./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2324266720 <...> 1] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5628] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5627] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5621] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [ 122.444166][ T5624] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 122.451780][ T5621] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 122.474305][ T5627] loop0: detected capacity change from 0 to 4096 [ 122.474525][ T5625] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5628] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5621] <... futex resumed>) = 1 [pid 5620] <... futex resumed>) = 0 [pid 5628] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5621] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5628] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5628] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5628] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5628] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5629 attached => {parent_tid=[5629]}, 88) = 5629 [pid 5629] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5628] rt_sigprocmask(SIG_SETMASK, [], [pid 5629] <... rseq resumed>) = 0 [pid 5628] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5629] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5628] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5620] exit_group(0 [pid 5629] <... set_robust_list resumed>) = 0 [pid 5629] rt_sigprocmask(SIG_SETMASK, [], [pid 5628] <... futex resumed>) = 0 [pid 5621] <... futex resumed>) = ? [pid 5620] <... exit_group resumed>) = ? [pid 5629] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5628] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5621] +++ exited with 0 +++ [pid 5620] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5620, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5629] memfd_create("syzkaller", 0 [pid 5089] umount2("./51", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5629] <... memfd_create resumed>) = 3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 122.516544][ T5627] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 122.556532][ T5625] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5089] openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5629] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... openat resumed>) = 3 [pid 5629] <... mmap resumed>) = 0x7f1df2200000 [pid 5625] <... mount resumed>) = 0 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5625] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5089] getdents64(3, [pid 5625] chdir("./file0") = 0 [pid 5625] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5625] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] umount2("./51/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5625] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5624] <... mount resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./51/binderfs", [pid 5625] <... futex resumed>) = 1 [pid 5623] <... futex resumed>) = 0 [pid 5625] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5623] exit_group(0 [pid 5089] unlink("./51/binderfs") = 0 [ 122.557449][ T5624] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5089] umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5625] <... futex resumed>) = ? [pid 5624] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5623] <... exit_group resumed>) = ? [pid 5625] +++ exited with 0 +++ [pid 5624] <... openat resumed>) = 3 [pid 5089] <... umount2 resumed>) = 0 [pid 5624] chdir("./file0") = 0 [pid 5629] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5624] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5623] +++ exited with 0 +++ [pid 5089] umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5623, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5624] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5624] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] newfstatat(AT_FDCWD, "./51/file0", [pid 5624] <... futex resumed>) = 1 [pid 5622] <... futex resumed>) = 0 [pid 5624] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5622] exit_group(0 [pid 5624] <... futex resumed>) = ? [pid 5622] <... exit_group resumed>) = ? [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5624] +++ exited with 0 +++ [pid 5622] +++ exited with 0 +++ [pid 5089] umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5622, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5089] <... openat resumed>) = 4 [pid 5088] <... openat resumed>) = 3 [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5089] newfstatat(4, "", [pid 5088] newfstatat(3, "", [pid 5086] <... restart_syscall resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, [pid 5088] getdents64(3, [pid 5086] umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] close(4 [pid 5086] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... close resumed>) = 0 [pid 5629] <... write resumed>) = 2097152 [pid 5627] <... mount resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... openat resumed>) = 3 [pid 5089] rmdir("./51/file0" [pid 5629] munmap(0x7f1df2200000, 138412032 [pid 5627] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(3, "", [pid 5627] <... openat resumed>) = 3 [pid 5089] <... rmdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5627] chdir("./file0" [pid 5089] getdents64(3, [pid 5088] newfstatat(AT_FDCWD, "./52/binderfs", [pid 5086] getdents64(3, [pid 5627] <... chdir resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5627] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] close(3 [pid 5088] unlink("./52/binderfs" [pid 5086] umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5627] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... close resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5627] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] newfstatat(AT_FDCWD, "./52/binderfs", [pid 5627] <... futex resumed>) = 1 [pid 5626] <... futex resumed>) = 0 [pid 5089] rmdir("./51" [pid 5088] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5627] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5626] exit_group(0 [pid 5086] unlink("./52/binderfs" [pid 5627] <... futex resumed>) = ? [pid 5626] <... exit_group resumed>) = ? [pid 5089] <... rmdir resumed>) = 0 [pid 5086] <... unlink resumed>) = 0 [pid 5629] <... munmap resumed>) = 0 [pid 5627] +++ exited with 0 +++ [pid 5086] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] mkdir("./52", 0777 [pid 5629] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5626] +++ exited with 0 +++ [pid 5089] <... mkdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5626, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5629] <... openat resumed>) = 4 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5629] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... openat resumed>) = 3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 122.637322][ T5627] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5086] newfstatat(AT_FDCWD, "./52/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5629] <... ioctl resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] newfstatat(AT_FDCWD, "./52/file0", [pid 5085] umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5629] close(3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5629] <... close resumed>) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5629] close(4) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5629] mkdir("./file0", 0777) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5629] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] newfstatat(4, "", [pid 5085] newfstatat(3, "", [pid 5088] <... openat resumed>) = 4 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, [pid 5086] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] newfstatat(4, "", [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] getdents64(4, [pid 5085] umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(4 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] rmdir("./52/file0" [pid 5085] newfstatat(AT_FDCWD, "./52/binderfs", [pid 5086] <... rmdir resumed>) = 0 [pid 5088] getdents64(4, [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4 [pid 5085] unlink("./52/binderfs" [pid 5088] <... close resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./52") = 0 [pid 5088] rmdir("./52/file0") = 0 [pid 5086] mkdir("./53", 0777) = 0 [pid 5085] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] close(3 [pid 5086] <... openat resumed>) = 3 [pid 5088] <... close resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] <... umount2 resumed>) = 0 [pid 5088] rmdir("./52") = 0 [ 122.696197][ T5629] loop2: detected capacity change from 0 to 4096 [ 122.728284][ T5629] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5630 attached [pid 5085] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5630] set_robust_list(0x555580b0d6a0, 24 [pid 5088] mkdir("./53", 0777 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5630] <... set_robust_list resumed>) = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./52/file0", [pid 5630] chdir("./52" [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5630] <... chdir resumed>) = 0 [pid 5085] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5630] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5630] <... prctl resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5630] setpgid(0, 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... openat resumed>) = 4 [pid 5630] <... setpgid resumed>) = 0 [pid 5085] newfstatat(4, "", [pid 5630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5630 [pid 5088] <... openat resumed>) = 3 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5085] getdents64(4, [pid 5630] <... openat resumed>) = 3 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5630] write(3, "1000", 4 [pid 5085] getdents64(4, [pid 5630] <... write resumed>) = 4 [pid 5630] close(3 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5630] <... close resumed>) = 0 [pid 5629] <... mount resumed>) = 0 [pid 5085] close(4 [pid 5630] symlink("/dev/binderfs", "./binderfs" [pid 5629] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... close resumed>) = 0 executing program [pid 5085] rmdir("./52/file0" [pid 5630] <... symlink resumed>) = 0 [pid 5630] write(1, "executing program\n", 18 [pid 5629] <... openat resumed>) = 3 [pid 5085] <... rmdir resumed>) = 0 [pid 5630] <... write resumed>) = 18 [pid 5629] chdir("./file0" [pid 5085] getdents64(3, [pid 5630] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5629] <... chdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5630] <... futex resumed>) = 0 [pid 5629] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] close(3 [pid 5630] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5629] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] <... close resumed>) = 0 [pid 5630] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5629] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] rmdir("./52" [pid 5630] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5629] <... futex resumed>) = 1 [pid 5630] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5630] <... mmap resumed>) = 0x7f1dfa693000 [pid 5629] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5628] <... futex resumed>) = 0 [pid 5085] mkdir("./53", 0777 [pid 5630] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5628] exit_group(0) = ? [pid 5629] <... futex resumed>) = ? [pid 5085] <... mkdir resumed>) = 0 [pid 5630] <... mprotect resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5630] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5630] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5629] +++ exited with 0 +++ [pid 5628] +++ exited with 0 +++ [ 122.791672][ T5629] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5630] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5628, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- ./strace-static-x86_64: Process 5631 attached [pid 5631] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5630] <... clone3 resumed> => {parent_tid=[5631]}, 88) = 5631 [pid 5631] <... rseq resumed>) = 0 [pid 5630] rt_sigprocmask(SIG_SETMASK, [], [pid 5631] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5630] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5631] <... set_robust_list resumed>) = 0 [pid 5630] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5631] rt_sigprocmask(SIG_SETMASK, [], [pid 5630] <... futex resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5631] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5630] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] close(3 [pid 5088] <... ioctl resumed>) = 0 [pid 5631] memfd_create("syzkaller", 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] <... close resumed>) = 0 [pid 5088] close(3) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5632 attached [pid 5632] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5087] newfstatat(3, "", [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5632] chdir("./53") = 0 ./strace-static-x86_64: Process 5633 attached [pid 5631] <... memfd_create resumed>) = 3 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5632 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5633] set_robust_list(0x555580b0d6a0, 24 [pid 5087] getdents64(3, [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5633 [pid 5633] <... set_robust_list resumed>) = 0 [pid 5632] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] close(3 [pid 5633] chdir("./53" [pid 5632] <... prctl resumed>) = 0 [pid 5631] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5633] <... chdir resumed>) = 0 [pid 5632] setpgid(0, 0 [pid 5087] umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... close resumed>) = 0 [pid 5633] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] newfstatat(AT_FDCWD, "./52/binderfs", [pid 5633] <... prctl resumed>) = 0 [pid 5632] <... setpgid resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5633] setpgid(0, 0 [pid 5632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5634 [pid 5087] unlink("./52/binderfs"./strace-static-x86_64: Process 5634 attached [pid 5634] set_robust_list(0x555580b0d6a0, 24 [pid 5633] <... setpgid resumed>) = 0 [pid 5632] <... openat resumed>) = 3 [pid 5087] <... unlink resumed>) = 0 [pid 5634] <... set_robust_list resumed>) = 0 [pid 5633] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5632] write(3, "1000", 4 [pid 5634] chdir("./53" [pid 5633] <... openat resumed>) = 3 [pid 5632] <... write resumed>) = 4 [pid 5087] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5634] <... chdir resumed>) = 0 [pid 5633] write(3, "1000", 4 [pid 5632] close(3 [pid 5633] <... write resumed>) = 4 [pid 5632] <... close resumed>) = 0 [pid 5633] close(3 [pid 5632] symlink("/dev/binderfs", "./binderfs" [pid 5633] <... close resumed>) = 0 [pid 5632] <... symlink resumed>) = 0 [pid 5633] symlink("/dev/binderfs", "./binderfs" [pid 5634] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5633] <... symlink resumed>) = 0 executing program [pid 5632] write(1, "executing program\n", 18 executing program [pid 5634] <... prctl resumed>) = 0 [pid 5633] write(1, "executing program\n", 18 [pid 5632] <... write resumed>) = 18 [pid 5634] setpgid(0, 0 [pid 5633] <... write resumed>) = 18 [pid 5632] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... umount2 resumed>) = 0 [pid 5634] <... setpgid resumed>) = 0 [pid 5633] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5632] <... futex resumed>) = 0 [pid 5087] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5634] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5633] <... futex resumed>) = 0 [pid 5632] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5633] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5632] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5634] <... openat resumed>) = 3 [pid 5632] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5632] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5633] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5633] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5632] <... mmap resumed>) = 0x7f1dfa693000 [pid 5633] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5632] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5633] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5632] <... mprotect resumed>) = 0 [pid 5633] <... mprotect resumed>) = 0 [pid 5632] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5633] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5632] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5632] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5634] write(3, "1000", 4 [pid 5087] newfstatat(AT_FDCWD, "./52/file0", [pid 5634] <... write resumed>) = 4 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5634] close(3 [pid 5087] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5634] <... close resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5634] symlink("/dev/binderfs", "./binderfs" [pid 5087] openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5635 attached [pid 5633] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5632] <... clone3 resumed> => {parent_tid=[5635]}, 88) = 5635 [pid 5087] <... openat resumed>) = 4 [pid 5634] <... symlink resumed>) = 0 [pid 5633] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5632] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] newfstatat(4, "", executing