [pid 5049] rmdir("./150/file0" [pid 5051] openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(3 [pid 5051] <... openat resumed>) = 4 [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./150" [pid 5051] newfstatat(4, "", [pid 5049] <... rmdir resumed>) = 0 [pid 5048] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] mkdir("./151", 0777 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] getdents64(4, [pid 5050] newfstatat(AT_FDCWD, "./147/file0", [pid 5049] <... mkdir resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./147/file0", [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] getdents64(4, [pid 5050] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5051] close(4 [pid 5050] openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... close resumed>) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5048] openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5958 attached [ 145.422758][ T5956] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5051] rmdir("./146/file0" [pid 5050] newfstatat(4, "", [pid 5048] <... openat resumed>) = 4 [pid 5958] set_robust_list(0x555556629660, 24 [pid 5957] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5958 [pid 5048] newfstatat(4, "", [pid 5958] <... set_robust_list resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, [pid 5958] chdir("./151" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] getdents64(4, [pid 5048] getdents64(4, [pid 5051] getdents64(3, [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(4, [pid 5048] close(4) = 0 [pid 5048] rmdir("./147/file0") = 0 [pid 5958] <... chdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5958] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] close(3) = 0 [pid 5048] rmdir("./147" [pid 5051] close(3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5050] close(4 [pid 5051] <... close resumed>) = 0 [pid 5958] <... prctl resumed>) = 0 [pid 5051] rmdir("./146" [pid 5050] <... close resumed>) = 0 [pid 5048] mkdir("./148", 0777 [pid 5958] setpgid(0, 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5958] <... setpgid resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5958] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... rmdir resumed>) = 0 [pid 5050] rmdir("./147/file0" [pid 5048] <... openat resumed>) = 3 [pid 5958] <... openat resumed>) = 3 [pid 5051] mkdir("./147", 0777 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5958] write(3, "1000", 4 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5958] <... write resumed>) = 4 [pid 5048] close(3 [pid 5958] close(3 [pid 5048] <... close resumed>) = 0 [pid 5958] <... close resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... mkdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5958] symlink("/dev/binderfs", "./binderfs" [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5958] <... symlink resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] close(3 [pid 5958] memfd_create("syzkaller", 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5050] <... close resumed>) = 0 [pid 5956] <... mount resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5050] rmdir("./147" [pid 5956] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 5959 attached [pid 5958] <... memfd_create resumed>) = 3 [pid 5956] <... openat resumed>) = 3 [pid 5051] close(3 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5959 [pid 5959] set_robust_list(0x555556629660, 24 [pid 5958] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5956] chdir("./file0" [pid 5051] <... close resumed>) = 0 [pid 5050] mkdir("./148", 0777 [pid 5959] <... set_robust_list resumed>) = 0 [pid 5958] <... mmap resumed>) = 0x7f3b887a1000 [pid 5956] <... chdir resumed>) = 0 [pid 5959] chdir("./148" [pid 5956] ioctl(4, LOOP_CLR_FD [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... mkdir resumed>) = 0 [pid 5959] <... chdir resumed>) = 0 [pid 5959] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5959] setpgid(0, 0) = 0 [pid 5959] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5956] <... ioctl resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5956] close(4 [pid 5050] <... openat resumed>) = 3 [pid 5959] <... openat resumed>) = 3 [pid 5956] <... close resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5959] write(3, "1000", 4 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5956] exit_group(0 [pid 5959] <... write resumed>) = 4 [pid 5956] <... exit_group resumed>) = ? [pid 5050] close(3) = 0 [pid 5959] close(3 [pid 5956] +++ exited with 0 +++ [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5960 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5959] <... close resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5956, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5959] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5961 ./strace-static-x86_64: Process 5961 attached ./strace-static-x86_64: Process 5960 attached [pid 5959] memfd_create("syzkaller", 0 [pid 5957] <... write resumed>) = 2097152 [pid 5047] umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5961] set_robust_list(0x555556629660, 24 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5961] <... set_robust_list resumed>) = 0 [pid 5047] openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5961] chdir("./148") = 0 [pid 5960] set_robust_list(0x555556629660, 24 [pid 5047] <... openat resumed>) = 3 [pid 5961] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5960] <... set_robust_list resumed>) = 0 [pid 5047] newfstatat(3, "", [pid 5960] chdir("./147") = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5960] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] getdents64(3, [pid 5961] <... prctl resumed>) = 0 [pid 5960] <... prctl resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5961] setpgid(0, 0 [pid 5960] setpgid(0, 0 [pid 5959] <... memfd_create resumed>) = 3 [pid 5047] umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5961] <... setpgid resumed>) = 0 [pid 5960] <... setpgid resumed>) = 0 [pid 5959] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5957] munmap(0x7f3b887a1000, 138412032 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5961] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5960] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5047] newfstatat(AT_FDCWD, "./150/binderfs", [pid 5961] <... openat resumed>) = 3 [pid 5960] write(3, "1000", 4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5961] write(3, "1000", 4 [pid 5960] <... write resumed>) = 4 [pid 5959] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] unlink("./150/binderfs" [pid 5961] <... write resumed>) = 4 [pid 5960] close(3 [pid 5957] <... munmap resumed>) = 0 [pid 5961] close(3 [pid 5960] <... close resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5960] symlink("/dev/binderfs", "./binderfs" [pid 5047] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5961] <... close resumed>) = 0 [pid 5960] <... symlink resumed>) = 0 [pid 5961] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5960] memfd_create("syzkaller", 0 [pid 5957] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5960] <... memfd_create resumed>) = 3 [pid 5957] <... openat resumed>) = 4 [pid 5957] ioctl(4, LOOP_SET_FD, 3 [pid 5960] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5961] memfd_create("syzkaller", 0) = 3 [pid 5958] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... umount2 resumed>) = 0 [pid 5961] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./150/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5957] <... ioctl resumed>) = 0 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./150/file0") = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./150") = 0 [pid 5047] mkdir("./151", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5957] close(3 [pid 5047] <... openat resumed>) = 3 [pid 5957] <... close resumed>) = 0 [pid 5957] mkdir("./file0", 0777 [pid 5047] ioctl(3, LOOP_CLR_FD) = 0 [pid 5047] close(3) = 0 [pid 5957] <... mkdir resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 145.596555][ T5957] loop5: detected capacity change from 0 to 4096 [pid 5957] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5962 ./strace-static-x86_64: Process 5962 attached [pid 5962] set_robust_list(0x555556629660, 24) = 0 [pid 5959] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5962] chdir("./151") = 0 [pid 5962] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5962] setpgid(0, 0) = 0 [pid 5962] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5962] write(3, "1000", 4) = 4 [pid 5962] close(3) = 0 [pid 5962] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5962] memfd_create("syzkaller", 0) = 3 [pid 5962] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [ 145.672457][ T5957] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5961] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5960] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5958] <... write resumed>) = 2097152 [pid 5957] <... mount resumed>) = 0 [pid 5957] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5958] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5957] <... openat resumed>) = 3 [pid 5957] chdir("./file0") = 0 [pid 5957] ioctl(4, LOOP_CLR_FD) = 0 [pid 5957] close(4) = 0 [pid 5958] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5958] ioctl(4, LOOP_SET_FD, 3 [pid 5957] exit_group(0) = ? [pid 5957] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5957, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=6 /* 0.06 s */} --- [pid 5052] umount2("./146", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./146", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", [pid 5959] <... write resumed>) = 2097152 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./146/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./146/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./146/binderfs" [pid 5961] <... write resumed>) = 2097152 [pid 5959] munmap(0x7f3b887a1000, 138412032 [pid 5958] <... ioctl resumed>) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5961] munmap(0x7f3b887a1000, 138412032 [pid 5958] close(3 [pid 5052] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5958] <... close resumed>) = 0 [pid 5958] mkdir("./file0", 0777) = 0 [ 145.754758][ T5958] loop2: detected capacity change from 0 to 4096 [pid 5958] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5961] <... munmap resumed>) = 0 [pid 5962] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5961] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5960] <... write resumed>) = 2097152 [pid 5959] <... munmap resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5052] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5961] <... openat resumed>) = 4 [pid 5959] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5961] ioctl(4, LOOP_SET_FD, 3 [pid 5959] <... openat resumed>) = 4 [pid 5052] newfstatat(AT_FDCWD, "./146/file0", [pid 5959] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./146/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./146/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5961] <... ioctl resumed>) = 0 [pid 5960] munmap(0x7f3b887a1000, 138412032 [pid 5052] newfstatat(4, "", [pid 5961] close(3 [pid 5960] <... munmap resumed>) = 0 [pid 5961] <... close resumed>) = 0 [pid 5961] mkdir("./file0", 0777 [pid 5960] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5961] <... mkdir resumed>) = 0 [pid 5052] getdents64(4, [pid 5960] <... openat resumed>) = 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5960] ioctl(4, LOOP_SET_FD, 3 [ 145.799501][ T5958] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 145.823823][ T5961] loop3: detected capacity change from 0 to 4096 [ 145.830502][ T5959] loop1: detected capacity change from 0 to 4096 [pid 5052] close(4 [pid 5961] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5959] <... ioctl resumed>) = 0 [pid 5958] <... mount resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./146/file0" [pid 5959] close(3 [pid 5958] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... rmdir resumed>) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3) = 0 [pid 5052] rmdir("./146") = 0 [pid 5052] mkdir("./147", 0777) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5962] <... write resumed>) = 2097152 [pid 5959] <... close resumed>) = 0 [pid 5958] <... openat resumed>) = 3 [pid 5959] mkdir("./file0", 0777 [pid 5962] munmap(0x7f3b887a1000, 138412032 [pid 5959] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5963 attached [pid 5960] <... ioctl resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5963 [pid 5963] set_robust_list(0x555556629660, 24 [pid 5960] close(3 [pid 5963] <... set_robust_list resumed>) = 0 [pid 5960] <... close resumed>) = 0 [pid 5963] chdir("./147" [pid 5960] mkdir("./file0", 0777 [pid 5959] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5962] <... munmap resumed>) = 0 [pid 5958] chdir("./file0" [pid 5960] <... mkdir resumed>) = 0 [pid 5958] <... chdir resumed>) = 0 [pid 5963] <... chdir resumed>) = 0 [pid 5963] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5960] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5963] <... prctl resumed>) = 0 [pid 5963] setpgid(0, 0) = 0 [pid 5963] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5962] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5958] ioctl(4, LOOP_CLR_FD [pid 5962] <... openat resumed>) = 4 [pid 5958] <... ioctl resumed>) = 0 [ 145.849111][ T5960] loop4: detected capacity change from 0 to 4096 [ 145.857106][ T5961] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 145.880130][ T5959] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 145.887363][ T5960] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5963] write(3, "1000", 4 [pid 5962] ioctl(4, LOOP_SET_FD, 3 [pid 5958] close(4 [pid 5963] <... write resumed>) = 4 [pid 5958] <... close resumed>) = 0 [pid 5958] exit_group(0) = ? [pid 5958] +++ exited with 0 +++ [pid 5963] close(3) = 0 [pid 5963] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5963] memfd_create("syzkaller", 0) = 3 [pid 5963] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5958, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5963] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5962] <... ioctl resumed>) = 0 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5962] close(3) = 0 [pid 5962] mkdir("./file0", 0777 [pid 5961] <... mount resumed>) = 0 [pid 5049] umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5961] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5962] <... mkdir resumed>) = 0 [pid 5961] <... openat resumed>) = 3 [pid 5049] openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5961] chdir("./file0") = 0 [pid 5049] <... openat resumed>) = 3 [pid 5961] ioctl(4, LOOP_CLR_FD) = 0 [pid 5961] close(4) = 0 [ 145.896158][ T5962] loop0: detected capacity change from 0 to 4096 [pid 5049] newfstatat(3, "", [pid 5962] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5961] exit_group(0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5959] <... mount resumed>) = 0 [pid 5049] getdents64(3, [pid 5961] <... exit_group resumed>) = ? [pid 5959] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5959] <... openat resumed>) = 3 [pid 5049] umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5959] chdir("./file0" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5959] <... chdir resumed>) = 0 [pid 5959] ioctl(4, LOOP_CLR_FD [pid 5049] newfstatat(AT_FDCWD, "./151/binderfs", [pid 5959] <... ioctl resumed>) = 0 [pid 5961] +++ exited with 0 +++ [pid 5959] close(4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5961, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5049] unlink("./151/binderfs" [pid 5959] <... close resumed>) = 0 [pid 5959] exit_group(0) = ? [pid 5050] umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... unlink resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./148/binderfs") = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5959] +++ exited with 0 +++ [pid 5960] <... mount resumed>) = 0 [pid 5050] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5959, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5960] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5960] <... openat resumed>) = 3 [pid 5049] newfstatat(AT_FDCWD, "./151/file0", [pid 5960] chdir("./file0") = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5960] ioctl(4, LOOP_CLR_FD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 145.942130][ T5962] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5960] <... ioctl resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5960] close(4) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5960] exit_group(0 [pid 5049] newfstatat(4, "", [pid 5048] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5962] <... mount resumed>) = 0 [pid 5960] <... exit_group resumed>) = ? [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5049] getdents64(4, [pid 5048] newfstatat(3, "", [pid 5960] +++ exited with 0 +++ [pid 5962] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5960, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5963] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5962] <... openat resumed>) = 3 [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5049] getdents64(4, [pid 5048] getdents64(3, [pid 5962] chdir("./file0" [pid 5051] <... restart_syscall resumed>) = 0 [pid 5051] umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] close(4 [pid 5051] <... openat resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 5051] newfstatat(3, "", [pid 5049] rmdir("./151/file0" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5049] <... rmdir resumed>) = 0 [pid 5962] <... chdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5962] ioctl(4, LOOP_CLR_FD [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] close(3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./147/binderfs", [pid 5050] newfstatat(AT_FDCWD, "./148/file0", [pid 5049] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./147/binderfs" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5962] <... ioctl resumed>) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5049] rmdir("./151" [pid 5048] umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... rmdir resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./148/binderfs", [pid 5962] close(4) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5962] exit_group(0 [pid 5050] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] mkdir("./152", 0777 [pid 5048] unlink("./148/binderfs" [pid 5962] <... exit_group resumed>) = ? [pid 5962] +++ exited with 0 +++ [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... mkdir resumed>) = 0 [pid 5048] <... unlink resumed>) = 0 [pid 5048] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5962, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5050] <... openat resumed>) = 4 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5963] <... write resumed>) = 2097152 [pid 5049] <... openat resumed>) = 3 [pid 5050] newfstatat(4, "", [pid 5051] <... umount2 resumed>) = 0 [pid 5963] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] <... umount2 resumed>) = 0 [pid 5050] getdents64(4, [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] getdents64(4, [pid 5049] close(3 [pid 5047] openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] <... close resumed>) = 0 [pid 5048] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... openat resumed>) = 3 [pid 5050] close(4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(3, "", [pid 5050] <... close resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] newfstatat(AT_FDCWD, "./148/file0", [pid 5963] <... munmap resumed>) = 0 [pid 5051] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] rmdir("./148/file0" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5963] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] getdents64(3, [pid 5963] <... openat resumed>) = 4 [pid 5051] newfstatat(AT_FDCWD, "./147/file0", [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5964 [pid 5048] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5963] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] getdents64(3, [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5963] <... ioctl resumed>) = 0 [pid 5051] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5964 attached [pid 5051] openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5964] set_robust_list(0x555556629660, 24 [pid 5051] <... openat resumed>) = 4 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5964] <... set_robust_list resumed>) = 0 [pid 5051] newfstatat(4, "", [pid 5048] <... openat resumed>) = 4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5964] chdir("./152" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5964] <... chdir resumed>) = 0 [pid 5051] getdents64(4, [pid 5964] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5964] <... prctl resumed>) = 0 [pid 5051] getdents64(4, [pid 5964] setpgid(0, 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5964] <... setpgid resumed>) = 0 [pid 5051] close(4 [pid 5964] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... close resumed>) = 0 [pid 5050] close(3 [pid 5048] newfstatat(4, "", [pid 5047] newfstatat(AT_FDCWD, "./151/binderfs", [pid 5964] <... openat resumed>) = 3 [pid 5051] rmdir("./147/file0" [pid 5050] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5964] write(3, "1000", 4 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] rmdir("./148" [pid 5048] getdents64(4, [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5964] <... write resumed>) = 4 [pid 5963] close(3 [pid 5051] getdents64(3, [pid 5964] close(3 [pid 5963] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5964] <... close resumed>) = 0 [pid 5963] mkdir("./file0", 0777 [pid 5051] close(3 [pid 5047] unlink("./151/binderfs" [pid 5964] symlink("/dev/binderfs", "./binderfs" [pid 5963] <... mkdir resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5964] <... symlink resumed>) = 0 [pid 5051] rmdir("./147" [pid 5048] getdents64(4, [pid 5047] <... unlink resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] mkdir("./149", 0777 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] close(4 [pid 5964] memfd_create("syzkaller", 0 [pid 5963] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5051] mkdir("./148", 0777 [pid 5050] <... mkdir resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5048] rmdir("./148/file0" [pid 5047] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [ 146.114729][ T5963] loop5: detected capacity change from 0 to 4096 [pid 5964] <... memfd_create resumed>) = 3 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... openat resumed>) = 3 [pid 5048] <... rmdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5048] getdents64(3, [pid 5047] newfstatat(AT_FDCWD, "./151/file0", [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] close(3 [pid 5050] close(3 [pid 5047] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... close resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5048] rmdir("./148" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5965 attached [pid 