program [pid 5634] write(1, "executing program\n", 18 [pid 5632] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5636 attached [pid 5635] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5634] <... write resumed>) = 18 [pid 5633] <... clone3 resumed> => {parent_tid=[5636]}, 88) = 5636 [pid 5632] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5636] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5635] <... rseq resumed>) = 0 [pid 5634] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5633] rt_sigprocmask(SIG_SETMASK, [], [pid 5636] <... rseq resumed>) = 0 [pid 5634] <... futex resumed>) = 0 [pid 5087] getdents64(4, [pid 5635] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5633] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5632] <... futex resumed>) = 0 [pid 5635] <... set_robust_list resumed>) = 0 [pid 5633] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5635] rt_sigprocmask(SIG_SETMASK, [], [pid 5632] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5635] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5633] <... futex resumed>) = 0 [pid 5635] memfd_create("syzkaller", 0 [pid 5633] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5635] <... memfd_create resumed>) = 3 [pid 5635] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5636] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5634] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5636] <... set_robust_list resumed>) = 0 [pid 5634] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5634] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] getdents64(4, [pid 5636] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5635] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] close(4 [pid 5636] memfd_create("syzkaller", 0 [pid 5634] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... close resumed>) = 0 [pid 5634] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] rmdir("./52/file0" [pid 5636] <... memfd_create resumed>) = 3 [pid 5634] <... mmap resumed>) = 0x7f1dfa693000 [pid 5631] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] <... rmdir resumed>) = 0 [pid 5636] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5634] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] getdents64(3, [pid 5636] <... mmap resumed>) = 0x7f1df2200000 [pid 5634] <... mprotect resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3 [pid 5634] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./52") = 0 [pid 5634] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] mkdir("./53", 0777 [pid 5634] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5637 attached [pid 5637] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5634] <... clone3 resumed> => {parent_tid=[5637]}, 88) = 5637 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5637] <... rseq resumed>) = 0 [pid 5634] rt_sigprocmask(SIG_SETMASK, [], [pid 5637] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5634] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5637] <... set_robust_list resumed>) = 0 [pid 5634] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5637] rt_sigprocmask(SIG_SETMASK, [], [pid 5634] <... futex resumed>) = 0 [pid 5637] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5636] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5634] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5637] memfd_create("syzkaller", 0 [pid 5635] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5637] <... memfd_create resumed>) = 3 [pid 5637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5631] <... write resumed>) = 2097152 [pid 5631] munmap(0x7f1df2200000, 138412032) = 0 [pid 5636] <... write resumed>) = 2097152 [pid 5631] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5631] ioctl(4, LOOP_SET_FD, 3 [pid 5636] munmap(0x7f1df2200000, 138412032) = 0 [pid 5635] <... write resumed>) = 2097152 [pid 5631] <... ioctl resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5631] close(3 [pid 5637] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5631] <... close resumed>) = 0 [pid 5631] close(4 [pid 5636] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5631] <... close resumed>) = 0 [pid 5636] <... openat resumed>) = 4 [pid 5631] mkdir("./file0", 0777) = 0 [pid 5636] ioctl(4, LOOP_SET_FD, 3 [pid 5635] munmap(0x7f1df2200000, 138412032 [pid 5631] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] close(3 [pid 5636] <... ioctl resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5636] close(3 [pid 5635] <... munmap resumed>) = 0 [ 123.077114][ T5631] loop4: detected capacity change from 0 to 4096 [ 123.110213][ T5636] loop1: detected capacity change from 0 to 4096 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5636] <... close resumed>) = 0 [pid 5636] close(4) = 0 [pid 5636] mkdir("./file0", 0777./strace-static-x86_64: Process 5638 attached ) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5638 [pid 5638] set_robust_list(0x555580b0d6a0, 24 [pid 5636] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5638] <... set_robust_list resumed>) = 0 [pid 5638] chdir("./53" [pid 5635] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5638] <... chdir resumed>) = 0 [pid 5637] <... write resumed>) = 2097152 [pid 5635] <... openat resumed>) = 4 [pid 5638] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5638] setpgid(0, 0) = 0 [pid 5638] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5638] write(3, "1000", 4 [pid 5635] ioctl(4, LOOP_SET_FD, 3 [pid 5638] <... write resumed>) = 4 [pid 5638] close(3) = 0 [pid 5637] munmap(0x7f1df2200000, 138412032 [pid 5638] symlink("/dev/binderfs", "./binderfs" [pid 5637] <... munmap resumed>) = 0 [pid 5638] <... symlink resumed>) = 0 executing program [pid 5638] write(1, "executing program\n", 18) = 18 [pid 5638] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5638] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5638] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5638] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5638] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5638] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5638] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5637] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5639 attached ) = 4 [pid 5639] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5638] <... clone3 resumed> => {parent_tid=[5639]}, 88) = 5639 [pid 5637] ioctl(4, LOOP_SET_FD, 3 [pid 5639] <... rseq resumed>) = 0 [pid 5638] rt_sigprocmask(SIG_SETMASK, [], [pid 5635] <... ioctl resumed>) = 0 [pid 5639] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5638] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5635] close(3 [pid 5639] <... set_robust_list resumed>) = 0 [pid 5638] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5635] <... close resumed>) = 0 [pid 5639] rt_sigprocmask(SIG_SETMASK, [], [pid 5638] <... futex resumed>) = 0 [pid 5635] close(4 [pid 5639] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5638] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5639] memfd_create("syzkaller", 0 [pid 5635] <... close resumed>) = 0 [pid 5635] mkdir("./file0", 0777) = 0 [pid 5639] <... memfd_create resumed>) = 3 [pid 5635] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 123.136482][ T5631] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 123.154442][ T5636] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 123.166506][ T5635] loop3: detected capacity change from 0 to 4096 [pid 5639] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5637] <... ioctl resumed>) = 0 [pid 5637] close(3) = 0 [pid 5637] close(4) = 0 [pid 5637] mkdir("./file0", 0777) = 0 [pid 5631] <... mount resumed>) = 0 [ 123.212014][ T5637] loop0: detected capacity change from 0 to 4096 [ 123.221999][ T5635] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 123.229927][ T5631] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 123.240177][ T5636] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 123.253421][ T5637] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5637] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5631] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5636] <... mount resumed>) = 0 [pid 5631] chdir("./file0") = 0 [pid 5631] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5636] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5631] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5631] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5630] <... futex resumed>) = 0 [pid 5631] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5630] exit_group(0) = ? [pid 5639] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5636] <... openat resumed>) = 3 [pid 5631] <... futex resumed>) = ? [pid 5636] chdir("./file0") = 0 [pid 5636] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5631] +++ exited with 0 +++ [pid 5630] +++ exited with 0 +++ [pid 5636] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5630, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5636] <... futex resumed>) = 1 [pid 5633] <... futex resumed>) = 0 [pid 5089] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5089] umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5636] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5633] exit_group(0 [pid 5089] newfstatat(3, "", [pid 5636] <... futex resumed>) = ? [pid 5633] <... exit_group resumed>) = ? [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5636] +++ exited with 0 +++ [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./52/binderfs") = 0 [pid 5633] +++ exited with 0 +++ [pid 5089] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5633, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5089] <... umount2 resumed>) = 0 [pid 5086] umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", [pid 5635] <... mount resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5635] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] getdents64(3, [pid 5089] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5635] <... openat resumed>) = 3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [ 123.310161][ T5635] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5635] chdir("./file0" [pid 5089] newfstatat(AT_FDCWD, "./52/file0", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5635] <... chdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] newfstatat(AT_FDCWD, "./53/binderfs", [pid 5635] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] unlink("./53/binderfs" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... unlink resumed>) = 0 [pid 5635] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... openat resumed>) = 4 [pid 5086] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5635] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5635] <... futex resumed>) = 1 [pid 5632] <... futex resumed>) = 0 [pid 5089] getdents64(4, [pid 5635] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5632] exit_group(0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5632] <... exit_group resumed>) = ? [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./52/file0") = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5635] <... futex resumed>) = ? [pid 5086] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] close(3) = 0 [pid 5089] rmdir("./52" [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... rmdir resumed>) = 0 [pid 5637] <... mount resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./53/file0", [pid 5637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] mkdir("./53", 0777 [pid 5637] <... openat resumed>) = 3 [pid 5635] +++ exited with 0 +++ [pid 5632] +++ exited with 0 +++ [pid 5089] <... mkdir resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5637] chdir("./file0" [pid 5086] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5637] <... chdir resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5632, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5637] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5637] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5637] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... openat resumed>) = 4 [pid 5637] <... futex resumed>) = 1 [pid 5634] <... futex resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(4, "", [pid 5639] <... write resumed>) = 2097152 [pid 5637] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5634] exit_group(0 [pid 5089] <... openat resumed>) = 3 [pid 5088] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5637] <... futex resumed>) = ? [pid 5634] <... exit_group resumed>) = ? [pid 5088] <... openat resumed>) = 3 [pid 5637] +++ exited with 0 +++ [pid 5088] newfstatat(3, "", [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5639] munmap(0x7f1df2200000, 138412032 [pid 5634] +++ exited with 0 +++ [pid 5088] umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(4, [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5634, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5088] newfstatat(AT_FDCWD, "./53/binderfs", [pid 5086] getdents64(4, [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] unlink("./53/binderfs" [pid 5086] close(4) = 0 [pid 5086] rmdir("./53/file0" [pid 5639] <... munmap resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [ 123.354828][ T5637] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5086] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, [pid 5639] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./53" [pid 5085] umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5639] <... openat resumed>) = 4 [pid 5086] <... rmdir resumed>) = 0 [pid 5639] ioctl(4, LOOP_SET_FD, 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] mkdir("./54", 0777 [pid 5639] <... ioctl resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5639] close(3 [pid 5088] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5639] <... close resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5639] close(4 [pid 5088] newfstatat(AT_FDCWD, "./53/file0", [pid 5639] <... close resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5639] mkdir("./file0", 0777) = 0 [pid 5088] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5639] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... mkdir resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5088] <... openat resumed>) = 4 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] newfstatat(3, "", [pid 5088] newfstatat(4, "", [pid 5086] <... openat resumed>) = 3 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] getdents64(4, [pid 5085] umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] close(4 [pid 5085] newfstatat(AT_FDCWD, "./53/binderfs", [pid 5088] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] rmdir("./53/file0" [pid 5085] unlink("./53/binderfs" [pid 5088] <... rmdir resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./53") = 0 [pid 5085] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] mkdir("./54", 0777) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5089] <... ioctl resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5089] close(3 [pid 5085] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5640 attached [pid 5085] newfstatat(AT_FDCWD, "./53/file0", [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5640 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 123.416127][ T5639] loop2: detected capacity change from 0 to 4096 [ 123.454088][ T5639] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5640] set_robust_list(0x555580b0d6a0, 24 [pid 5085] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5640] <... set_robust_list resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5640] chdir("./53" [pid 5085] <... openat resumed>) = 4 [pid 5640] <... chdir resumed>) = 0 [pid 5085] newfstatat(4, "", [pid 5640] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5640] <... prctl resumed>) = 0 [pid 5085] getdents64(4, [pid 5640] setpgid(0, 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5640] <... setpgid resumed>) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5640] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] close(4 [pid 5640] <... openat resumed>) = 3 [pid 5085] <... close resumed>) = 0 [pid 5640] write(3, "1000", 4 [pid 5085] rmdir("./53/file0" [pid 5640] <... write resumed>) = 4 [pid 5640] close(3) = 0 [pid 5640] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5085] <... rmdir resumed>) = 0 executing program [pid 5640] write(1, "executing program\n", 18 [pid 5085] getdents64(3, [pid 5640] <... write resumed>) = 18 [pid 5640] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... ioctl resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5640] <... futex resumed>) = 0 [pid 5085] close(3 [pid 5640] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5640] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5640] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5640] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5640] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] <... close resumed>) = 0 [pid 5640] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5085] rmdir("./53" [pid 5640] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5641]}, 88) = 5641 [pid 5085] <... rmdir resumed>) = 0 [pid 5640] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 5641 attached [pid 5640] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5641] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5640] <... futex resumed>) = 0 [pid 5641] <... rseq