5964] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... openat resumed>) = 3 [pid 5048] <... rmdir resumed>) = 0 [pid 5965] set_robust_list(0x555556629660, 24 [pid 5964] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5048] mkdir("./149", 0777 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5965 [pid 5047] openat(AT_FDCWD, "./151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5965] <... set_robust_list resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... openat resumed>) = 4 [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5966 ./strace-static-x86_64: Process 5966 attached [pid 5966] set_robust_list(0x555556629660, 24) = 0 [pid 5966] chdir("./148") = 0 [pid 5966] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] newfstatat(4, "", [pid 5965] chdir("./149" [pid 5966] <... prctl resumed>) = 0 [pid 5966] setpgid(0, 0) = 0 [pid 5966] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5965] <... chdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5966] <... openat resumed>) = 3 [pid 5965] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] getdents64(4, [pid 5965] <... prctl resumed>) = 0 [pid 5966] write(3, "1000", 4 [pid 5965] setpgid(0, 0 [pid 5048] <... openat resumed>) = 3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5966] <... write resumed>) = 4 [pid 5965] <... setpgid resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5966] close(3 [pid 5047] getdents64(4, [pid 5966] <... close resumed>) = 0 [pid 5965] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5966] symlink("/dev/binderfs", "./binderfs" [pid 5048] close(3 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5966] <... symlink resumed>) = 0 [pid 5965] <... openat resumed>) = 3 [pid 5048] <... close resumed>) = 0 [pid 5047] close(4 [pid 5966] memfd_create("syzkaller", 0 [pid 5965] write(3, "1000", 4 [ 146.156710][ T5963] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5965] <... write resumed>) = 4 [pid 5047] <... close resumed>) = 0 ./strace-static-x86_64: Process 5967 attached [pid 5966] <... memfd_create resumed>) = 3 [pid 5965] close(3 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5967 [pid 5047] rmdir("./151/file0" [pid 5965] <... close resumed>) = 0 [pid 5966] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5965] symlink("/dev/binderfs", "./binderfs" [pid 5047] <... rmdir resumed>) = 0 [pid 5967] set_robust_list(0x555556629660, 24 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3 [pid 5967] <... set_robust_list resumed>) = 0 [pid 5965] <... symlink resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5047] rmdir("./151") = 0 [pid 5967] chdir("./149" [pid 5965] memfd_create("syzkaller", 0 [pid 5047] mkdir("./152", 0777) = 0 [pid 5964] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5967] <... chdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5967] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5965] <... memfd_create resumed>) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5963] <... mount resumed>) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5967] setpgid(0, 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5967] <... setpgid resumed>) = 0 [pid 5965] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] close(3 [pid 5967] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5965] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] <... close resumed>) = 0 [pid 5963] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5963] chdir("./file0") = 0 [pid 5963] ioctl(4, LOOP_CLR_FD) = 0 [pid 5963] close(4) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5963] exit_group(0) = ? [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5968 [pid 5967] <... openat resumed>) = 3 [pid 5963] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5963, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5967] write(3, "1000", 4) = 4 [pid 5967] close(3) = 0 ./strace-static-x86_64: Process 5968 attached [pid 5967] symlink("/dev/binderfs", "./binderfs" [pid 5968] set_robust_list(0x555556629660, 24 [pid 5967] <... symlink resumed>) = 0 [pid 5052] umount2("./147", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5968] <... set_robust_list resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5968] chdir("./152" [pid 5052] openat(AT_FDCWD, "./147", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5968] <... chdir resumed>) = 0 [pid 5967] memfd_create("syzkaller", 0 [pid 5968] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5966] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... openat resumed>) = 3 [pid 5968] <... prctl resumed>) = 0 [pid 5967] <... memfd_create resumed>) = 3 [pid 5964] <... write resumed>) = 2097152 [pid 5967] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] newfstatat(3, "", [pid 5967] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5968] setpgid(0, 0) = 0 [pid 5052] getdents64(3, [pid 5968] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5968] <... openat resumed>) = 3 [pid 5968] write(3, "1000", 4) = 4 [pid 5968] close(3 [pid 5052] umount2("./147/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5968] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5968] symlink("/dev/binderfs", "./binderfs" [pid 5964] munmap(0x7f3b887a1000, 138412032 [pid 5052] newfstatat(AT_FDCWD, "./147/binderfs", [pid 5968] <... symlink resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5968] memfd_create("syzkaller", 0 [pid 5052] unlink("./147/binderfs" [pid 5965] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... unlink resumed>) = 0 [pid 5052] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5968] <... memfd_create resumed>) = 3 [pid 5964] <... munmap resumed>) = 0 [pid 5968] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5964] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5968] <... mmap resumed>) = 0x7f3b887a1000 [pid 5964] <... openat resumed>) = 4 [pid 5052] <... umount2 resumed>) = 0 [pid 5964] ioctl(4, LOOP_SET_FD, 3 [pid 5966] <... write resumed>) = 2097152 [pid 5052] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5964] <... ioctl resumed>) = 0 [pid 5964] close(3) = 0 [pid 5964] mkdir("./file0", 0777) = 0 [pid 5052] newfstatat(AT_FDCWD, "./147/file0", [pid 5964] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./147/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5967] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./147/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", [pid 5966] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5966] <... munmap resumed>) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5965] <... write resumed>) = 2097152 [pid 5965] munmap(0x7f3b887a1000, 138412032 [pid 5966] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5965] <... munmap resumed>) = 0 [pid 5052] getdents64(4, [pid 5966] <... openat resumed>) = 4 [ 146.374243][ T5964] loop2: detected capacity change from 0 to 4096 [ 146.398841][ T5964] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5966] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5968] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5965] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5052] rmdir("./147/file0" [pid 5965] <... openat resumed>) = 4 [pid 5966] <... ioctl resumed>) = 0 [pid 5965] ioctl(4, LOOP_SET_FD, 3 [pid 5052] <... rmdir resumed>) = 0 [pid 5966] close(3) = 0 [pid 5966] mkdir("./file0", 0777) = 0 [pid 5966] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5967] <... write resumed>) = 2097152 [pid 5965] <... ioctl resumed>) = 0 [pid 5052] getdents64(3, [pid 5968] <... write resumed>) = 2097152 [pid 5967] munmap(0x7f3b887a1000, 138412032 [pid 5965] close(3 [pid 5964] <... mount resumed>) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5965] <... close resumed>) = 0 [pid 5052] close(3 [pid 5965] mkdir("./file0", 0777 [pid 5052] <... close resumed>) = 0 [pid 5965] <... mkdir resumed>) = 0 [pid 5052] rmdir("./147") = 0 [pid 5968] munmap(0x7f3b887a1000, 138412032 [pid 5052] mkdir("./148", 0777) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5964] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5967] <... munmap resumed>) = 0 [pid 5964] <... openat resumed>) = 3 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5965] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5964] chdir("./file0" [pid 5052] close(3 [pid 5964] <... chdir resumed>) = 0 [pid 5964] ioctl(4, LOOP_CLR_FD [pid 5052] <... close resumed>) = 0 [pid 5964] <... ioctl resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5968] <... munmap resumed>) = 0 [pid 5964] close(4 [pid 5966] <... mount resumed>) = 0 [ 146.438208][ T5966] loop4: detected capacity change from 0 to 4096 [ 146.455575][ T5965] loop3: detected capacity change from 0 to 4096 [ 146.474964][ T5966] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5964] <... close resumed>) = 0 [pid 5964] exit_group(0) = ? [pid 5964] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5964, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5049] umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5969 attached ) = -1 EINVAL (Invalid argument) [pid 5968] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5967] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5966] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5968] <... openat resumed>) = 4 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5969 [pid 5049] newfstatat(AT_FDCWD, "./152/binderfs", [pid 5968] ioctl(4, LOOP_SET_FD, 3 [pid 5967] <... openat resumed>) = 4 [pid 5966] <... openat resumed>) = 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5969] set_robust_list(0x555556629660, 24 [pid 5049] unlink("./152/binderfs" [pid 5969] <... set_robust_list resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5969] chdir("./148" [pid 5049] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5969] <... chdir resumed>) = 0 [pid 5969] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5969] setpgid(0, 0) = 0 [pid 5969] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5968] <... ioctl resumed>) = 0 [pid 5967] ioctl(4, LOOP_SET_FD, 3 [pid 5966] chdir("./file0" [pid 5965] <... mount resumed>) = 0 [pid 5969] <... openat resumed>) = 3 [pid 5968] close(3 [pid 5967] <... ioctl resumed>) = 0 [pid 5966] <... chdir resumed>) = 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5966] ioctl(4, LOOP_CLR_FD) = 0 [pid 5969] write(3, "1000", 4 [pid 5966] close(4 [pid 5969] <... write resumed>) = 4 [pid 5968] <... close resumed>) = 0 [pid 5966] <... close resumed>) = 0 [pid 5965] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5969] close(3 [ 146.502885][ T5965] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 146.514601][ T5968] loop0: detected capacity change from 0 to 4096 [ 146.533555][ T5967] loop1: detected capacity change from 0 to 4096 [pid 5968] mkdir("./file0", 0777 [pid 5966] exit_group(0 [pid 5965] <... openat resumed>) = 3 [pid 5969] <... close resumed>) = 0 [pid 5968] <... mkdir resumed>) = 0 [pid 5967] close(3 [pid 5966] <... exit_group resumed>) = ? [pid 5965] chdir("./file0" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5969] symlink("/dev/binderfs", "./binderfs" [pid 5966] +++ exited with 0 +++ [pid 5965] <... chdir resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./152/file0", [pid 5968] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5967] <... close resumed>) = 0 [pid 5965] ioctl(4, LOOP_CLR_FD [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5966, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5969] <... symlink resumed>) = 0 [pid 5965] <... ioctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5967] mkdir("./file0", 0777 [pid 5965] close(4 [pid 5969] memfd_create("syzkaller", 0 [pid 5049] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5967] <... mkdir resumed>) = 0 [pid 5965] <... close resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5965] exit_group(0 [pid 5051] umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... openat resumed>) = 4 [pid 5049] newfstatat(4, "", [pid 5965] <... exit_group resumed>) = ? [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5969] <... memfd_create resumed>) = 3 [pid 5965] +++ exited with 0 +++ [pid 5051] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5969] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... openat resumed>) = 3 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5965, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5049] getdents64(4, [pid 5969] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./148/binderfs", [pid 5967] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./148/binderfs" [pid 5049] getdents64(4, [pid 5051] <... unlink resumed>) = 0 [pid 5051] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] close(4 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] rmdir("./152/file0") = 0 [pid 5050] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", [pid 5049] getdents64(3, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./149/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./149/binderfs") = 0 [pid 5049] close(3) = 0 [pid 5049] rmdir("./152" [pid 5050] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5049] mkdir("./153", 0777) = 0 [pid 5051] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./148/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", [pid 5049] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 146.564765][ T5968] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 146.586610][ T5967] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5051] getdents64(4, [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5968] <... mount resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5968] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] close(4 [pid 5968] <... openat resumed>) = 3 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./148/file0") = 0 [pid 5968] chdir("./file0" [pid 5051] getdents64(3, [pid 5968] <... chdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5968] ioctl(4, LOOP_CLR_FD [pid 5051] close(3 [pid 5968] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5968] close(4 [pid 5051] rmdir("./148" [pid 5968] <... close resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5049] close(3) = 0 [pid 5968] exit_group(0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5968] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 5970 attached [pid 5051] mkdir("./149", 0777 [pid 5970] set_robust_list(0x555556629660, 24 [pid 5968] +++ exited with 0 +++ [pid 5051] <... mkdir resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5970 [pid 5970] <... set_robust_list resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5968, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5970] chdir("./153") = 0 [pid 5047] umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5970] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5047] <... openat resumed>) = 3 [pid 5051] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5970] <... prctl resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] getdents64(3, [pid 5051] close(3) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5970] setpgid(0, 0 [pid 5047] umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5970] <... setpgid resumed>) = 0 [pid 5969] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5967] <... mount resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... umount2 resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5967] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5047] newfstatat(AT_FDCWD, "./152/binderfs", ./strace-static-x86_64: Process 5971 attached [pid 5967] <... openat resumed>) = 3 [pid 5967] chdir("./file0") = 0 [pid 5050] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5967] ioctl(4, LOOP_CLR_FD [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5971] set_robust_list(0x555556629660, 24 [pid 5970] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5967] <... ioctl resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./149/file0", [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./152/binderfs" [pid 5971] <... set_robust_list resumed>) = 0 [pid 5970] <... openat resumed>) = 3 [pid 5967] close(4 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5971 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5967] <... close resumed>) = 0 [pid 5050] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... unlink resumed>) = 0 [pid 5971] chdir("./149") = 0 [pid 5967] exit_group(0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5971] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5967] <... exit_group resumed>) = ? [pid 5050] openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5971] <... prctl resumed>) = 0 [pid 5970] write(3, "1000", 4 [pid 5967] +++ exited with 0 +++ [pid 5050] <... openat resumed>) = 4 [pid 5971] setpgid(0, 0 [pid 5970] <... write resumed>) = 4 [pid 5050] newfstatat(4, "", [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5967, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5971] <... setpgid resumed>) = 0 [pid 5970] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5971] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5970] <... close resumed>) = 0 [pid 5050] getdents64(4, [pid 5047] <... umount2 resumed>) = 0 [pid 5971] <... openat resumed>) = 3 [pid 5970] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5970] <... symlink resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5971] write(3, "1000", 4 [pid 5048] openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] newfstatat(AT_FDCWD, "./152/file0", [pid 5971] <... write resumed>) = 4 [pid 5970] memfd_create("syzkaller", 0 [pid 5050] close(4 [pid 5048] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5971] close(3 [pid 5050] <... close resumed>) = 0 [pid 5971] <... close resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5047] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5971] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] rmdir("./149/file0" [pid 5971] <... symlink resumed>) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5047] openat(AT_FDCWD, "./152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] <... openat resumed>) = 4 [pid 5050] close(3 [pid 5048] umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] newfstatat(4, "", [pid 5050] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] rmdir("./149" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... rmdir resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./149/binderfs", [pid 5971] memfd_create("syzkaller", 0 [pid 5050] mkdir("./150", 0777 [pid 5047] getdents64(4, [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] unlink("./149/binderfs" [pid 5970] <... memfd_create resumed>) = 3 [pid 5047] getdents64(4, [pid 5971] <... memfd_create resumed>) = 3 [pid 5970] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... unlink resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5970] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... mkdir resumed>) = 0 [pid 5048] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] close(4 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5972 ./strace-static-x86_64: Process 5972 attached [pid 5972] set_robust_list(0x555556629660, 24) = 0 [pid 5972] chdir("./150") = 0 [pid 5972] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5972] setpgid(0, 0 [pid 5047] <... close resumed>) = 0 [pid 5972] <... setpgid resumed>) = 0 [pid 5972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5971] <... mmap resumed>) = 0x7f3b887a1000 [pid 5047] rmdir("./152/file0" [pid 5972] <... openat resumed>) = 3 [pid 5969] <... write resumed>) = 2097152 [pid 5972] write(3, "1000", 4) = 4 [pid 5972] close(3) = 0 [pid 5972] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5972] memfd_create("syzkaller", 0 [pid 5969] munmap(0x7f3b887a1000, 138412032 [pid 5047] rmdir("./152" [pid 5972] <... memfd_create resumed>) = 3 [pid 5047] <... rmdir resumed>) = 0 [pid 5972] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] mkdir("./153", 0777 [pid 5969] <... munmap resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5048] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5969] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5969] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... openat resumed>) = 3 [pid 5048] newfstatat(AT_FDCWD, "./149/file0", [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5970] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4 [pid 5969] <... ioctl resumed>) = 0 [pid 5969] close(3) = 0 [ 146.788800][ T5969] loop5: detected capacity change from 0 to 4096 [pid 5969] mkdir("./file0", 0777) = 0 [pid 5048] <... close resumed>) = 0 [pid 5969] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5971] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] rmdir("./149/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5047] <... ioctl resumed>) = 0 [pid 5048] rmdir("./149") = 0 [pid 5048] mkdir("./150", 0777 [pid 5047] close(3 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5973 attached [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5973 [pid 5973] set_robust_list(0x555556629660, 24 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5973] <... set_robust_list resumed>) = 0 [pid 5973] chdir("./153" [pid 5972] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5973] <... chdir resumed>) = 0 [pid 5048] close(3 [pid 5973] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5048] <... close resumed>) = 0 [pid 5973] <... prctl resumed>) = 0 [pid 5973] setpgid(0, 0 [ 146.835233][ T5969] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5974 attached [pid 5973] <... setpgid resumed>) = 0 [pid 5970] <... write resumed>) = 2097152 [pid 5974] set_robust_list(0x555556629660, 24 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5974 [pid 5974] <... set_robust_list resumed>) = 0 [pid 5973] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5974] chdir("./150" [pid 5973] <... openat resumed>) = 3 [pid 5971] <... write resumed>) = 2097152 [pid 5970] munmap(0x7f3b887a1000, 138412032 [pid 5974] <... chdir resumed>) = 0 [pid 5973] write(3, "1000", 4 [pid 5974] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5971] munmap(0x7f3b887a1000, 138412032 [pid 5973] <... write resumed>) = 4 [pid 5974] setpgid(0, 0 [pid 5973] close(3) = 0 [pid 5969] <... mount resumed>) = 0 [pid 5974] <... setpgid resumed>) = 0 [pid 5973] symlink("/dev/binderfs", "./binderfs" [pid 5974] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5973] <... symlink resumed>) = 0 [pid 5974] <... openat resumed>) = 3 [pid 5969] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5974] write(3, "1000", 4 [pid 5973] memfd_create("syzkaller", 0 [pid 5970] <... munmap resumed>) = 0 [pid 5969] chdir("./file0" [pid 5974] <... write resumed>) = 4 [pid 5971] <... munmap resumed>) = 0 [pid 5969] <... chdir resumed>) = 0 [pid 5974] close(3 [pid 5971] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5970] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5973] <... memfd_create resumed>) = 3 [pid 5974] <... close resumed>) = 0 [pid 5973] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5971] <... openat resumed>) = 4 [pid 5969] ioctl(4, LOOP_CLR_FD [pid 5974] symlink("/dev/binderfs", "./binderfs" [pid 5973] <... mmap resumed>) = 0x7f3b887a1000 [pid 5971] ioctl(4, LOOP_SET_FD, 3 [pid 5970] <... openat resumed>) = 4 [pid 5969] <... ioctl resumed>) = 0 [pid 5974] <... symlink resumed>) = 0 [pid 5972] <... write resumed>) = 2097152 [pid 5971] <... ioctl resumed>) = 0 [pid 5970] ioctl(4, LOOP_SET_FD, 3 [pid 5969] close(4 [pid 5974] memfd_create("syzkaller", 0 [pid 5969] <... close resumed>) = 0 [pid 5974] <... memfd_create resumed>) = 3 [pid 5969] exit_group(0 [pid 5974] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5969] <... exit_group resumed>) = ? [pid 5969] +++ exited with 0 +++ [pid 5972] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5969, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5970] <... ioctl resumed>) = 0 [pid 5052] umount2("./148", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5972] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 146.924842][ T5971] loop4: detected capacity change from 0 to 4096 [ 146.951209][ T5970] loop2: detected capacity change from 0 to 4096 [pid 5972] ioctl(4, LOOP_SET_FD, 3 [pid 5970] close(3 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5971] close(3) = 0 [pid 5971] mkdir("./file0", 0777 [pid 5052] openat(AT_FDCWD, "./148", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5971] <... mkdir resumed>) = 0 [pid 5971] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5052] <... openat resumed>) = 3 [pid 5973] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5972] <... ioctl resumed>) = 0 [pid 5970] <... close resumed>) = 0 [pid 5052] newfstatat(3, "", [pid 5972] close(3) = 0 [pid 5970] mkdir("./file0", 0777 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5972] mkdir("./file0", 0777 [pid 5052] getdents64(3, [pid 5972] <... mkdir resumed>) = 0 [pid 5970] <... mkdir resumed>) = 0 [pid 5972] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5970] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./148/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./148/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./148/binderfs") = 0 [pid 5052] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5974] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... umount2 resumed>) = 0 [pid 5052] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./148/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 146.973648][ T5972] loop3: detected capacity change from 0 to 4096 [ 146.984955][ T5971] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 146.999602][ T5972] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 147.013001][ T5970] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5052] umount2("./148/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./148/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4 [pid 5973] <... write resumed>) = 2097152 [pid 5052] <... close resumed>) = 0 [pid 5972] <... mount resumed>) = 0 [pid 5971] <... mount resumed>) = 0 [pid 5052] rmdir("./148/file0" [pid 5971] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5973] munmap(0x7f3b887a1000, 138412032 [pid 5971] chdir("./file0" [pid 5973] <... munmap resumed>) = 0 [pid 5972] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5971] <... chdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5972] <... openat resumed>) = 3 [pid 5971] ioctl(4, LOOP_CLR_FD [pid 5972] chdir("./file0" [pid 5971] <... ioctl resumed>) = 0 [pid 5972] <... chdir resumed>) = 0 [pid 5971] close(4 [pid 5972] ioctl(4, LOOP_CLR_FD [pid 5971] <... close resumed>) = 0 [pid 5052] getdents64(3, [pid 5972] <... ioctl resumed>) = 0 [pid 5971] exit_group(0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5972] close(4 [pid 5971] <... exit_group resumed>) = ? [pid 5972] <... close resumed>) = 0 [pid 5971] +++ exited with 0 +++ [pid 5052] close(3 [pid 5972] exit_group(0 [pid 5052] <... close resumed>) = 0 [pid 5973] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5972] <... exit_group resumed>) = ? [pid 5052] rmdir("./148" [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5971, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5973] <... openat resumed>) = 4 [pid 5972] +++ exited with 0 +++ [pid 5970] <... mount resumed>) = 0 [pid 5051] umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5974] <... write resumed>) = 2097152 [pid 5973] ioctl(4, LOOP_SET_FD, 3 [pid 5974] munmap(0x7f3b887a1000, 138412032 [pid 5970] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... rmdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5972, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5970] <... openat resumed>) = 3 [pid 5052] mkdir("./149", 0777 [pid 5970] chdir("./file0") = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5051] <... openat resumed>) = 3 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5050] umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5970] ioctl(4, LOOP_CLR_FD [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5970] <... ioctl resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5051] umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5970] close(4 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 3 [pid 5970] <... close resumed>) = 0 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] newfstatat(AT_FDCWD, "./149/binderfs", [pid 5050] newfstatat(3, "", [pid 5970] exit_group(0 [pid 5052] close(3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... close resumed>) = 0 [pid 5051] unlink("./149/binderfs" [pid 5050] getdents64(3, [pid 5970] <... exit_group resumed>) = ? [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] <... unlink resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] newfstatat(AT_FDCWD, "./150/binderfs", ./strace-static-x86_64: Process 5975 attached [pid 5974] <... munmap resumed>) = 0 [pid 5970] +++ exited with 0 +++ [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./150/binderfs" [pid 5975] set_robust_list(0x555556629660, 24 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5975 [pid 5050] <... unlink resumed>) = 0 [pid 5975] <... set_robust_list resumed>) = 0 [pid 5973] <... ioctl resumed>) = 0 [pid 5051] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5970, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5974] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5975] chdir("./149" [pid 5973] close(3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5975] <... chdir resumed>) = 0 [pid 5974] <... openat resumed>) = 4 [pid 5973] <... close resumed>) = 0 [pid 5975] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5974] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5975] <... prctl resumed>) = 0 [ 147.099293][ T5973] loop0: detected capacity change from 0 to 4096 [pid 5975] setpgid(0, 0 [pid 5973] mkdir("./file0", 0777 [pid 5051] newfstatat(AT_FDCWD, "./149/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5973] <... mkdir resumed>) = 0 [pid 5051] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5973] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5975] <... setpgid resumed>) = 0 [pid 5974] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5049] umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5975] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5974] close(3 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5974] <... close resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5974] mkdir("./file0", 0777) = 0 [pid 5051] rmdir("./149/file0" [pid 5049] <... openat resumed>) = 3 [pid 5974] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5049] newfstatat(3, "", [pid 5975] <... openat resumed>) = 3 [pid 5975] write(3, "1000", 4 [pid 5051] <... rmdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./149" [pid 5049] getdents64(3, [pid 5051] <... rmdir resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5975] <... write resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5975] close(3 [pid 5049] newfstatat(AT_FDCWD, "./153/binderfs", [pid 5975] <... close resumed>) = 0 [pid 5975] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5051] mkdir("./150", 0777 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5975] memfd_create("syzkaller", 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5049] unlink("./153/binderfs") = 0 [pid 5049] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5975] <... memfd_create resumed>) = 3 [pid 5975] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5975] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] <... umount2 resumed>) = 0 [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5976 attached [pid 5976] set_robust_list(0x555556629660, 24 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5976 [pid 5050] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5976] <... set_robust_list resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5976] chdir("./150") = 0 [pid 5050] newfstatat(AT_FDCWD, "./150/file0", [pid 5976] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5976] <... prctl resumed>) = 0 [pid 5050] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5976] setpgid(0, 0) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5976] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5050] openat(AT_FDCWD, "./150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... umount2 resumed>) = 0 [ 147.157698][ T5974] loop1: detected capacity change from 0 to 4096 [ 147.164745][ T5973] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 147.187364][ T5974] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5976] <... openat resumed>) = 3 [pid 5050] <... openat resumed>) = 4 [pid 5049] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./153/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] newfstatat(4, "", [pid 5049] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5976] write(3, "1000", 4 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5976] <... write resumed>) = 4 [pid 5050] getdents64(4, [pid 5976] close(3 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5976] <... close resumed>) = 0 [pid 5050] getdents64(4, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5976] symlink("/dev/binderfs", "./binderfs" [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] openat(AT_FDCWD, "./153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5976] <... symlink resumed>) = 0 [pid 5050] close(4 [pid 5976] memfd_create("syzkaller", 0 [pid 5050] <... close resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5050] rmdir("./150/file0" [pid 5049] newfstatat(4, "", [pid 5050] <... rmdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5976] <... memfd_create resumed>) = 3 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] getdents64(4, [pid 5976] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5050] close(3 [pid 5976] <... mmap resumed>) = 0x7f3b887a1000 [pid 5050] <... close resumed>) = 0 [pid 5050] rmdir("./150" [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] mkdir("./151", 0777 [pid 5049] close(4 [pid 5050] <... mkdir resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] rmdir("./153/file0" [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5974] <... mount resumed>) = 0 [pid 5974] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] close(3./strace-static-x86_64: Process 5977 attached [pid 5977] set_robust_list(0x555556629660, 24 [pid 5049] <... close resumed>) = 0 [pid 5977] <... set_robust_list resumed>) = 0 [pid 5974] <... openat resumed>) = 3 [pid 5977] chdir("./151" [pid 5974] chdir("./file0" [pid 5049] rmdir("./153" [pid 5977] <... chdir resumed>) = 0 [pid 5974] <... chdir resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5977 [pid 5049] <... rmdir resumed>) = 0 [pid 5977] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5974] ioctl(4, LOOP_CLR_FD [pid 5977] <... prctl resumed>) = 0 [pid 5049] mkdir("./154", 0777 [pid 5974] <... ioctl resumed>) = 0 [pid 5977] setpgid(0, 0 [pid 5974] close(4 [pid 5049] <... mkdir resumed>) = 0 [pid 5977] <... setpgid resumed>) = 0 [pid 5974] <... close resumed>) = 0 [pid 5977] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5974] exit_group(0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5974] <... exit_group resumed>) = ? [pid 5049] <... openat resumed>) = 3 [pid 5977] <... openat resumed>) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5977] write(3, "1000", 4 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5977] <... write resumed>) = 4 [pid 5973] <... mount resumed>) = 0 [pid 5049] close(3 [pid 5977] close(3) = 0 [pid 5977] symlink("/dev/binderfs", "./binderfs" [pid 5049] <... close resumed>) = 0 [pid 5977] <... symlink resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5973] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5975] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5977] memfd_create("syzkaller", 0 [pid 5974] +++ exited with 0 +++ [pid 5973] <... openat resumed>) = 3 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5978 ./strace-static-x86_64: Process 5978 attached [pid 5978] set_robust_list(0x555556629660, 24 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5974, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5978] <... set_robust_list resumed>) = 0 [pid 5048] umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5973] chdir("./file0" [pid 5978] chdir("./154" [pid 5973] <... chdir resumed>) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5973] ioctl(4, LOOP_CLR_FD [pid 5978] <... chdir resumed>) = 0 [pid 5973] <... ioctl resumed>) = 0 [pid 5048] openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5973] close(4 [pid 5978] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5977] <... memfd_create resumed>) = 3 [pid 5973] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5978] <... prctl resumed>) = 0 [pid 5978] setpgid(0, 0 [pid 5973] exit_group(0 [pid 5048] newfstatat(3, "", [pid 5978] <... setpgid resumed>) = 0 [pid 5977] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5978] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5977] <... mmap resumed>) = 0x7f3b887a1000 [pid 5973] <... exit_group resumed>) = ? [pid 5048] getdents64(3, [pid 5978] <... openat resumed>) = 3 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5978] write(3, "1000", 4) = 4 [pid 5048] umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5978] close(3 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5978] <... close resumed>) = 0 [pid 5978] symlink("/dev/binderfs", "./binderfs" [pid 5048] newfstatat(AT_FDCWD, "./150/binderfs", [pid 5978] <... symlink resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./150/binderfs" [pid 5976] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... unlink resumed>) = 0 [pid 5978] memfd_create("syzkaller", 0 [pid 5048] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5978] <... memfd_create resumed>) = 3 [pid 5978] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5973] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5973, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5047] umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5976] <... write resumed>) = 2097152 [pid 5047] umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./153/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5975] <... write resumed>) = 2097152 [pid 5047] unlink("./153/binderfs") = 0 [pid 5975] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5976] munmap(0x7f3b887a1000, 138412032 [pid 5048] newfstatat(AT_FDCWD, "./150/file0", [pid 5978] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5975] <... munmap resumed>) = 0 [pid 5975] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5048] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", [pid 5975] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5976] <... munmap resumed>) = 0 [pid 5048] close(4 [pid 5976] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... close resumed>) = 0 [pid 5976] <... openat resumed>) = 4 [pid 5048] rmdir("./150/file0" [pid 5976] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... rmdir resumed>) = 0 [pid 5976] <... ioctl resumed>) = 0 [pid 5977] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./150" [pid 5975] <... ioctl resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5975] close(3 [pid 5048] mkdir("./151", 0777 [pid 5975] <... close resumed>) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5975] mkdir("./file0", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5975] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5048] <... openat resumed>) = 3 [pid 5047] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5048] close(3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... close resumed>) = 0 [ 147.457683][ T5975] loop5: detected capacity change from 0 to 4096 [ 147.463429][ T5976] loop4: detected capacity change from 0 to 4096 [pid 5047] newfstatat(AT_FDCWD, "./153/file0", [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5979 ./strace-static-x86_64: Process 5979 attached [pid 5976] close(3 [pid 5979] set_robust_list(0x555556629660, 24 [pid 5976] <... close resumed>) = 0 [pid 5979] <... set_robust_list resumed>) = 0 [pid 5976] mkdir("./file0", 0777 [pid 5979] chdir("./151" [pid 5976] <... mkdir resumed>) = 0 [pid 5979] <... chdir resumed>) = 0 [pid 5976] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5979] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5979] <... prctl resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5979] setpgid(0, 0 [pid 5047] openat(AT_FDCWD, "./153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5979] <... setpgid resumed>) = 0 [pid 5979] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] <... openat resumed>) = 4 [pid 5047] newfstatat(4, "", [pid 5979] <... openat resumed>) = 3 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5979] write(3, "1000", 4 [pid 5047] getdents64(4, [pid 5979] <... write resumed>) = 4 [pid 5979] close(3) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5979] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./153/file0" [pid 5979] memfd_create("syzkaller", 0 [pid 5978] <... write resumed>) = 2097152 [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5979] <... memfd_create resumed>) = 3 [pid 5979] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5047] rmdir("./153" [pid 5978] munmap(0x7f3b887a1000, 138412032 [pid 5977] <... write resumed>) = 2097152 [pid 5047] <... rmdir resumed>) = 0 [ 147.500785][ T5975] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 147.508998][ T5976] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5977] munmap(0x7f3b887a1000, 138412032 [pid 5047] mkdir("./154", 0777 [pid 5976] <... mount resumed>) = 0 [pid 5976] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5978] <... munmap resumed>) = 0 [pid 5976] chdir("./file0" [pid 5047] <... mkdir resumed>) = 0 [pid 5978] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5976] <... chdir resumed>) = 0 [pid 5978] <... openat resumed>) = 4 [pid 5976] ioctl(4, LOOP_CLR_FD [pid 5978] ioctl(4, LOOP_SET_FD, 3 [pid 5976] <... ioctl resumed>) = 0 [pid 5977] <... munmap resumed>) = 0 [pid 5976] close(4 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5978] <... ioctl resumed>) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5977] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5976] <... close resumed>) = 0 [pid 5978] close(3 [pid 5977] <... openat resumed>) = 4 [pid 5976] exit_group(0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5976] <... exit_group resumed>) = ? [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5978] <... close resumed>) = 0 [pid 5978] mkdir("./file0", 0777) = 0 [pid 5047] close(3 [pid 5977] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... close resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5978] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5976] +++ exited with 0 +++ ./strace-static-x86_64: Process 5980 attached [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5976, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5980] set_robust_list(0x555556629660, 24) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5980 [pid 5980] chdir("./154" [pid 5051] umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5980] <... chdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5980] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5980] <... prctl resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5980] setpgid(0, 0 [pid 5051] newfstatat(3, "", [pid 5980] <... setpgid resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5980] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5051] getdents64(3, [pid 5980] write(3, "1000", 4 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5980] <... write resumed>) = 4 [pid 5051] umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5980] close(3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5980] <... close resumed>) = 0 [pid 5051] newfstatat(AT_FDCWD, "./150/binderfs", [pid 5980] symlink("/dev/binderfs", "./binderfs" [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5980] <... symlink resumed>) = 0 [pid 5051] unlink("./150/binderfs" [pid 5980] memfd_create("syzkaller", 0 [pid 5051] <... unlink resumed>) = 0 [pid 5979] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5975] <... mount resumed>) = 0 [pid 5980] <... memfd_create resumed>) = 3 [pid 5980] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5975] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5977] <... ioctl resumed>) = 0 [pid 5977] close(3 [pid 5975] <... openat resumed>) = 3 [pid 5977] <... close resumed>) = 0 [pid 5977] mkdir("./file0", 0777) = 0 [ 147.567179][ T5978] loop2: detected capacity change from 0 to 4096 [ 147.596032][ T5978] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 147.599673][ T5977] loop3: detected capacity change from 0 to 4096 [pid 5977] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5975] chdir("./file0") = 0 [pid 5975] ioctl(4, LOOP_CLR_FD) = 0 [pid 5975] close(4) = 0 [pid 5975] exit_group(0 [pid 5051] <... umount2 resumed>) = 0 [pid 5975] <... exit_group resumed>) = ? [pid 5051] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./150/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5975] +++ exited with 0 +++ [pid 5051] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5975, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 5051] openat(AT_FDCWD, "./150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] umount2("./149", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... openat resumed>) = 4 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(4, "", [pid 5052] openat(AT_FDCWD, "./149", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5051] getdents64(4, [pid 5052] newfstatat(3, "", [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5052] getdents64(3, [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] close(4 [pid 5052] umount2("./149/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... close resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] rmdir("./150/file0" [pid 5052] newfstatat(AT_FDCWD, "./149/binderfs", [pid 5051] <... rmdir resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] unlink("./149/binderfs" [pid 5051] close(3) = 0 [pid 5051] rmdir("./150" [pid 5052] <... unlink resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5052] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] mkdir("./151", 0777 [pid 5977] <... mount resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5977] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5978] <... mount resumed>) = 0 [ 147.651481][ T5977] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5980] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5978] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5977] <... openat resumed>) = 3 [pid 5051] <... openat resumed>) = 3 [pid 5979] <... write resumed>) = 2097152 [pid 5979] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5979] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5978] <... openat resumed>) = 3 [pid 5977] chdir("./file0" [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5979] <... openat resumed>) = 4 [pid 5978] chdir("./file0" [pid 5977] <... chdir resumed>) = 0 [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5979] ioctl(4, LOOP_SET_FD, 3 [pid 5978] <... chdir resumed>) = 0 [pid 5051] close(3 [pid 5978] ioctl(4, LOOP_CLR_FD [pid 5977] ioctl(4, LOOP_CLR_FD [pid 5978] <... ioctl resumed>) = 0 [pid 5977] <... ioctl resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5978] close(4 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5978] <... close resumed>) = 0 [pid 5978] exit_group(0) = ? [pid 5978] +++ exited with 0 +++ [pid 5977] close(4 [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5978, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5977] <... close resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5981 [pid 5977] exit_group(0 [pid 5049] umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5049] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5977] <... exit_group resumed>) = ? [pid 5049] getdents64(3, ./strace-static-x86_64: Process 5981 attached 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5981] set_robust_list(0x555556629660, 24) = 0 [pid 5981] chdir("./151") = 0 [pid 5981] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5979] <... ioctl resumed>) = 0 [pid 5977] +++ exited with 0 +++ [pid 5049] umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5981] <... prctl resumed>) = 0 [pid 5979] close(3 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5977, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5981] setpgid(0, 0 [pid 5979] <... close resumed>) = 0 [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5049] newfstatat(AT_FDCWD, "./154/binderfs", [pid 5050] <... restart_syscall resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5979] mkdir("./file0", 0777 [pid 5049] unlink("./154/binderfs" [pid 5050] umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5981] <... setpgid resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... unlink resumed>) = 0 [pid 5981] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5979] <... mkdir resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5050] openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... openat resumed>) = 3 [pid 5981] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", [pid 5981] write(3, "1000", 4 [pid 5979] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5981] <... write resumed>) = 4 [pid 5050] getdents64(3, [pid 5981] close(3 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5981] <... close resumed>) = 0 [pid 5981] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5981] memfd_create("syzkaller", 0 [pid 5050] umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5981] <... memfd_create resumed>) = 3 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./151/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./151/binderfs") = 0 [ 147.729442][ T5979] loop1: detected capacity change from 0 to 4096 [pid 5050] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5981] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./149/file0", [pid 5980] <... write resumed>) = 2097152 [pid 5980] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5980] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5052] umount2("./149/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = 0 [ 147.772484][ T5979] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5980] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] openat(AT_FDCWD, "./149/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./154/file0", [pid 5052] <... openat resumed>) = 4 [pid 5052] newfstatat(4, "", [pid 5050] <... umount2 resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5981] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5980] close(3) = 0 [pid 5052] getdents64(4, [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5049] openat(AT_FDCWD, "./154/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] getdents64(4, [pid 5049] <... openat resumed>) = 4 [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5049] newfstatat(4, "", [pid 5052] close(4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5980] mkdir("./file0", 0777 [pid 5052] <... close resumed>) = 0 [pid 5049] getdents64(4, [pid 5052] rmdir("./149/file0" [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5980] <... mkdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5049] getdents64(4, [pid 5980] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5052] getdents64(3, [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] close(4 [pid 5052] close(3 [pid 5049] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5049] rmdir("./154/file0" [pid 5052] rmdir("./149" [pid 5050] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5052] <... rmdir resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] newfstatat(AT_FDCWD, "./151/file0", [pid 5049] close(3 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./154" [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./151/file0") = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3) = 0 [pid 5050] rmdir("./151" [pid 5049] <... rmdir resumed>) = 0 [pid 5052] mkdir("./150", 0777 [pid 5050] <... rmdir resumed>) = 0 [pid 5049] mkdir("./155", 0777 [pid 5050] mkdir("./152", 0777) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5049] <... openat resumed>) = 3 [ 147.813519][ T5980] loop0: detected capacity change from 0 to 4096 [ 147.851649][ T5980] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] close(3 [pid 5049] close(3 [pid 5052] <... close resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5982 [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5984 attached [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5983 [pid 5984] set_robust_list(0x555556629660, 24) = 0 ./strace-static-x86_64: Process 5983 attached ./strace-static-x86_64: Process 5982 attached [pid 5984] chdir("./152" [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5984 [pid 5984] <... chdir resumed>) = 0 [pid 5983] set_robust_list(0x555556629660, 24 [pid 5982] set_robust_list(0x555556629660, 24 [pid 5984] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5983] <... set_robust_list resumed>) = 0 [pid 5982] <... set_robust_list resumed>) = 0 [pid 5984] <... prctl resumed>) = 0 [pid 5982] chdir("./150" [pid 5984] setpgid(0, 0 [pid 5983] chdir("./155" [pid 5979] <... mount resumed>) = 0 [pid 5984] <... setpgid resumed>) = 0 [pid 5983] <... chdir resumed>) = 0 [pid 5979] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5982] <... chdir resumed>) = 0 [pid 5984] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5983] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5979] <... openat resumed>) = 3 [pid 5984] <... openat resumed>) = 3 [pid 5983] <... prctl resumed>) = 0 [pid 5982] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5979] chdir("./file0" [pid 5983] setpgid(0, 0 [pid 5982] <... prctl resumed>) = 0 [pid 5979] <... chdir resumed>) = 0 [pid 5984] write(3, "1000", 4 [pid 5983] <... setpgid resumed>) = 0 [pid 5982] setpgid(0, 0 [pid 5981] <... write resumed>) = 2097152 [pid 5980] <... mount resumed>) = 0 [pid 5979] ioctl(4, LOOP_CLR_FD [pid 5984] <... write resumed>) = 4 [pid 5982] <... setpgid resumed>) = 0 [pid 5983] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5979] <... ioctl resumed>) = 0 [pid 5983] write(3, "1000", 4 [pid 5982] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5979] close(4 [pid 5983] <... write resumed>) = 4 [pid 5979] <... close resumed>) = 0 [pid 5984] close(3 [pid 5983] close(3 [pid 5982] <... openat resumed>) = 3 [pid 5980] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5979] exit_group(0 [pid 5984] <... close resumed>) = 0 [pid 5983] <... close resumed>) = 0 [pid 5983] symlink("/dev/binderfs", "./binderfs" [pid 5984] symlink("/dev/binderfs", "./binderfs" [pid 5981] munmap(0x7f3b887a1000, 138412032 [pid 5984] <... symlink resumed>) = 0 [pid 5983] <... symlink resumed>) = 0 [pid 5981] <... munmap resumed>) = 0 [pid 5984] memfd_create("syzkaller", 0 [pid 5982] write(3, "1000", 4 [pid 5980] <... openat resumed>) = 3 [pid 5979] <... exit_group resumed>) = ? [pid 5984] <... memfd_create resumed>) = 3 [pid 5983] memfd_create("syzkaller", 0 [pid 5982] <... write resumed>) = 4 [pid 5981] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5980] chdir("./file0" [pid 5979] +++ exited with 0 +++ [pid 5984] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5982] close(3 [pid 5981] <... openat resumed>) = 4 [pid 5980] <... chdir resumed>) = 0 [pid 5984] <... mmap resumed>) = 0x7f3b887a1000 [pid 5983] <... memfd_create resumed>) = 3 [pid 5982] <... close resumed>) = 0 [pid 5981] ioctl(4, LOOP_SET_FD, 3 [pid 5980] ioctl(4, LOOP_CLR_FD [pid 5983] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5979, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5983] <... mmap resumed>) = 0x7f3b887a1000 [pid 5980] <... ioctl resumed>) = 0 [pid 5048] umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5982] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5982] <... symlink resumed>) = 0 [pid 5981] <... ioctl resumed>) = 0 [pid 5980] close(4 [pid 5982] memfd_create("syzkaller", 0 [pid 5980] <... close resumed>) = 0 [pid 5048] <... openat resumed>) = 3 [pid 5048] newfstatat(3, "", [pid 5981] close(3 [pid 5980] exit_group(0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5981] <... close resumed>) = 0 [pid 5980] <... exit_group resumed>) = ? [pid 5048] getdents64(3, [pid 5982] <... memfd_create resumed>) = 3 [pid 5981] mkdir("./file0", 0777 [pid 5980] +++ exited with 0 +++ [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5982] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5981] <... mkdir resumed>) = 0 [pid 5048] umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5980, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5982] <... mmap resumed>) = 0x7f3b887a1000 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./151/binderfs", [pid 5047] umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5981] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 147.973314][ T5981] loop4: detected capacity change from 0 to 4096 [pid 5047] openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5984] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5983] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5048] unlink("./151/binderfs") = 0 [pid 5047] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./154/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./154/binderfs") = 0 [pid 5047] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5047] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./154/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./154/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./154/file0" [pid 5048] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... rmdir resumed>) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./154") = 0 [pid 5047] mkdir("./155", 0777) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5047] ioctl(3, LOOP_CLR_FD) = 0 [pid 5984] <... write resumed>) = 2097152 [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5985 [ 148.014500][ T5981] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). ./strace-static-x86_64: Process 5985 attached [pid 5985] set_robust_list(0x555556629660, 24 [pid 5048] <... umount2 resumed>) = 0 [pid 5985] <... set_robust_list resumed>) = 0 [pid 5985] chdir("./155") = 0 [pid 5982] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5985] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5985] setpgid(0, 0) = 0 [pid 5985] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5985] write(3, "1000", 4 [pid 5048] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5985] <... write resumed>) = 4 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5985] close(3 [pid 5048] newfstatat(AT_FDCWD, "./151/file0", [pid 5985] <... close resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5985] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5983] <... write resumed>) = 2097152 [pid 5985] memfd_create("syzkaller", 0 [pid 5981] <... mount resumed>) = 0 [pid 5048] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5985] <... memfd_create resumed>) = 3 [pid 5984] munmap(0x7f3b887a1000, 138412032 [pid 5983] munmap(0x7f3b887a1000, 138412032 [pid 5981] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5048] getdents64(4, [pid 5985] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5981] <... openat resumed>) = 3 [pid 5985] <... mmap resumed>) = 0x7f3b887a1000 [pid 5981] chdir("./file0" [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5981] <... chdir resumed>) = 0 [pid 5981] ioctl(4, LOOP_CLR_FD [pid 5984] <... munmap resumed>) = 0 [pid 5981] <... ioctl resumed>) = 0 [pid 5048] getdents64(4, [pid 5981] close(4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./151/file0" [pid 5983] <... munmap resumed>) = 0 [pid 5981] <... close resumed>) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./151" [pid 5983] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5981] exit_group(0 [pid 5048] <... rmdir resumed>) = 0 [pid 5983] <... openat resumed>) = 4 [pid 5981] <... exit_group resumed>) = ? [pid 5048] mkdir("./152", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5981] +++ exited with 0 +++ [pid 5048] ioctl(3, LOOP_CLR_FD [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5981, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5983] ioctl(4, LOOP_SET_FD, 3 [pid 5051] restart_syscall(<... resuming interrupted clone ...> [pid 5048] close(3 [pid 5051] <... restart_syscall resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5051] umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5986 attached ) = -1 EINVAL (Invalid argument) [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5986 [pid 5986] set_robust_list(0x555556629660, 24 [pid 5051] openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5984] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5982] <... write resumed>) = 2097152 [pid 5984] <... openat resumed>) = 4 [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 5986] <... set_robust_list resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5986] chdir("./152" [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./151/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./151/binderfs") = 0 [pid 5051] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5986] <... chdir resumed>) = 0 [pid 5986] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5984] ioctl(4, LOOP_SET_FD, 3 [pid 5986] <... prctl resumed>) = 0 [pid 5983] <... ioctl resumed>) = 0 [pid 5986] setpgid(0, 0) = 0 [pid 5986] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5986] write(3, "1000", 4) = 4 [pid 5986] close(3) = 0 [pid 5984] <... ioctl resumed>) = 0 [pid 5983] close(3 [pid 5986] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5983] <... close resumed>) = 0 [pid 5986] memfd_create("syzkaller", 0 [pid 5983] mkdir("./file0", 0777 [ 148.132280][ T5983] loop2: detected capacity change from 0 to 4096 [ 148.163773][ T5984] loop3: detected capacity change from 0 to 4096 [pid 5984] close(3 [pid 5986] <... memfd_create resumed>) = 3 [pid 5984] <... close resumed>) = 0 [pid 5983] <... mkdir resumed>) = 0 [pid 5982] munmap(0x7f3b887a1000, 138412032 [pid 5984] mkdir("./file0", 0777 [pid 5983] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5986] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5984] <... mkdir resumed>) = 0 [pid 5982] <... munmap resumed>) = 0 [pid 5986] <... mmap resumed>) = 0x7f3b887a1000 [pid 5984] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5982] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5051] <... umount2 resumed>) = 0 [pid 5982] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5051] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./151/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5985] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] openat(AT_FDCWD, "./151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5051] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5982] close(3 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./151/file0" [pid 5982] <... close resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5051] getdents64(3, [pid 5982] mkdir("./file0", 0777 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./151" [pid 5982] <... mkdir resumed>) = 0 [pid 5051] <... rmdir resumed>) = 0 [ 148.185133][ T5983] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 148.203204][ T5984] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 148.214407][ T5982] loop5: detected capacity change from 0 to 4096 [pid 5982] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5051] mkdir("./152", 0777) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5984] <... mount resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5987 ./strace-static-x86_64: Process 5987 attached [pid 5984] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5987] set_robust_list(0x555556629660, 24 [pid 5984] <... openat resumed>) = 3 [pid 5987] <... set_robust_list resumed>) = 0 [pid 5984] chdir("./file0" [pid 5987] chdir("./152" [pid 5984] <... chdir resumed>) = 0 [pid 5987] <... chdir resumed>) = 0 [pid 5984] ioctl(4, LOOP_CLR_FD [pid 5987] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5984] <... ioctl resumed>) = 0 [pid 5987] <... prctl resumed>) = 0 [pid 5984] close(4 [pid 5987] setpgid(0, 0 [pid 5984] <... close resumed>) = 0 [pid 5984] exit_group(0 [pid 5987] <... setpgid resumed>) = 0 [pid 5984] <... exit_group resumed>) = ? [pid 5987] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5984] +++ exited with 0 +++ [pid 5987] <... openat resumed>) = 3 [pid 5987] write(3, "1000", 4 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5984, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5987] <... write resumed>) = 4 [pid 5050] restart_syscall(<... resuming interrupted clone ...> [pid 5987] close(3 [pid 5986] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5987] <... close resumed>) = 0 [pid 5050] <... restart_syscall resumed>) = 0 [pid 5987] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5050] umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5050] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5987] memfd_create("syzkaller", 0 [pid 5050] umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./152/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./152/binderfs") = 0 [pid 5987] <... memfd_create resumed>) = 3 [pid 5050] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5987] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5985] <... write resumed>) = 2097152 [pid 5987] <... mmap resumed>) = 0x7f3b887a1000 [ 148.255635][ T5982] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5985] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5985] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5985] ioctl(4, LOOP_SET_FD, 3 [pid 5983] <... mount resumed>) = 0 [pid 5983] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5983] chdir("./file0") = 0 [pid 5982] <... mount resumed>) = 0 [pid 5983] ioctl(4, LOOP_CLR_FD [pid 5982] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... umount2 resumed>) = 0 [pid 5983] <... ioctl resumed>) = 0 [pid 5982] <... openat resumed>) = 3 [pid 5983] close(4 [pid 5982] chdir("./file0" [pid 5983] <... close resumed>) = 0 [pid 5982] <... chdir resumed>) = 0 [pid 5983] exit_group(0 [pid 5982] ioctl(4, LOOP_CLR_FD) = 0 [pid 5983] <... exit_group resumed>) = ? [pid 5982] close(4) = 0 [pid 5050] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./152/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5982] exit_group(0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", [pid 5985] <... ioctl resumed>) = 0 [pid 5982] <... exit_group resumed>) = ? [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5985] close(3 [pid 5050] getdents64(4, [pid 5985] <... close resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5985] mkdir("./file0", 0777 [pid 5982] +++ exited with 0 +++ [pid 5050] getdents64(4, [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5982, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5052] restart_syscall(<... resuming interrupted clone ...> [pid 5985] <... mkdir resumed>) = 0 [pid 5052] <... restart_syscall resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5052] umount2("./150", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] rmdir("./152/file0" [pid 5983] +++ exited with 0 +++ [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... rmdir resumed>) = 0 [pid 5985] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5052] openat(AT_FDCWD, "./150", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5983, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5986] <... write resumed>) = 2097152 [pid 5052] <... openat resumed>) = 3 [pid 5050] getdents64(3, [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5986] munmap(0x7f3b887a1000, 138412032 [pid 5052] newfstatat(3, "", [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5049] <... restart_syscall resumed>) = 0 [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] close(3 [pid 5052] getdents64(3, [pid 5050] <... close resumed>) = 0 [pid 5049] umount2("./155", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] rmdir("./152" [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] umount2("./150/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... rmdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] mkdir("./153", 0777 [pid 5049] <... openat resumed>) = 3 [pid 5052] newfstatat(AT_FDCWD, "./150/binderfs", [pid 5049] newfstatat(3, "", [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5052] unlink("./150/binderfs" [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5052] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] getdents64(3, [pid 5987] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5986] <... munmap resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5986] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] umount2("./155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5986] <... openat resumed>) = 4 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] newfstatat(AT_FDCWD, "./155/binderfs", [pid 5986] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... openat resumed>) = 3 [ 148.329546][ T5985] loop0: detected capacity change from 0 to 4096 [ 148.369180][ T5985] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5049] unlink("./155/binderfs" [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5049] <... unlink resumed>) = 0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5988 attached , child_tidptr=0x555556629650) = 5988 [pid 5988] set_robust_list(0x555556629660, 24) = 0 [pid 5988] chdir("./153") = 0 [pid 5988] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5988] setpgid(0, 0) = 0 [pid 5988] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5986] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5988] write(3, "1000", 4 [pid 5986] close(3 [pid 5988] <... write resumed>) = 4 [pid 5986] <... close resumed>) = 0 [pid 5988] close(3 [pid 5986] mkdir("./file0", 0777 [pid 5988] <... close resumed>) = 0 [pid 5988] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5986] <... mkdir resumed>) = 0 [pid 5988] memfd_create("syzkaller", 0 [pid 5986] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5988] <... memfd_create resumed>) = 3 [pid 5988] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5985] <... mount resumed>) = 0 [pid 5052] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./150/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./150/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./150/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./150/file0") = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5052] close(3 [pid 5985] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... close resumed>) = 0 [pid 5985] <... openat resumed>) = 3 [pid 5052] rmdir("./150" [pid 5985] chdir("./file0" [pid 5052] <... rmdir resumed>) = 0 [pid 5985] <... chdir resumed>) = 0 [pid 5052] mkdir("./151", 0777 [ 148.396176][ T5986] loop1: detected capacity change from 0 to 4096 [ 148.428200][ T5986] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5985] ioctl(4, LOOP_CLR_FD) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5985] close(4 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5985] <... close resumed>) = 0 [pid 5052] <... openat resumed>) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] close(3) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5985] exit_group(0./strace-static-x86_64: Process 5989 attached [pid 5987] <... write resumed>) = 2097152 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5989 [pid 5989] set_robust_list(0x555556629660, 24 [pid 5985] <... exit_group resumed>) = ? [pid 5049] <... umount2 resumed>) = 0 [pid 5989] <... set_robust_list resumed>) = 0 [pid 5989] chdir("./151" [pid 5987] munmap(0x7f3b887a1000, 138412032 [pid 5989] <... chdir resumed>) = 0 [pid 5985] +++ exited with 0 +++ [pid 5989] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5985, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5989] <... prctl resumed>) = 0 [pid 5047] restart_syscall(<... resuming interrupted clone ...> [pid 5989] setpgid(0, 0 [pid 5047] <... restart_syscall resumed>) = 0 [pid 5989] <... setpgid resumed>) = 0 [pid 5989] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5987] <... munmap resumed>) = 0 [pid 5047] umount2("./155", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5989] <... openat resumed>) = 3 [pid 5047] <... openat resumed>) = 3 [pid 5047] newfstatat(3, "", [pid 5989] write(3, "1000", 4) = 4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5989] close(3 [pid 5047] getdents64(3, [pid 5989] <... close resumed>) = 0 [pid 5989] symlink("/dev/binderfs", "./binderfs" [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5989] <... symlink resumed>) = 0 [pid 5047] umount2("./155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5989] memfd_create("syzkaller", 0 [pid 5987] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5986] <... mount resumed>) = 0 [pid 5047] newfstatat(AT_FDCWD, "./155/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5986] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] unlink("./155/binderfs" [pid 5989] <... memfd_create resumed>) = 3 [pid 5987] <... openat resumed>) = 4 [pid 5986] <... openat resumed>) = 3 [pid 5049] newfstatat(AT_FDCWD, "./155/file0", [pid 5047] <... unlink resumed>) = 0 [pid 5989] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5987] ioctl(4, LOOP_SET_FD, 3 [pid 5986] chdir("./file0" [pid 5047] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5989] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5988] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5986] <... chdir resumed>) = 0 [pid 5049] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5987] <... ioctl resumed>) = 0 [pid 5047] <... umount2 resumed>) = 0 [pid 5987] close(3 [pid 5986] ioctl(4, LOOP_CLR_FD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./155/file0", [pid 5987] <... close resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5987] mkdir("./file0", 0777 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5987] <... mkdir resumed>) = 0 [pid 5986] <... ioctl resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./155/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] openat(AT_FDCWD, "./155/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", [pid 5987] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, [pid 5986] close(4 [pid 5049] <... openat resumed>) = 4 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [ 148.516210][ T5987] loop4: detected capacity change from 0 to 4096 [pid 5047] rmdir("./155/file0") = 0 [pid 5986] <... close resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 5986] exit_group(0) = ? [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5986] +++ exited with 0 +++ [pid 5049] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(3, [pid 5989] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./155") = 0 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5986, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5047] mkdir("./156", 0777 [pid 5049] getdents64(4, [pid 5048] restart_syscall(<... resuming interrupted clone ...> [pid 5047] <... mkdir resumed>) = 0 [pid 5048] <... restart_syscall resumed>) = 0 [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5049] close(4) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5049] rmdir("./155/file0" [pid 5048] umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(3 [pid 5048] openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... close resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 5049] getdents64(3, [pid 5048] <... openat resumed>) = 3 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] newfstatat(3, "", [pid 5049] close(3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 5990 [pid 5049] <... close resumed>) = 0 [pid 5048] getdents64(3, ./strace-static-x86_64: Process 5990 attached [pid 5049] rmdir("./155" [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./152/binderfs", [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5990] set_robust_list(0x555556629660, 24 [pid 5049] mkdir("./156", 0777 [pid 5990] <... set_robust_list resumed>) = 0 [pid 5048] unlink("./152/binderfs") = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5990] chdir("./156" [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5990] <... chdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5990] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5990] setpgid(0, 0) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5990] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 148.562417][ T5987] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5049] close(3 [pid 5990] <... openat resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 5990] write(3, "1000", 4 [pid 5988] <... write resumed>) = 2097152 [pid 5048] <... umount2 resumed>) = 0 [pid 5990] <... write resumed>) = 4 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5988] munmap(0x7f3b887a1000, 138412032 [pid 5048] newfstatat(AT_FDCWD, "./152/file0", [pid 5990] close(3 [pid 5988] <... munmap resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5988] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5048] rmdir("./152/file0" [pid 5990] <... close resumed>) = 0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5991 [pid 5990] symlink("/dev/binderfs", "./binderfs" [pid 5048] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5988] <... openat resumed>) = 4 [pid 5048] close(3 [pid 5988] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... close resumed>) = 0 [pid 5990] <... symlink resumed>) = 0 [pid 5048] rmdir("./152") = 0 [pid 5990] memfd_create("syzkaller", 0 [pid 5048] mkdir("./153", 0777) = 0 ./strace-static-x86_64: Process 5991 attached [pid 5990] <... memfd_create resumed>) = 3 [pid 5991] set_robust_list(0x555556629660, 24 [pid 5990] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5991] <... set_robust_list resumed>) = 0 [pid 5990] <... mmap resumed>) = 0x7f3b887a1000 [pid 5991] chdir("./156" [pid 5048] <... openat resumed>) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = 0 [pid 5991] <... chdir resumed>) = 0 [pid 5048] close(3) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 5992 ./strace-static-x86_64: Process 5992 attached [pid 5992] set_robust_list(0x555556629660, 24) = 0 [pid 5992] chdir("./153") = 0 [pid 5992] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5992] setpgid(0, 0) = 0 [pid 5991] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5991] <... prctl resumed>) = 0 [pid 5987] <... mount resumed>) = 0 [pid 5992] write(3, "1000", 4) = 4 [pid 5992] close(3 [pid 5988] <... ioctl resumed>) = 0 [pid 5992] <... close resumed>) = 0 [pid 5988] close(3 [pid 5992] symlink("/dev/binderfs", "./binderfs" [pid 5988] <... close resumed>) = 0 [pid 5992] <... symlink resumed>) = 0 [pid 5991] setpgid(0, 0 [pid 5989] <... write resumed>) = 2097152 [pid 5988] mkdir("./file0", 0777 [pid 5987] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5991] <... setpgid resumed>) = 0 [pid 5988] <... mkdir resumed>) = 0 [pid 5987] <... openat resumed>) = 3 [pid 5992] memfd_create("syzkaller", 0 [pid 5991] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5989] munmap(0x7f3b887a1000, 138412032 [pid 5988] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [ 148.649233][ T5988] loop3: detected capacity change from 0 to 4096 [pid 5987] chdir("./file0" [pid 5992] <... memfd_create resumed>) = 3 [pid 5991] <... openat resumed>) = 3 [pid 5987] <... chdir resumed>) = 0 [pid 5987] ioctl(4, LOOP_CLR_FD [pid 5991] write(3, "1000", 4 [pid 5989] <... munmap resumed>) = 0 [pid 5992] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5991] <... write resumed>) = 4 [pid 5987] <... ioctl resumed>) = 0 [pid 5992] <... mmap resumed>) = 0x7f3b887a1000 [pid 5991] close(3 [pid 5987] close(4 [pid 5991] <... close resumed>) = 0 [pid 5987] <... close resumed>) = 0 [pid 5989] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5987] exit_group(0 [pid 5991] symlink("/dev/binderfs", "./binderfs" [pid 5987] <... exit_group resumed>) = ? [pid 5989] <... openat resumed>) = 4 [pid 5989] ioctl(4, LOOP_SET_FD, 3 [pid 5991] <... symlink resumed>) = 0 [pid 5987] +++ exited with 0 +++ [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5987, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5991] memfd_create("syzkaller", 0 [pid 5051] umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5991] <... memfd_create resumed>) = 3 [pid 5990] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5051] newfstatat(3, "", [pid 5991] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, [pid 5989] <... ioctl resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 148.695971][ T5988] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 148.733954][ T5989] loop5: detected capacity change from 0 to 4096 [pid 5989] close(3) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5989] mkdir("./file0", 0777 [pid 5988] <... mount resumed>) = 0 [pid 5989] <... mkdir resumed>) = 0 [pid 5988] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5989] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5988] chdir("./file0" [pid 5051] newfstatat(AT_FDCWD, "./152/binderfs", [pid 5988] <... chdir resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5988] ioctl(4, LOOP_CLR_FD [pid 5051] unlink("./152/binderfs" [pid 5988] <... ioctl resumed>) = 0 [pid 5051] <... unlink resumed>) = 0 [pid 5051] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5988] close(4) = 0 [pid 5992] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5990] <... write resumed>) = 2097152 [pid 5988] exit_group(0 [pid 5051] <... umount2 resumed>) = 0 [pid 5988] <... exit_group resumed>) = ? [pid 5051] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5988] +++ exited with 0 +++ [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 148.781022][ T5989] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5991] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5990] munmap(0x7f3b887a1000, 138412032 [pid 5051] newfstatat(AT_FDCWD, "./152/file0", [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5988, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5050] umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", [pid 5051] openat(AT_FDCWD, "./152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5051] newfstatat(4, "", [pid 5050] getdents64(3, [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./153/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] unlink("./153/binderfs" [pid 5989] <... mount resumed>) = 0 [pid 5051] getdents64(4, [pid 5050] <... unlink resumed>) = 0 [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] close(4 [pid 5989] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5990] <... munmap resumed>) = 0 [pid 5989] chdir("./file0" [pid 5051] <... close resumed>) = 0 [pid 5990] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] rmdir("./152/file0" [pid 5989] <... chdir resumed>) = 0 [pid 5989] ioctl(4, LOOP_CLR_FD) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5990] <... openat resumed>) = 4 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5990] ioctl(4, LOOP_SET_FD, 3 [pid 5989] close(4) = 0 [pid 5989] exit_group(0) = ? [pid 5989] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5989, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5052] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5051] close(3 [pid 5050] <... umount2 resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./152") = 0 [pid 5051] mkdir("./153", 0777 [pid 5052] umount2("./151", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./151", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5990] <... ioctl resumed>) = 0 [pid 5052] getdents64(3, [pid 5990] close(3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5052] umount2("./151/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5990] <... close resumed>) = 0 [pid 5052] newfstatat(AT_FDCWD, "./151/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5990] mkdir("./file0", 0777 [pid 5052] unlink("./151/binderfs" [pid 5051] <... openat resumed>) = 3 [pid 5990] <... mkdir resumed>) = 0 [pid 5052] <... unlink resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 5990] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5052] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 5992] <... write resumed>) = 2097152 [pid 5051] <... close resumed>) = 0 [pid 5050] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5991] <... write resumed>) = 2097152 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./153/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5992] munmap(0x7f3b887a1000, 138412032 [pid 5050] newfstatat(4, "", ./strace-static-x86_64: Process 5993 attached [pid 5991] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5993] set_robust_list(0x555556629660, 24 [pid 5991] <... munmap resumed>) = 0 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 5993 [pid 5050] getdents64(4, [pid 5993] <... set_robust_list resumed>) = 0 [pid 5993] chdir("./153") = 0 [pid 5991] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5993] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5991] <... openat resumed>) = 4 [pid 5050] getdents64(4, [pid 5993] <... prctl resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5993] setpgid(0, 0 [pid 5050] close(4 [pid 5993] <... setpgid resumed>) = 0 [pid 5050] <... close resumed>) = 0 [ 148.887678][ T5990] loop0: detected capacity change from 0 to 4096 [ 148.917680][ T5990] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5050] rmdir("./153/file0" [pid 5993] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5991] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... rmdir resumed>) = 0 [pid 5992] <... munmap resumed>) = 0 [pid 5050] getdents64(3, [pid 5992] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5992] <... openat resumed>) = 4 [pid 5050] close(3 [pid 5992] ioctl(4, LOOP_SET_FD, 3 [pid 5050] <... close resumed>) = 0 [pid 5993] <... openat resumed>) = 3 [pid 5993] write(3, "1000", 4) = 4 [pid 5992] <... ioctl resumed>) = 0 [pid 5991] <... ioctl resumed>) = 0 [pid 5050] rmdir("./153" [pid 5993] close(3 [pid 5991] close(3 [pid 5050] <... rmdir resumed>) = 0 [pid 5993] <... close resumed>) = 0 [pid 5992] close(3 [pid 5991] <... close resumed>) = 0 [pid 5993] symlink("/dev/binderfs", "./binderfs" [pid 5992] <... close resumed>) = 0 [pid 5991] mkdir("./file0", 0777 [pid 5050] mkdir("./154", 0777 [pid 5992] mkdir("./file0", 0777 [pid 5991] <... mkdir resumed>) = 0 [pid 5992] <... mkdir resumed>) = 0 [pid 5993] <... symlink resumed>) = 0 [pid 5992] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5050] <... mkdir resumed>) = 0 [pid 5993] memfd_create("syzkaller", 0 [pid 5991] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5990] <... mount resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5993] <... memfd_create resumed>) = 3 [pid 5990] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... openat resumed>) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3 [pid 5993] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5990] <... openat resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5993] <... mmap resumed>) = 0x7f3b887a1000 [pid 5990] chdir("./file0" [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5994 attached [pid 5990] <... chdir resumed>) = 0 [pid 5990] ioctl(4, LOOP_CLR_FD [pid 5994] set_robust_list(0x555556629660, 24 [pid 5990] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5994 [ 148.949626][ T5991] loop2: detected capacity change from 0 to 4096 [ 148.951371][ T5992] loop1: detected capacity change from 0 to 4096 [ 148.978075][ T5992] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 148.989576][ T5991] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5990] close(4 [pid 5994] <... set_robust_list resumed>) = 0 [pid 5990] <... close resumed>) = 0 [pid 5052] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./151/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] umount2("./151/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./151/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5052] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5052] close(4) = 0 [pid 5052] rmdir("./151/file0" [pid 5994] chdir("./154" [pid 5990] exit_group(0 [pid 5052] <... rmdir resumed>) = 0 [pid 5994] <... chdir resumed>) = 0 [pid 5990] <... exit_group resumed>) = ? [pid 5994] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5990] +++ exited with 0 +++ [pid 5994] <... prctl resumed>) = 0 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5990, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5994] setpgid(0, 0 [pid 5052] getdents64(3, [pid 5994] <... setpgid resumed>) = 0 [pid 5994] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] umount2("./156", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./156", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5994] <... openat resumed>) = 3 [pid 5994] write(3, "1000", 4) = 4 [pid 5994] close(3 [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5994] <... close resumed>) = 0 [pid 5994] symlink("/dev/binderfs", "./binderfs" [pid 5052] close(3 [pid 5047] umount2("./156/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] rmdir("./151" [pid 5047] newfstatat(AT_FDCWD, "./156/binderfs", [pid 5994] <... symlink resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] mkdir("./152", 0777 [pid 5047] unlink("./156/binderfs" [pid 5991] <... mount resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5047] <... unlink resumed>) = 0 [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5994] memfd_create("syzkaller", 0 [pid 5991] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = 0 [pid 5994] <... memfd_create resumed>) = 3 [pid 5991] <... openat resumed>) = 3 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5047] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5994] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5992] <... mount resumed>) = 0 [pid 5991] chdir("./file0" [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5994] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] close(3 [pid 5047] newfstatat(AT_FDCWD, "./156/file0", [pid 5991] <... chdir resumed>) = 0 [pid 5992] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... close resumed>) = 0 [pid 5992] <... openat resumed>) = 3 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./156/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5993] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5992] chdir("./file0" [pid 5991] ioctl(4, LOOP_CLR_FD [pid 5047] <... openat resumed>) = 4 [pid 5991] <... ioctl resumed>) = 0 [pid 5991] close(4 [pid 5992] <... chdir resumed>) = 0 [pid 5991] <... close resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 5995 [pid 5047] newfstatat(4, "", ./strace-static-x86_64: Process 5995 attached [pid 5992] ioctl(4, LOOP_CLR_FD [pid 5991] exit_group(0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5995] set_robust_list(0x555556629660, 24 [pid 5992] <... ioctl resumed>) = 0 [pid 5047] getdents64(4, [pid 5995] <... set_robust_list resumed>) = 0 [pid 5991] <... exit_group resumed>) = ? [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5995] chdir("./152" [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5995] <... chdir resumed>) = 0 [pid 5992] close(4 [pid 5995] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5992] <... close resumed>) = 0 [pid 5991] +++ exited with 0 +++ [pid 5047] rmdir("./156/file0" [pid 5995] <... prctl resumed>) = 0 [pid 5992] exit_group(0 [pid 5995] setpgid(0, 0 [pid 5992] <... exit_group resumed>) = ? [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5991, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5047] <... rmdir resumed>) = 0 [pid 5995] <... setpgid resumed>) = 0 [pid 5049] restart_syscall(<... resuming interrupted clone ...> [pid 5047] getdents64(3, [pid 5995] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5992] +++ exited with 0 +++ [pid 5049] <... restart_syscall resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5995] <... openat resumed>) = 3 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5992, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5047] close(3 [pid 5995] write(3, "1000", 4) = 4 [pid 5995] close(3 [pid 5049] umount2("./156", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5995] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] <... close resumed>) = 0 [pid 5995] symlink("/dev/binderfs", "./binderfs" [pid 5049] openat(AT_FDCWD, "./156", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5995] <... symlink resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] <... openat resumed>) = 3 [pid 5047] rmdir("./156" [pid 5995] memfd_create("syzkaller", 0 [pid 5049] newfstatat(3, "", [pid 5048] newfstatat(3, "", [pid 5047] <... rmdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] mkdir("./157", 0777 [pid 5995] <... memfd_create resumed>) = 3 [pid 5995] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 5994] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] getdents64(3, [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./153/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5048] unlink("./153/binderfs") = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5049] umount2("./156/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] <... openat resumed>) = 3 [pid 5049] newfstatat(AT_FDCWD, "./156/binderfs", [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5049] unlink("./156/binderfs" [pid 5047] close(3 [pid 5049] <... unlink resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 5049] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5996 attached , child_tidptr=0x555556629650) = 5996 [pid 5996] set_robust_list(0x555556629660, 24) = 0 [pid 5996] chdir("./157") = 0 [pid 5996] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5993] <... write resumed>) = 2097152 [pid 5996] setpgid(0, 0) = 0 [pid 5993] munmap(0x7f3b887a1000, 138412032 [pid 5996] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5993] <... munmap resumed>) = 0 [pid 5993] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5996] write(3, "1000", 4) = 4 [pid 5993] <... openat resumed>) = 4 [pid 5996] close(3) = 0 [pid 5996] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5995] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5993] ioctl(4, LOOP_SET_FD, 3 [pid 5996] memfd_create("syzkaller", 0 [pid 5049] <... umount2 resumed>) = 0 [pid 5996] <... memfd_create resumed>) = 3 [pid 5994] <... write resumed>) = 2097152 [pid 5049] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = 0 [pid 5996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5994] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5048] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] newfstatat(AT_FDCWD, "./156/file0", [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] newfstatat(AT_FDCWD, "./153/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5996] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5994] <... munmap resumed>) = 0 [pid 5049] openat(AT_FDCWD, "./156/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", [pid 5994] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5993] <... ioctl resumed>) = 0 [pid 5049] <... openat resumed>) = 4 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] newfstatat(4, "", [pid 5048] getdents64(4, [pid 5994] <... openat resumed>) = 4 [pid 5994] ioctl(4, LOOP_SET_FD, 3 [pid 5993] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5993] <... close resumed>) = 0 [ 149.210186][ T5993] loop4: detected capacity change from 0 to 4096 [pid 5993] mkdir("./file0", 0777) = 0 [pid 5993] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5994] <... ioctl resumed>) = 0 [pid 5049] getdents64(4, [pid 5048] getdents64(4, [pid 5995] <... write resumed>) = 2097152 [pid 5994] close(3 [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5994] <... close resumed>) = 0 [pid 5048] close(4 [pid 5994] mkdir("./file0", 0777 [pid 5049] getdents64(4, [pid 5048] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5994] <... mkdir resumed>) = 0 [pid 5049] close(4 [pid 5048] rmdir("./153/file0" [pid 5994] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] <... close resumed>) = 0 [pid 5049] rmdir("./156/file0") = 0 [pid 5049] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... rmdir resumed>) = 0 [pid 5995] munmap(0x7f3b887a1000, 138412032) = 0 [pid 5995] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5049] close(3 [pid 5048] getdents64(3, [pid 5995] <... openat resumed>) = 4 [ 149.263835][ T5994] loop3: detected capacity change from 0 to 4096 [ 149.267549][ T5993] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 149.301609][ T5994] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5049] <... close resumed>) = 0 [pid 5996] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5995] ioctl(4, LOOP_SET_FD, 3 [pid 5049] rmdir("./156" [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 5049] <... rmdir resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 5049] mkdir("./157", 0777 [pid 5048] rmdir("./153") = 0 [pid 5995] <... ioctl resumed>) = 0 [pid 5049] <... mkdir resumed>) = 0 [pid 5048] mkdir("./154", 0777 [pid 5995] close(3) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5048] <... mkdir resumed>) = 0 [pid 5049] ioctl(3, LOOP_CLR_FD [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5996] <... write resumed>) = 2097152 [pid 5995] mkdir("./file0", 0777 [pid 5994] <... mount resumed>) = 0 [pid 5993] <... mount resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5996] munmap(0x7f3b887a1000, 138412032 [pid 5995] <... mkdir resumed>) = 0 [pid 5994] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5993] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] close(3 [pid 5048] <... openat resumed>) = 3 [pid 5995] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5993] <... openat resumed>) = 3 [pid 5993] chdir("./file0" [pid 5049] <... close resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5993] <... chdir resumed>) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5048] close(3 [pid 5993] ioctl(4, LOOP_CLR_FD [pid 5048] <... close resumed>) = 0 [pid 5994] <... openat resumed>) = 3 [pid 5993] <... ioctl resumed>) = 0 [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5994] chdir("./file0" [pid 5993] close(4 [pid 5996] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5997 attached [pid 5996] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5997] set_robust_list(0x555556629660, 24 [pid 5996] <... openat resumed>) = 4 [pid 5994] <... chdir resumed>) = 0 [pid 5993] <... close resumed>) = 0 [pid 5997] <... set_robust_list resumed>) = 0 [pid 5996] ioctl(4, LOOP_SET_FD, 3 [pid 5994] ioctl(4, LOOP_CLR_FD [ 149.318440][ T5995] loop5: detected capacity change from 0 to 4096 [ 149.358174][ T5995] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 5993] exit_group(0 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 5997 [pid 5997] chdir("./157" [pid 5994] <... ioctl resumed>) = 0 [pid 5993] <... exit_group resumed>) = ? [pid 5994] close(4) = 0 [pid 5994] exit_group(0) = ? ./strace-static-x86_64: Process 5998 attached [pid 5997] <... chdir resumed>) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 5998 [pid 5998] set_robust_list(0x555556629660, 24 [pid 5997] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5994] +++ exited with 0 +++ [pid 5993] +++ exited with 0 +++ [pid 5998] <... set_robust_list resumed>) = 0 [pid 5997] <... prctl resumed>) = 0 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5993, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5994, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5997] setpgid(0, 0 [pid 5998] chdir("./154") = 0 [pid 5997] <... setpgid resumed>) = 0 [pid 5996] <... ioctl resumed>) = 0 [pid 5998] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5997] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5996] close(3 [pid 5051] umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5998] <... prctl resumed>) = 0 [pid 5997] <... openat resumed>) = 3 [pid 5996] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5998] setpgid(0, 0 [pid 5997] write(3, "1000", 4 [pid 5996] mkdir("./file0", 0777 [pid 5051] openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5998] <... setpgid resumed>) = 0 [pid 5997] <... write resumed>) = 4 [pid 5996] <... mkdir resumed>) = 0 [pid 5995] <... mount resumed>) = 0 [pid 5051] <... openat resumed>) = 3 [pid 5998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5997] close(3 [pid 5996] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 5995] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] newfstatat(3, "", [pid 5050] <... openat resumed>) = 3 [pid 5997] <... close resumed>) = 0 [pid 5995] <... openat resumed>) = 3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] newfstatat(3, "", [pid 5998] <... openat resumed>) = 3 [ 149.373881][ T5996] loop0: detected capacity change from 0 to 4096 [pid 5997] symlink("/dev/binderfs", "./binderfs" [pid 5995] chdir("./file0" [pid 5051] getdents64(3, [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5995] <... chdir resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5050] getdents64(3, [pid 5995] ioctl(4, LOOP_CLR_FD [pid 5051] umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5995] <... ioctl resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5995] close(4 [pid 5051] newfstatat(AT_FDCWD, "./153/binderfs", [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5995] <... close resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] newfstatat(AT_FDCWD, "./154/binderfs", [pid 5995] exit_group(0 [pid 5051] unlink("./153/binderfs" [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5995] <... exit_group resumed>) = ? [pid 5051] <... unlink resumed>) = 0 [pid 5050] unlink("./154/binderfs" [pid 5995] +++ exited with 0 +++ [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5995, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5050] <... unlink resumed>) = 0 [pid 5997] <... symlink resumed>) = 0 [pid 5998] write(3, "1000", 4 [pid 5051] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5998] <... write resumed>) = 4 [pid 5997] memfd_create("syzkaller", 0 [pid 5998] close(3 [pid 5997] <... memfd_create resumed>) = 3 [pid 5998] <... close resumed>) = 0 [pid 5997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5998] symlink("/dev/binderfs", "./binderfs" [pid 5052] umount2("./152", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5998] <... symlink resumed>) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5998] memfd_create("syzkaller", 0 [pid 5997] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] openat(AT_FDCWD, "./152", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5998] <... memfd_create resumed>) = 3 [pid 5052] umount2("./152/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5998] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5998] <... mmap resumed>) = 0x7f3b887a1000 [pid 5052] newfstatat(AT_FDCWD, "./152/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./152/binderfs") = 0 [ 149.421416][ T5996] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5052] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5996] <... mount resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./154/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5996] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5051] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5996] <... openat resumed>) = 3 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./153/file0", [pid 5996] chdir("./file0" [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5996] <... chdir resumed>) = 0 [pid 5051] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5996] ioctl(4, LOOP_CLR_FD [pid 5050] openat(AT_FDCWD, "./154/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5996] <... ioctl resumed>) = 0 [pid 5052] <... umount2 resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5996] close(4 [pid 5051] openat(AT_FDCWD, "./153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5996] <... close resumed>) = 0 [pid 5051] <... openat resumed>) = 4 [pid 5996] exit_group(0 [pid 5051] newfstatat(4, "", [pid 5996] <... exit_group resumed>) = ? [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... openat resumed>) = 4 [pid 5051] getdents64(4, [pid 5050] newfstatat(4, "", [pid 5051] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(4, [pid 5050] getdents64(4, [pid 5052] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] close(4 [pid 5052] newfstatat(AT_FDCWD, "./152/file0", [pid 5051] <... close resumed>) = 0 [pid 5050] getdents64(4, [pid 5996] +++ exited with 0 +++ [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] rmdir("./153/file0" [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5998] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] umount2("./152/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] <... rmdir resumed>) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./154/file0" [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5996, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5047] umount2("./157", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... rmdir resumed>) = 0 [pid 5050] getdents64(3, [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] openat(AT_FDCWD, "./157", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] close(3) = 0 [pid 5047] <... openat resumed>) = 3 [pid 5050] rmdir("./154" [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(3, "", [pid 5052] openat(AT_FDCWD, "./152/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5051] getdents64(3, [pid 5050] <... rmdir resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5997] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5052] <... openat resumed>) = 4 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] mkdir("./155", 0777 [pid 5052] newfstatat(4, "", [pid 5051] close(3 [pid 5047] getdents64(3, [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... mkdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] getdents64(4, [pid 5051] <... close resumed>) = 0 [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5047] umount2("./157/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] getdents64(4, [pid 5051] rmdir("./153" [pid 5050] <... openat resumed>) = 3 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] <... rmdir resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 5047] newfstatat(AT_FDCWD, "./157/binderfs", [pid 5052] close(4 [pid 5051] mkdir("./154", 0777 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] <... close resumed>) = 0 [pid 5051] <... mkdir resumed>) = 0 [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] rmdir("./152/file0") = 0 ./strace-static-x86_64: Process 5999 attached [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 5999 [pid 5999] set_robust_list(0x555556629660, 24) = 0 [pid 5999] chdir("./155" [pid 5052] getdents64(3, [pid 5047] unlink("./157/binderfs" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5047] <... unlink resumed>) = 0 [pid 5052] close(3 [pid 5051] <... openat resumed>) = 3 [pid 5047] umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... close resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5052] rmdir("./152" [pid 5051] close(3 [pid 5999] <... chdir resumed>) = 0 [pid 5052] <... rmdir resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5999] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5999] <... prctl resumed>) = 0 [pid 5052] mkdir("./153", 0777 [pid 5047] <... umount2 resumed>) = 0 [pid 5052] <... mkdir resumed>) = 0 [pid 5047] umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./157/file0", [pid 5999] setpgid(0, 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5052] <... openat resumed>) = 3 [pid 5047] openat(AT_FDCWD, "./157/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5999] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 6000 attached [pid 5999] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5047] <... openat resumed>) = 4 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] newfstatat(4, "", [pid 5999] <... openat resumed>) = 3 [pid 6000] set_robust_list(0x555556629660, 24 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6000] <... set_robust_list resumed>) = 0 [pid 5052] close(3 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 6000 [pid 5047] getdents64(4, [pid 6000] chdir("./154" [pid 5052] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 6000] <... chdir resumed>) = 0 [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5047] getdents64(4, [pid 6000] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5999] write(3, "1000", 4 [pid 5047] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5999] <... write resumed>) = 4 [pid 6000] <... prctl resumed>) = 0 [pid 5999] close(3 [pid 5047] close(4 [pid 6000] setpgid(0, 0 [pid 5999] <... close resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 6000] <... setpgid resumed>) = 0 [pid 5999] symlink("/dev/binderfs", "./binderfs" [pid 6000] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5047] rmdir("./157/file0" [pid 6000] <... openat resumed>) = 3 [pid 5999] <... symlink resumed>) = 0 [pid 6000] write(3, "1000", 4 [pid 5047] <... rmdir resumed>) = 0 [pid 6000] <... write resumed>) = 4 [pid 6000] close(3 [pid 5999] memfd_create("syzkaller", 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 6001 [pid 5047] getdents64(3, [pid 6000] <... close resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 6000] symlink("/dev/binderfs", "./binderfs" [pid 5047] close(3 [pid 6000] <... symlink resumed>) = 0 [pid 5047] <... close resumed>) = 0 [pid 6000] memfd_create("syzkaller", 0./strace-static-x86_64: Process 6001 attached [pid 5047] rmdir("./157") = 0 [pid 6000] <... memfd_create resumed>) = 3 [pid 6000] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5047] mkdir("./158", 0777 [pid 6000] <... mmap resumed>) = 0x7f3b887a1000 [pid 6001] set_robust_list(0x555556629660, 24) = 0 [pid 5999] <... memfd_create resumed>) = 3 [pid 5047] <... mkdir resumed>) = 0 [pid 6001] chdir("./153" [pid 5999] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6001] <... chdir resumed>) = 0 [pid 5999] <... mmap resumed>) = 0x7f3b887a1000 [pid 6001] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 6001] <... prctl resumed>) = 0 [pid 5998] <... write resumed>) = 2097152 [pid 5997] <... write resumed>) = 2097152 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 6001] setpgid(0, 0 [pid 5998] munmap(0x7f3b887a1000, 138412032 [pid 5997] munmap(0x7f3b887a1000, 138412032 [pid 6001] <... setpgid resumed>) = 0 [pid 6001] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5998] <... munmap resumed>) = 0 [pid 5997] <... munmap resumed>) = 0 [pid 6001] <... openat resumed>) = 3 [pid 6001] write(3, "1000", 4 [pid 5998] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5997] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6001] <... write resumed>) = 4 [pid 6001] close(3 [pid 5998] <... openat resumed>) = 4 [pid 5997] <... openat resumed>) = 4 [pid 6001] <... close resumed>) = 0 [pid 5998] ioctl(4, LOOP_SET_FD, 3 [pid 5997] ioctl(4, LOOP_SET_FD, 3 [pid 6001] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5997] <... ioctl resumed>) = 0 [pid 6001] memfd_create("syzkaller", 0 [pid 5999] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5997] close(3) = 0 [pid 6001] <... memfd_create resumed>) = 3 [pid 5998] <... ioctl resumed>) = 0 [pid 5997] mkdir("./file0", 0777 [pid 5998] close(3) = 0 [pid 6001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5998] mkdir("./file0", 0777 [pid 5997] <... mkdir resumed>) = 0 [ 149.674579][ T5997] loop2: detected capacity change from 0 to 4096 [ 149.685564][ T5998] loop1: detected capacity change from 0 to 4096 [pid 6001] <... mmap resumed>) = 0x7f3b887a1000 [pid 5998] <... mkdir resumed>) = 0 [pid 5997] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 5998] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6000] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5047] <... ioctl resumed>) = 0 [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 6002 ./strace-static-x86_64: Process 6002 attached [pid 6002] set_robust_list(0x555556629660, 24) = 0 [pid 6002] chdir("./158") = 0 [pid 6002] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6002] setpgid(0, 0) = 0 [pid 6002] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6002] write(3, "1000", 4) = 4 [pid 5998] <... mount resumed>) = 0 [ 149.723289][ T5998] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 149.733241][ T5997] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 6002] close(3 [pid 6000] <... write resumed>) = 2097152 [pid 5999] <... write resumed>) = 2097152 [pid 5998] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5998] chdir("./file0" [pid 6002] <... close resumed>) = 0 [pid 5998] <... chdir resumed>) = 0 [pid 6002] symlink("/dev/binderfs", "./binderfs" [pid 5998] ioctl(4, LOOP_CLR_FD [pid 6002] <... symlink resumed>) = 0 [pid 5999] munmap(0x7f3b887a1000, 138412032 [pid 5998] <... ioctl resumed>) = 0 [pid 5997] <... mount resumed>) = 0 [pid 6002] memfd_create("syzkaller", 0 [pid 5998] close(4 [pid 5997] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5998] <... close resumed>) = 0 [pid 5997] <... openat resumed>) = 3 [pid 5999] <... munmap resumed>) = 0 [pid 5998] exit_group(0 [pid 5997] chdir("./file0" [pid 6002] <... memfd_create resumed>) = 3 [pid 6002] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5997] <... chdir resumed>) = 0 [pid 6002] <... mmap resumed>) = 0x7f3b887a1000 [pid 5997] ioctl(4, LOOP_CLR_FD [pid 6001] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5999] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5998] <... exit_group resumed>) = ? [pid 5997] <... ioctl resumed>) = 0 [pid 5997] close(4 [pid 5998] +++ exited with 0 +++ [pid 5997] <... close resumed>) = 0 [pid 5999] <... openat resumed>) = 4 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5998, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5997] exit_group(0 [pid 5999] ioctl(4, LOOP_SET_FD, 3 [pid 5997] <... exit_group resumed>) = ? [pid 5048] umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6000] munmap(0x7f3b887a1000, 138412032 [pid 5048] <... openat resumed>) = 3 [pid 6000] <... munmap resumed>) = 0 [pid 5048] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./154/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] unlink("./154/binderfs") = 0 [pid 5048] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5997] +++ exited with 0 +++ [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5997, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5049] umount2("./157", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6000] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6000] <... openat resumed>) = 4 [pid 5049] openat(AT_FDCWD, "./157", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6000] ioctl(4, LOOP_SET_FD, 3 [pid 5049] <... openat resumed>) = 3 [pid 5049] newfstatat(3, "", [pid 6000] <... ioctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6000] close(3) = 0 [pid 5049] getdents64(3, [pid 6000] mkdir("./file0", 0777 [pid 5999] <... ioctl resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 6000] <... mkdir resumed>) = 0 [pid 5999] close(3 [pid 5049] umount2("./157/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6000] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5999] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 149.822767][ T5999] loop3: detected capacity change from 0 to 4096 [ 149.853421][ T6000] loop4: detected capacity change from 0 to 4096 [pid 5999] mkdir("./file0", 0777 [pid 5049] newfstatat(AT_FDCWD, "./157/binderfs", [pid 5999] <... mkdir resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5999] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5049] unlink("./157/binderfs") = 0 [pid 5049] umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] <... umount2 resumed>) = 0 [pid 5048] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] newfstatat(AT_FDCWD, "./154/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5048] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./154/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5048] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5048] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5048] close(4) = 0 [pid 5048] rmdir("./154/file0") = 0 [pid 5048] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3) = 0 [pid 5048] rmdir("./154") = 0 [pid 5048] mkdir("./155", 0777) = 0 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5048] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] <... umount2 resumed>) = 0 [pid 5048] close(3) = 0 [ 149.871271][ T6000] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 149.885151][ T5999] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 6003 ./strace-static-x86_64: Process 6003 attached [pid 6003] set_robust_list(0x555556629660, 24) = 0 [pid 6003] chdir("./155") = 0 [pid 6003] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6001] <... write resumed>) = 2097152 [pid 5049] umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6003] <... prctl resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6003] setpgid(0, 0 [pid 5049] newfstatat(AT_FDCWD, "./157/file0", [pid 6003] <... setpgid resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6003] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5049] umount2("./157/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6003] <... openat resumed>) = 3 [pid 6002] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] openat(AT_FDCWD, "./157/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6003] write(3, "1000", 4 [pid 6001] munmap(0x7f3b887a1000, 138412032 [pid 5049] <... openat resumed>) = 4 [pid 6003] <... write resumed>) = 4 [pid 5999] <... mount resumed>) = 0 [pid 5049] newfstatat(4, "", [pid 6003] close(3 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6003] <... close resumed>) = 0 [pid 5049] getdents64(4, [pid 6003] symlink("/dev/binderfs", "./binderfs" [pid 6001] <... munmap resumed>) = 0 [pid 5999] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 6003] <... symlink resumed>) = 0 [pid 5049] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 6003] memfd_create("syzkaller", 0 [pid 5999] <... openat resumed>) = 3 [pid 5049] close(4 [pid 5999] chdir("./file0") = 0 [pid 5049] <... close resumed>) = 0 [pid 5999] ioctl(4, LOOP_CLR_FD [pid 5049] rmdir("./157/file0" [pid 6001] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5999] <... ioctl resumed>) = 0 [pid 5049] <... rmdir resumed>) = 0 [pid 6001] <... openat resumed>) = 4 [pid 5999] close(4 [pid 5049] getdents64(3, [pid 5999] <... close resumed>) = 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 6002] <... write resumed>) = 2097152 [pid 6001] ioctl(4, LOOP_SET_FD, 3 [pid 5999] exit_group(0 [pid 5049] close(3 [pid 5999] <... exit_group resumed>) = ? [pid 6003] <... memfd_create resumed>) = 3 [pid 5049] <... close resumed>) = 0 [pid 6003] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] rmdir("./157" [pid 6003] <... mmap resumed>) = 0x7f3b887a1000 [pid 5049] <... rmdir resumed>) = 0 [pid 6001] <... ioctl resumed>) = 0 [pid 6000] <... mount resumed>) = 0 [pid 5049] mkdir("./158", 0777 [pid 6000] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5049] <... mkdir resumed>) = 0 [pid 6002] munmap(0x7f3b887a1000, 138412032 [pid 6001] close(3 [pid 6000] <... openat resumed>) = 3 [pid 5999] +++ exited with 0 +++ [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6000] chdir("./file0" [pid 5049] <... openat resumed>) = 3 [pid 6000] <... chdir resumed>) = 0 [pid 6000] ioctl(4, LOOP_CLR_FD [pid 5049] ioctl(3, LOOP_CLR_FD [pid 6000] <... ioctl resumed>) = 0 [pid 5049] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6000] close(4 [pid 5049] close(3 [pid 6000] <... close resumed>) = 0 [pid 5049] <... close resumed>) = 0 [pid 6000] exit_group(0) = ? [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6002] <... munmap resumed>) = 0 [pid 6001] <... close resumed>) = 0 [pid 6000] +++ exited with 0 +++ [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5999, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 6001] mkdir("./file0", 0777./strace-static-x86_64: Process 6004 attached [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6000, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5050] umount2("./155", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6004] set_robust_list(0x555556629660, 24 [pid 5051] umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6004] <... set_robust_list resumed>) = 0 [pid 6002] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6001] <... mkdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 6004 [pid 6002] <... openat resumed>) = 4 [pid 6001] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5051] openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5050] <... openat resumed>) = 3 [pid 6004] chdir("./158" [pid 5051] <... openat resumed>) = 3 [pid 5050] newfstatat(3, "", [pid 6004] <... chdir resumed>) = 0 [ 149.985830][ T6001] loop5: detected capacity change from 0 to 4096 [ 150.023753][ T6002] loop0: detected capacity change from 0 to 4096 [pid 6002] ioctl(4, LOOP_SET_FD, 3 [pid 5051] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 6004] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6002] <... ioctl resumed>) = 0 [pid 5050] getdents64(3, [pid 5051] umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./154/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5051] unlink("./154/binderfs") = 0 [pid 5051] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6004] <... prctl resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 6004] setpgid(0, 0 [pid 5050] umount2("./155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6004] <... setpgid resumed>) = 0 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] newfstatat(AT_FDCWD, "./155/binderfs", [pid 5051] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6004] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] newfstatat(AT_FDCWD, "./154/file0", [pid 5050] unlink("./155/binderfs" [pid 6004] <... openat resumed>) = 3 [pid 6002] close(3 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6004] write(3, "1000", 4 [pid 6002] <... close resumed>) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 6004] <... write resumed>) = 4 [pid 6002] mkdir("./file0", 0777 [pid 5051] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6004] close(3 [pid 6003] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6002] <... mkdir resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] <... umount2 resumed>) = 0 [pid 6004] <... close resumed>) = 0 [pid 5051] openat(AT_FDCWD, "./154/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6004] symlink("/dev/binderfs", "./binderfs" [ 150.032171][ T6001] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [pid 6002] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6004] <... symlink resumed>) = 0 [pid 6004] memfd_create("syzkaller", 0 [pid 5051] <... openat resumed>) = 4 [pid 6004] <... memfd_create resumed>) = 3 [pid 5051] newfstatat(4, "", [pid 6004] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6004] <... mmap resumed>) = 0x7f3b887a1000 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4) = 0 [pid 5051] rmdir("./154/file0") = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./154") = 0 [pid 5051] mkdir("./155", 0777) = 0 [pid 5050] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./155/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] openat(AT_FDCWD, "./155/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5050] close(4) = 0 [pid 5050] rmdir("./155/file0") = 0 [pid 5050] getdents64(3, 0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5051] <... openat resumed>) = 3 [pid 5050] <... close resumed>) = 0 [pid 5051] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5051] close(3) = 0 [pid 5050] rmdir("./155") = 0 [ 150.082961][ T6002] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6001] <... mount resumed>) = 0 [pid 5050] mkdir("./156", 0777 [pid 6001] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6005 attached [pid 6001] <... openat resumed>) = 3 [pid 6005] set_robust_list(0x555556629660, 24 [pid 6001] chdir("./file0" [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 6005 [pid 6005] <... set_robust_list resumed>) = 0 [pid 6001] <... chdir resumed>) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6005] chdir("./155" [pid 6001] ioctl(4, LOOP_CLR_FD [pid 6005] <... chdir resumed>) = 0 [pid 6001] <... ioctl resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 6005] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6001] close(4 [pid 6005] <... prctl resumed>) = 0 [pid 6001] <... close resumed>) = 0 [pid 5050] ioctl(3, LOOP_CLR_FD [pid 6005] setpgid(0, 0) = 0 [pid 6001] exit_group(0 [pid 5050] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 6005] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6003] <... write resumed>) = 2097152 [pid 6001] <... exit_group resumed>) = ? [pid 5050] close(3 [pid 6005] <... openat resumed>) = 3 [pid 6003] munmap(0x7f3b887a1000, 138412032 [pid 6001] +++ exited with 0 +++ [pid 5050] <... close resumed>) = 0 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6001, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6006 attached [pid 6005] write(3, "1000", 4 [pid 6006] set_robust_list(0x555556629660, 24 [pid 6005] <... write resumed>) = 4 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 6006 [pid 6006] <... set_robust_list resumed>) = 0 [pid 6005] close(3 [pid 6006] chdir("./156" [pid 6005] <... close resumed>) = 0 [pid 6006] <... chdir resumed>) = 0 [pid 6005] symlink("/dev/binderfs", "./binderfs" [pid 6003] <... munmap resumed>) = 0 [pid 6006] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6005] <... symlink resumed>) = 0 [pid 5052] umount2("./153", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6006] <... prctl resumed>) = 0 [pid 6003] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6006] setpgid(0, 0 [pid 6003] <... openat resumed>) = 4 [pid 5052] openat(AT_FDCWD, "./153", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6006] <... setpgid resumed>) = 0 [pid 6005] memfd_create("syzkaller", 0 [pid 6004] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6006] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6005] <... memfd_create resumed>) = 3 [pid 6002] <... mount resumed>) = 0 [pid 6005] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5052] <... openat resumed>) = 3 [pid 5052] newfstatat(3, "", [pid 6006] <... openat resumed>) = 3 [pid 6005] <... mmap resumed>) = 0x7f3b887a1000 [pid 6003] ioctl(4, LOOP_SET_FD, 3 [pid 6002] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6006] write(3, "1000", 4) = 4 [pid 6006] close(3) = 0 [pid 6002] <... openat resumed>) = 3 [pid 5052] getdents64(3, [pid 6006] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6002] chdir("./file0" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 6006] memfd_create("syzkaller", 0 [pid 6002] <... chdir resumed>) = 0 [pid 5052] umount2("./153/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6002] ioctl(4, LOOP_CLR_FD) = 0 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6003] <... ioctl resumed>) = 0 [pid 6003] close(3 [pid 6002] close(4 [pid 5052] newfstatat(AT_FDCWD, "./153/binderfs", [pid 6003] <... close resumed>) = 0 [pid 6002] <... close resumed>) = 0 [pid 6003] mkdir("./file0", 0777 [pid 5052] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6006] <... memfd_create resumed>) = 3 [pid 6003] <... mkdir resumed>) = 0 [pid 6002] exit_group(0) = ? [pid 5052] unlink("./153/binderfs" [pid 6003] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 5052] <... unlink resumed>) = 0 [pid 6006] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 6002] +++ exited with 0 +++ [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6002, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5052] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5052] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] umount2("./158", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./158", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6004] <... write resumed>) = 2097152 [pid 5047] <... openat resumed>) = 3 [pid 5052] newfstatat(AT_FDCWD, "./153/file0", [pid 5047] newfstatat(3, "", [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, [pid 5052] umount2("./153/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 150.197051][ T6003] loop1: detected capacity change from 0 to 4096 [ 150.224533][ T6003] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 5047] umount2("./158/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6005] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6003] <... mount resumed>) = 0 [pid 5052] openat(AT_FDCWD, "./153/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./158/binderfs", [pid 6004] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... openat resumed>) = 4 [pid 5047] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6004] <... munmap resumed>) = 0 [pid 5052] newfstatat(4, "", [pid 6004] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6003] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5052] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] unlink("./158/binderfs" [pid 6003] <... openat resumed>) = 3 [pid 6004] <... openat resumed>) = 4 [pid 6004] ioctl(4, LOOP_SET_FD, 3 [pid 6003] chdir("./file0" [pid 5047] <... unlink resumed>) = 0 [pid 5047] umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6003] <... chdir resumed>) = 0 [pid 5052] getdents64(4, [pid 6003] ioctl(4, LOOP_CLR_FD [pid 5052] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 6006] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6003] <... ioctl resumed>) = 0 [pid 5052] getdents64(4, [pid 5047] <... umount2 resumed>) = 0 [pid 5047] umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 6003] close(4) = 0 [pid 5052] close(4 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./158/file0", [pid 5052] <... close resumed>) = 0 [pid 5047] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6004] <... ioctl resumed>) = 0 [pid 6004] close(3) = 0 [pid 6004] mkdir("./file0", 0777) = 0 [pid 6004] mount("/dev/loop2", "./file0", "ntfs3", 0, "" [pid 6003] exit_group(0 [pid 5052] rmdir("./153/file0" [pid 5047] umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5052] <... rmdir resumed>) = 0 [pid 5047] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6003] <... exit_group resumed>) = ? [pid 5047] openat(AT_FDCWD, "./158/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 6003] +++ exited with 0 +++ [pid 5052] getdents64(3, [pid 5047] rmdir("./158/file0" [pid 5052] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5052] close(3 [pid 5048] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6003, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5047] getdents64(3, [pid 5048] umount2("./155", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] close(3 [pid 5048] openat(AT_FDCWD, "./155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] <... close resumed>) = 0 [pid 5048] newfstatat(3, "", [pid 5047] rmdir("./158" [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] <... rmdir resumed>) = 0 [pid 5048] getdents64(3, [pid 5047] mkdir("./159", 0777 [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 6005] <... write resumed>) = 2097152 [pid 5048] umount2("./155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5047] <... mkdir resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5052] rmdir("./153" [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5052] <... rmdir resumed>) = 0 [pid 5048] newfstatat(AT_FDCWD, "./155/binderfs", [pid 5052] mkdir("./154", 0777 [pid 5047] <... openat resumed>) = 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 5052] <... mkdir resumed>) = 0 [ 150.299855][ T6004] loop2: detected capacity change from 0 to 4096 [ 150.338065][ T6004] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [pid 5048] unlink("./155/binderfs" [pid 5052] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5052] <... openat resumed>) = 3 [pid 5048] <... unlink resumed>) = 0 [pid 5052] ioctl(3, LOOP_CLR_FD [pid 5047] close(3 [pid 6005] munmap(0x7f3b887a1000, 138412032 [pid 5052] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6005] <... munmap resumed>) = 0 [pid 5052] close(3 [pid 5047] <... close resumed>) = 0 [pid 5052] <... close resumed>) = 0 [pid 5048] <... umount2 resumed>) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5052] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6007 attached [pid 5047] <... clone resumed>, child_tidptr=0x555556629650) = 6007 [pid 6007] set_robust_list(0x555556629660, 24 [pid 6006] <... write resumed>) = 2097152 [pid 5048] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6007] <... set_robust_list resumed>) = 0 [pid 6007] chdir("./159") = 0 [pid 6005] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5048] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6007] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6005] <... openat resumed>) = 4 [pid 5048] newfstatat(AT_FDCWD, "./155/file0", [pid 6007] <... prctl resumed>) = 0 [pid 6005] ioctl(4, LOOP_SET_FD, 3 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6008 attached [pid 6008] set_robust_list(0x555556629660, 24 [pid 6007] setpgid(0, 0 [pid 6005] <... ioctl resumed>) = 0 [pid 5052] <... clone resumed>, child_tidptr=0x555556629650) = 6008 [pid 5048] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] openat(AT_FDCWD, "./155/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6007] <... setpgid resumed>) = 0 [pid 5048] <... openat resumed>) = 4 [pid 5048] newfstatat(4, "", [pid 6008] <... set_robust_list resumed>) = 0 [pid 5048] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6008] chdir("./154" [pid 6007] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5048] getdents64(4, [pid 6007] <... openat resumed>) = 3 [pid 6008] <... chdir resumed>) = 0 [pid 6007] write(3, "1000", 4 [pid 5048] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 6008] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6007] <... write resumed>) = 4 [pid 5048] getdents64(4, [pid 6008] <... prctl resumed>) = 0 [pid 6007] close(3 [pid 5048] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 6007] <... close resumed>) = 0 [pid 6006] munmap(0x7f3b887a1000, 138412032 [pid 6004] <... mount resumed>) = 0 [pid 6008] setpgid(0, 0 [pid 6007] symlink("/dev/binderfs", "./binderfs" [pid 6006] <... munmap resumed>) = 0 [pid 5048] close(4 [pid 6008] <... setpgid resumed>) = 0 [pid 6007] <... symlink resumed>) = 0 [pid 5048] <... close resumed>) = 0 [pid 6007] memfd_create("syzkaller", 0 [pid 6004] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6008] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6004] <... openat resumed>) = 3 [pid 6007] <... memfd_create resumed>) = 3 [pid 6004] chdir("./file0" [pid 5048] rmdir("./155/file0" [pid 6007] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6005] close(3 [pid 6004] <... chdir resumed>) = 0 [pid 6008] <... openat resumed>) = 3 [pid 6007] <... mmap resumed>) = 0x7f3b887a1000 [pid 6006] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6005] <... close resumed>) = 0 [pid 6004] ioctl(4, LOOP_CLR_FD [pid 5048] <... rmdir resumed>) = 0 [pid 6004] <... ioctl resumed>) = 0 [pid 6005] mkdir("./file0", 0777 [pid 6004] close(4 [pid 6008] write(3, "1000", 4 [pid 6006] <... openat resumed>) = 4 [pid 6005] <... mkdir resumed>) = 0 [pid 6004] <... close resumed>) = 0 [pid 6004] exit_group(0 [pid 6006] ioctl(4, LOOP_SET_FD, 3 [ 150.405279][ T6005] loop4: detected capacity change from 0 to 4096 [pid 6004] <... exit_group resumed>) = ? [pid 6008] <... write resumed>) = 4 [pid 6004] +++ exited with 0 +++ [pid 5048] getdents64(3, [pid 5049] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6004, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5048] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5048] close(3 [pid 6008] close(3 [pid 6005] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 5048] <... close resumed>) = 0 [pid 5049] umount2("./158", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5048] rmdir("./155" [pid 6008] <... close resumed>) = 0 [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6008] symlink("/dev/binderfs", "./binderfs" [pid 5049] openat(AT_FDCWD, "./158", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5048] <... rmdir resumed>) = 0 [pid 5049] <... openat resumed>) = 3 [pid 5048] mkdir("./156", 0777 [pid 5049] newfstatat(3, "", [pid 6008] <... symlink resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5048] <... mkdir resumed>) = 0 [pid 5049] getdents64(3, [pid 6008] memfd_create("syzkaller", 0 [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5049] umount2("./158/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5048] <... openat resumed>) = 3 [pid 5049] newfstatat(AT_FDCWD, "./158/binderfs", [pid 6006] <... ioctl resumed>) = 0 [pid 5049] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6006] close(3) = 0 [pid 5049] unlink("./158/binderfs" [pid 6006] mkdir("./file0", 0777 [pid 6008] <... memfd_create resumed>) = 3 [pid 6006] <... mkdir resumed>) = 0 [pid 5049] <... unlink resumed>) = 0 [pid 5048] ioctl(3, LOOP_CLR_FD [pid 6008] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5049] umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6006] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 5048] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5048] close(3) = 0 [ 150.450818][ T6006] loop3: detected capacity change from 0 to 4096 [ 150.466156][ T6005] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [pid 5048] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6008] <... mmap resumed>) = 0x7f3b887a1000 ./strace-static-x86_64: Process 6009 attached [pid 6009] set_robust_list(0x555556629660, 24) = 0 [pid 5048] <... clone resumed>, child_tidptr=0x555556629650) = 6009 [pid 6009] chdir("./156") = 0 [pid 6009] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6005] <... mount resumed>) = 0 [pid 6009] <... prctl resumed>) = 0 [pid 6007] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6009] setpgid(0, 0 [pid 6005] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6009] <... setpgid resumed>) = 0 [pid 6005] <... openat resumed>) = 3 [pid 6005] chdir("./file0" [pid 6009] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6005] <... chdir resumed>) = 0 [pid 6005] ioctl(4, LOOP_CLR_FD [pid 6009] <... openat resumed>) = 3 [pid 6005] <... ioctl resumed>) = 0 [pid 6009] write(3, "1000", 4 [pid 6005] close(4 [pid 6009] <... write resumed>) = 4 [pid 6005] <... close resumed>) = 0 [pid 6005] exit_group(0) = ? [pid 6005] +++ exited with 0 +++ [ 150.506695][ T6006] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [pid 6009] close(3 [pid 5051] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6005, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 6009] <... close resumed>) = 0 [pid 6009] symlink("/dev/binderfs", "./binderfs" [pid 5051] umount2("./155", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6009] <... symlink resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./155", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6009] memfd_create("syzkaller", 0 [pid 5051] <... openat resumed>) = 3 [pid 5051] newfstatat(3, "", [pid 6006] <... mount resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5051] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 6006] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6009] <... memfd_create resumed>) = 3 [pid 6006] <... openat resumed>) = 3 [pid 5051] umount2("./155/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... umount2 resumed>) = 0 [pid 6009] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 6006] chdir("./file0" [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6006] <... chdir resumed>) = 0 [pid 5049] umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6006] ioctl(4, LOOP_CLR_FD [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6006] <... ioctl resumed>) = 0 [pid 5049] newfstatat(AT_FDCWD, "./158/file0", [pid 6006] close(4 [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6006] <... close resumed>) = 0 [pid 6006] exit_group(0 [pid 5049] umount2("./158/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6006] <... exit_group resumed>) = ? [pid 5049] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6006] +++ exited with 0 +++ [pid 5049] openat(AT_FDCWD, "./158/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5050] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6006, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5049] newfstatat(4, "", [pid 5051] newfstatat(AT_FDCWD, "./155/binderfs", [pid 5050] umount2("./156", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6008] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5051] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(4, [pid 5051] unlink("./155/binderfs") = 0 [pid 5051] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6009] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6007] <... write resumed>) = 2097152 [pid 5050] openat(AT_FDCWD, "./156", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5049] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 5051] <... umount2 resumed>) = 0 [pid 5050] <... openat resumed>) = 3 [pid 5049] getdents64(4, [pid 5051] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(3, "", [pid 5049] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] newfstatat(AT_FDCWD, "./155/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5049] close(4 [pid 5051] umount2("./155/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5050] getdents64(3, [pid 5049] <... close resumed>) = 0 [pid 5051] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5051] openat(AT_FDCWD, "./155/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6007] munmap(0x7f3b887a1000, 138412032 [pid 5051] <... openat resumed>) = 4 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5049] rmdir("./158/file0" [pid 5051] newfstatat(4, "", [pid 6007] <... munmap resumed>) = 0 [pid 5051] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5050] umount2("./156/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5051] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5049] getdents64(3, [pid 5051] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5051] close(4 [pid 5050] newfstatat(AT_FDCWD, "./156/binderfs", [pid 5049] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] rmdir("./155/file0") = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5049] close(3 [pid 5051] getdents64(3, [pid 5050] unlink("./156/binderfs" [pid 5049] <... close resumed>) = 0 [pid 5051] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] <... unlink resumed>) = 0 [pid 5049] rmdir("./158" [pid 5050] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5049] <... rmdir resumed>) = 0 [pid 5051] close(3) = 0 [pid 5051] rmdir("./155" [pid 6007] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5051] <... rmdir resumed>) = 0 [pid 5049] mkdir("./159", 0777 [pid 6007] <... openat resumed>) = 4 [pid 5051] mkdir("./156", 0777 [pid 6007] ioctl(4, LOOP_SET_FD, 3 [pid 5051] <... mkdir resumed>) = 0 [pid 5051] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5049] <... mkdir resumed>) = 0 [pid 5049] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5049] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5049] close(3) = 0 [pid 5049] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6007] <... ioctl resumed>) = 0 [pid 6007] close(3) = 0 [pid 6007] mkdir("./file0", 0777) = 0 ./strace-static-x86_64: Process 6010 attached [pid 6007] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6010] set_robust_list(0x555556629660, 24 [pid 5049] <... clone resumed>, child_tidptr=0x555556629650) = 6010 [pid 5051] <... openat resumed>) = 3 [pid 5051] ioctl(3, LOOP_CLR_FD [pid 6010] <... set_robust_list resumed>) = 0 [pid 6010] chdir("./159" [pid 5051] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5051] close(3 [pid 6010] <... chdir resumed>) = 0 [pid 5051] <... close resumed>) = 0 [pid 5051] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6010] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6010] setpgid(0, 0) = 0 [pid 6010] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6009] <... write resumed>) = 2097152 [pid 6010] <... openat resumed>) = 3 [pid 6010] write(3, "1000", 4) = 4 [pid 6010] close(3) = 0 [pid 6010] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6010] memfd_create("syzkaller", 0) = 3 [pid 5051] <... clone resumed>, child_tidptr=0x555556629650) = 6011 [pid 6010] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6011 attached [pid 6011] set_robust_list(0x555556629660, 24 [pid 6010] <... mmap resumed>) = 0x7f3b887a1000 [pid 6011] <... set_robust_list resumed>) = 0 [pid 6011] chdir("./156" [pid 6008] <... write resumed>) = 2097152 [pid 6009] munmap(0x7f3b887a1000, 138412032 [pid 6011] <... chdir resumed>) = 0 [pid 6009] <... munmap resumed>) = 0 [pid 5050] <... umount2 resumed>) = 0 [pid 6011] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6011] setpgid(0, 0 [ 150.694298][ T6007] loop0: detected capacity change from 0 to 4096 [ 150.721114][ T6007] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [pid 5050] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6011] <... setpgid resumed>) = 0 [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5050] newfstatat(AT_FDCWD, "./156/file0", [pid 6011] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6008] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6011] <... openat resumed>) = 3 [pid 6009] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6008] <... munmap resumed>) = 0 [pid 6007] <... mount resumed>) = 0 [pid 5050] umount2("./156/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6011] write(3, "1000", 4 [pid 6009] <... openat resumed>) = 4 [pid 6007] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5050] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6011] <... write resumed>) = 4 [pid 6009] ioctl(4, LOOP_SET_FD, 3 [pid 6008] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 6007] <... openat resumed>) = 3 [pid 5050] openat(AT_FDCWD, "./156/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6011] close(3) = 0 [pid 5050] <... openat resumed>) = 4 [pid 6011] symlink("/dev/binderfs", "./binderfs" [pid 5050] newfstatat(4, "", [pid 6007] chdir("./file0" [pid 6011] <... symlink resumed>) = 0 [pid 6008] <... openat resumed>) = 4 [pid 6007] <... chdir resumed>) = 0 [pid 5050] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6010] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6008] ioctl(4, LOOP_SET_FD, 3 [pid 6007] ioctl(4, LOOP_CLR_FD [pid 5050] getdents64(4, [pid 6007] <... ioctl resumed>) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 2 entries */, 32768) = 48 [pid 6011] memfd_create("syzkaller", 0 [pid 6007] close(4) = 0 [pid 6007] exit_group(0 [pid 6009] <... ioctl resumed>) = 0 [pid 6007] <... exit_group resumed>) = ? [pid 6007] +++ exited with 0 +++ [pid 6009] close(3) = 0 [pid 6009] mkdir("./file0", 0777 [pid 5047] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6007, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 6009] <... mkdir resumed>) = 0 [pid 6011] <... memfd_create resumed>) = 3 [pid 5050] getdents64(4, [pid 6011] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6009] mount("/dev/loop1", "./file0", "ntfs3", 0, "" [pid 6008] <... ioctl resumed>) = 0 [pid 6011] <... mmap resumed>) = 0x7f3b887a1000 [pid 6008] close(3) = 0 [pid 5050] <... getdents64 resumed>0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] umount2("./159", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./159", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5047] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5047] umount2("./159/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./159/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] unlink("./159/binderfs") = 0 [pid 5047] umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6008] mkdir("./file0", 0777) = 0 [ 150.790618][ T6009] loop1: detected capacity change from 0 to 4096 [ 150.802175][ T6008] loop5: detected capacity change from 0 to 4096 [ 150.830119][ T6009] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [pid 6008] mount("/dev/loop5", "./file0", "ntfs3", 0, "" [pid 5050] close(4 [pid 5047] <... umount2 resumed>) = 0 [pid 5050] <... close resumed>) = 0 [pid 5047] umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] newfstatat(AT_FDCWD, "./159/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5047] umount2("./159/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5047] openat(AT_FDCWD, "./159/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6010] <... write resumed>) = 2097152 [pid 5050] rmdir("./156/file0" [pid 5047] <... openat resumed>) = 4 [pid 5047] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5047] getdents64(4, 0x555556632730 /* 2 entries */, 32768) = 48 [pid 5047] getdents64(4, 0x555556632730 /* 0 entries */, 32768) = 0 [pid 5047] close(4) = 0 [pid 5047] rmdir("./159/file0") = 0 [pid 5047] getdents64(3, [pid 5050] <... rmdir resumed>) = 0 [pid 5047] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5047] close(3) = 0 [pid 5047] rmdir("./159" [pid 5050] getdents64(3, [pid 5047] <... rmdir resumed>) = 0 [pid 5050] <... getdents64 resumed>0x55555662a6f0 /* 0 entries */, 32768) = 0 [pid 5050] close(3 [pid 5047] mkdir("./160", 0777 [pid 5050] <... close resumed>) = 0 [pid 5047] <... mkdir resumed>) = 0 [pid 5050] rmdir("./156" [pid 5047] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6010] munmap(0x7f3b887a1000, 138412032 [pid 5050] <... rmdir resumed>) = 0 [pid 5050] mkdir("./157", 0777) = 0 [pid 5050] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5050] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5050] close(3) = 0 [pid 5050] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6012 attached [pid 6012] set_robust_list(0x555556629660, 24) = 0 [pid 6012] chdir("./157" [pid 6010] <... munmap resumed>) = 0 [ 150.850214][ T6008] ntfs3: loop5: Different NTFS sector size (1024) and media sector size (512). [ 150.887877][ C1] ================================================================== [ 150.895986][ C1] BUG: KASAN: out-of-bounds in end_buffer_read_sync+0xc1/0xd0 [ 150.903489][ C1] Write of size 4 at addr ffffc90005557740 by task ksoftirqd/1/22 [ 150.911319][ C1] [ 150.913654][ C1] CPU: 1 PID: 22 Comm: ksoftirqd/1 Not tainted 6.6.0-syzkaller-10396-g4652b8e4f3ff #0 [ 150.923214][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 150.933285][ C1] Call Trace: [ 150.936578][ C1] [ 150.939525][ C1] dump_stack_lvl+0x1e7/0x2d0 [ 150.944245][ C1] ? nf_tcp_handle_invalid+0x650/0x650 [ 150.949735][ C1] ? panic+0x770/0x770 [ 150.953838][ C1] ? _printk+0xd5/0x120 [ 150.958030][ C1] print_report+0x163/0x540 [ 150.962559][ C1] ? wake_up_bit+0x226/0x2c0 [ 150.967192][ C1] ? bio_uninit+0x56/0x3b0 [ 150.971629][ C1] ? __virt_addr_valid+0xbd/0x2e0 [ 150.976680][ C1] ? end_buffer_read_sync+0xc1/0xd0 [ 150.981903][ C1] kasan_report+0x175/0x1b0 [ 150.986427][ C1] ? end_buffer_read_sync+0xc1/0xd0 [ 150.991651][ C1] ? __wait_on_buffer+0x90/0x90 [ 150.996528][ C1] kasan_check_range+0x27e/0x290 [ 151.001476][ C1] end_buffer_read_sync+0xc1/0xd0 [ 151.006519][ C1] end_bio_bh_io_sync+0xb7/0x110 [ 151.011490][ C1] blk_update_request+0x53f/0x1020 [ 151.016639][ C1] ? print_irqtrace_events+0x220/0x220 [ 151.022124][ C1] blk_mq_end_request+0x3e/0x70 [ 151.027005][ C1] blk_done_softirq+0x103/0x150 [ 151.031880][ C1] __do_softirq+0x2bf/0x93a [ 151.036412][ C1] ? run_ksoftirqd+0xc5/0x120 [ 151.041112][ C1] ? __lock_text_end+0xc/0xc [ 151.045734][ C1] run_ksoftirqd+0xc5/0x120 [ 151.050255][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 151.055470][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 151.060683][ C1] smpboot_thread_fn+0x530/0x9f0 [ 151.063673][ T6011] loop4: detected capacity change from 0 to 4096 [ 151.065625][ C1] ? smpboot_thread_fn+0x4e/0x9f0 [ 151.065661][ C1] kthread+0x2d3/0x370 [ 151.081066][ C1] ? smpboot_unregister_percpu_thread+0x130/0x130 [ 151.087514][ C1] ? kthread_blkcg+0xd0/0xd0 [ 151.090384][ T6011] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 151.092106][ C1] ret_from_fork+0x48/0x80 [ 151.092135][ C1] ? kthread_blkcg+0xd0/0xd0 [ 151.110062][ C1] ret_from_fork_asm+0x11/0x20 [ 151.114862][ C1] [ 151.117894][ C1] [ 151.120223][ C1] The buggy address belongs to the virtual mapping at [ 151.120223][ C1] [ffffc90005550000, ffffc90005559000) created by: [ 151.120223][ C1] copy_process+0x5d1/0x4170 [ 151.137864][ C1] [ 151.140195][ C1] The buggy address belongs to the physical page: [ 151.146620][ C1] page:ffffea00007e2fc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1f8bf [ 151.156797][ C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 151.157324][ T6012] loop3: detected capacity change from 0 to 4096 [ 151.163899][ C1] page_type: 0xffffffff() [ 151.163917][ C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 151.163934][ C1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 151.163943][ C1] page dumped because: kasan: bad access detected [ 151.163951][ C1] page_owner tracks the page as allocated [ 151.163956][ C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5048, tgid 5048 (syz-executor323), ts 149932252708, free_ts 149900106666 [ 151.214984][ T6012] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 151.223475][ C1] post_alloc_hook+0x1e6/0x210 [ 151.223508][ C1] get_page_from_freelist+0x31db/0x3360 [ 151.223531][ C1] __alloc_pages+0x255/0x670 [pid 6012] <... chdir resumed>) = 0 [pid 6012] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6012] setpgid(0, 0) = 0 [pid 6012] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6012] write(3, "1000", 4) = 4 [pid 6012] close(3) = 0 [pid 6012] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6012] memfd_create("syzkaller", 0) = 3 [pid 6008] <... mount resumed>) = 0 [pid 6008] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6012] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6011] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6008] chdir("./file0" [pid 6012] <... mmap resumed>) = 0x7f3b887a1000 [pid 6008] <... chdir resumed>) = 0 [pid 6008] ioctl(4, LOOP_CLR_FD) = 0 [pid 6008] close(4) = 0 [pid 6008] exit_group(0) = ? [pid 6008] +++ exited with 0 +++ [pid 6011] <... write resumed>) = 2097152 [pid 6011] munmap(0x7f3b887a1000, 138412032 [pid 6012] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6011] <... munmap resumed>) = 0 [pid 6011] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5047] <... openat resumed>) = 3 [pid 6011] <... openat resumed>) = 4 [pid 5047] ioctl(3, LOOP_CLR_FD [pid 6011] ioctl(4, LOOP_SET_FD, 3 [pid 5047] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5047] close(3) = 0 [pid 5047] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556629650) = 6013 [pid 6011] <... ioctl resumed>) = 0 [pid 6011] close(3) = 0 [pid 6011] mkdir("./file0", 0777./strace-static-x86_64: Process 6013 attached ) = 0 [pid 6013] set_robust_list(0x555556629660, 24 [pid 6011] mount("/dev/loop4", "./file0", "ntfs3", 0, "" [pid 6013] <... set_robust_list resumed>) = 0 [pid 6013] chdir("./160") = 0 [pid 6013] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6013] setpgid(0, 0) = 0 [pid 6013] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6013] write(3, "1000", 4) = 4 [pid 6013] close(3) = 0 [pid 6013] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6013] memfd_create("syzkaller", 0) = 3 [pid 6013] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f3b887a1000 [pid 6012] <... write resumed>) = 2097152 [pid 6012] munmap(0x7f3b887a1000, 138412032) = 0 [pid 6012] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6012] ioctl(4, LOOP_SET_FD, 3 [pid 6013] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6012] <... ioctl resumed>) = 0 [pid 6012] close(3) = 0 [pid 6012] mkdir("./file0", 0777 [pid 5050] <... clone resumed>, child_tidptr=0x555556629650) = 6012 [pid 6012] <... mkdir resumed>) = 0 [pid 6012] mount("/dev/loop3", "./file0", "ntfs3", 0, "" [pid 6013] <... write resumed>) = 2097152 [pid 6013] munmap(0x7f3b887a1000, 138412032) = 0 [pid 6010] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6013] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6010] <... openat resumed>) = 4 [pid 5052] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6008, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6013] ioctl(4, LOOP_SET_FD, 3 [pid 6010] ioctl(4, LOOP_SET_FD, 3 [pid 5052] umount2("./154", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] openat(AT_FDCWD, "./154", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 151.223553][ C1] __vmalloc_node_range+0x9a3/0x1490 [ 151.252673][ C1] dup_task_struct+0x3e5/0x7d0 [ 151.257465][ C1] copy_process+0x5d1/0x4170 [ 151.262076][ C1] kernel_clone+0x222/0x840 [ 151.266600][ C1] __x64_sys_clone+0x258/0x2a0 [ 151.269321][ T6013] loop0: detected capacity change from 0 to 4096 [ 151.271365][ C1] do_syscall_64+0x44/0x110 [ 151.279044][ T6010] loop2: detected capacity change from 0 to 4096 [ 151.282154][ C1] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 151.282182][ C1] page last free stack trace: [pid 5052] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5052] getdents64(3, 0x55555662a6f0 /* 4 entries */, 32768) = 112 [pid 5052] umount2("./154/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5052] newfstatat(AT_FDCWD, "./154/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5052] unlink("./154/binderfs") = 0 [pid 5052] umount2("./154/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 6013] <... ioctl resumed>) = 0 [pid 6013] close(3) = 0 [pid 6013] mkdir("./file0", 0777) = 0 [pid 6013] mount("/dev/loop0", "./file0", "ntfs3", 0, "" [pid 6010] <... ioctl resumed>) = 0 [ 151.282188][ C1] free_unref_page_prepare+0x8c3/0x9f0 [ 151.282215][ C1] free_unref_page_list+0x596/0x830 [ 151.304290][ T6013] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 151.304495][ C1] release_pages+0x2113/0x23f0 [ 151.304523][ C1] __folio_batch_release+0x84/0x100 [ 151.304543][ C1] truncate_inode_pages_range+0x45d/0x11a0 [ 151.334391][ C1] blkdev_flush_mapping+0x15a/0x2b0 [ 151.335701][ T6010] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 151.339586][ C1] blkdev_put+0x4a9/0x770 [ 151.339607][ C1] bdev_release+0x57/0x70 [ 151.339623][ C1] ntfs3_kill_sb+0x44/0x1b0 [ 151.339642][ C1] deactivate_locked_super+0xa4/0x110 [ 151.367025][ C1] cleanup_mnt+0x426/0x4c0 [ 151.371457][ C1] task_work_run+0x24a/0x300 [ 151.376056][ C1] ptrace_notify+0x2cd/0x380 [ 151.380628][ C1] syscall_exit_to_user_mode+0x15c/0x280 [ 151.386245][ C1] do_syscall_64+0x50/0x110 [ 151.390730][ C1] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 151.396621][ C1] [ 151.398947][ C1] Memory state around the buggy address: [ 151.404570][ C1] ffffc90005557600: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 151.412610][ C1] ffffc90005557680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 151.420654][ C1] >ffffc90005557700: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 [ 151.428694][ C1] ^ [ 151.435088][ C1] ffffc90005557780: 00 f3 f3 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 [ 151.443133][ C1] ffffc90005557800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 151.451180][ C1] ================================================================== [ 151.459336][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 151.466542][ C1] CPU: 1 PID: 22 Comm: ksoftirqd/1 Not tainted 6.6.0-syzkaller-10396-g4652b8e4f3ff #0 [ 151.476097][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 [ 151.486156][ C1] Call Trace: [ 151.489418][ C1] [ 151.492337][ C1] dump_stack_lvl+0x1e7/0x2d0 [ 151.497033][ C1] ? nf_tcp_handle_invalid+0x650/0x650 [ 151.502515][ C1] ? panic+0x770/0x770 [ 151.506597][ C1] ? vscnprintf+0x5d/0x80 [ 151.510906][ C1] panic+0x30f/0x770 [ 151.514799][ C1] ? check_panic_on_warn+0x21/0xa0 [ 151.519920][ C1] ? __memcpy_flushcache+0x2b0/0x2b0 [ 151.525190][ C1] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 151.531081][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 151.537007][ C1] ? _raw_spin_unlock+0x40/0x40 [ 151.541881][ C1] ? print_report+0x4fb/0x540 [ 151.546561][ C1] check_panic_on_warn+0x82/0xa0 [ 151.551482][ C1] ? end_buffer_read_sync+0xc1/0xd0 [ 151.556671][ C1] end_report+0x6e/0x130 [ 151.560926][ C1] kasan_report+0x186/0x1b0 [ 151.565433][ C1] ? end_buffer_read_sync+0xc1/0xd0 [ 151.570615][ C1] ? __wait_on_buffer+0x90/0x90 [ 151.575455][ C1] kasan_check_range+0x27e/0x290 [ 151.580380][ C1] end_buffer_read_sync+0xc1/0xd0 [ 151.585387][ C1] end_bio_bh_io_sync+0xb7/0x110 [ 151.590325][ C1] blk_update_request+0x53f/0x1020 [ 151.595464][ C1] ? print_irqtrace_events+0x220/0x220 [ 151.600915][ C1] blk_mq_end_request+0x3e/0x70 [ 151.605751][ C1] blk_done_softirq+0x103/0x150 [ 151.610598][ C1] __do_softirq+0x2bf/0x93a [ 151.615126][ C1] ? run_ksoftirqd+0xc5/0x120 [ 151.619816][ C1] ? __lock_text_end+0xc/0xc [ 151.624408][ C1] run_ksoftirqd+0xc5/0x120 [ 151.628916][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 151.634103][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 151.639299][ C1] smpboot_thread_fn+0x530/0x9f0 [ 151.644249][ C1] ? smpboot_thread_fn+0x4e/0x9f0 [ 151.649264][ C1] kthread+0x2d3/0x370 [ 151.653315][ C1] ? smpboot_unregister_percpu_thread+0x130/0x130 [ 151.659729][ C1] ? kthread_blkcg+0xd0/0xd0 [ 151.664327][ C1] ret_from_fork+0x48/0x80 [ 151.668730][ C1] ? kthread_blkcg+0xd0/0xd0 [ 151.673314][ C1] ret_from_fork_asm+0x11/0x20 [ 151.678113][ C1] [ 151.681345][ C1] Kernel Offset: disabled [ 151.685655][ C1] Rebooting in 86400 seconds..