resumed>) = 0 [pid 5640] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5641] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5085] mkdir("./54", 0777 [pid 5641] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5641] memfd_create("syzkaller", 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5641] <... memfd_create resumed>) = 3 [pid 5641] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5641] <... mmap resumed>) = 0x7f1df2200000 [pid 5639] <... mount resumed>) = 0 [pid 5088] close(3 [pid 5086] <... ioctl resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5639] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... close resumed>) = 0 [pid 5086] close(3) = 0 [pid 5639] <... openat resumed>) = 3 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5642 attached [pid 5642] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5642] chdir("./54" [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5642 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5639] chdir("./file0" [pid 5642] <... chdir resumed>) = 0 [pid 5642] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5642] setpgid(0, 0) = 0 [pid 5642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5639] <... chdir resumed>) = 0 [pid 5642] <... openat resumed>) = 3 [pid 5639] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5642] write(3, "1000", 4) = 4 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5643 ./strace-static-x86_64: Process 5643 attached [pid 5642] close(3 [pid 5643] set_robust_list(0x555580b0d6a0, 24 [pid 5642] <... close resumed>) = 0 [pid 5639] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5642] symlink("/dev/binderfs", "./binderfs" [pid 5643] <... set_robust_list resumed>) = 0 [pid 5642] <... symlink resumed>) = 0 [pid 5643] chdir("./54" [pid 5641] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152executing program [pid 5643] <... chdir resumed>) = 0 [pid 5642] write(1, "executing program\n", 18 [pid 5643] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5642] <... write resumed>) = 18 [pid 5643] setpgid(0, 0 [pid 5642] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5643] <... setpgid resumed>) = 0 [pid 5642] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5643] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5642] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5643] <... openat resumed>) = 3 executing program [pid 5643] write(3, "1000", 4 [pid 5642] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5639] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5642] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5639] <... futex resumed>) = 1 [pid 5638] <... futex resumed>) = 0 [pid 5642] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5639] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5638] exit_group(0 [pid 5642] <... mmap resumed>) = 0x7f1dfa693000 [pid 5638] <... exit_group resumed>) = ? [pid 5643] <... write resumed>) = 4 [pid 5639] <... futex resumed>) = ? [pid 5643] close(3 [pid 5642] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5643] <... close resumed>) = 0 [pid 5642] <... mprotect resumed>) = 0 [pid 5643] symlink("/dev/binderfs", "./binderfs" [pid 5642] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5643] <... symlink resumed>) = 0 [pid 5642] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5643] write(1, "executing program\n", 18 [pid 5642] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5644 attached [ 123.552310][ T5639] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5643] <... write resumed>) = 18 [pid 5644] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5639] +++ exited with 0 +++ [pid 5638] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5638, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5644] <... rseq resumed>) = 0 [pid 5642] <... clone3 resumed> => {parent_tid=[5644]}, 88) = 5644 [pid 5644] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5643] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5642] rt_sigprocmask(SIG_SETMASK, [], [pid 5644] <... set_robust_list resumed>) = 0 [pid 5643] <... futex resumed>) = 0 [pid 5642] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... restart_syscall resumed>) = 0 [pid 5644] rt_sigprocmask(SIG_SETMASK, [], [pid 5643] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5642] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5644] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5643] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5642] <... futex resumed>) = 0 [pid 5644] memfd_create("syzkaller", 0 [pid 5643] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5642] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5644] <... memfd_create resumed>) = 3 [pid 5643] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5643] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5643] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5643] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] <... openat resumed>) = 3 [pid 5643] <... mprotect resumed>) = 0 [pid 5087] newfstatat(3, "", [pid 5643] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5643] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] getdents64(3, [pid 5644] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5643] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5644] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5645 attached [pid 5645] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5643] <... clone3 resumed> => {parent_tid=[5645]}, 88) = 5645 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... ioctl resumed>) = 0 [pid 5085] close(3 [pid 5645] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5085] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5645] <... set_robust_list resumed>) = 0 [pid 5645] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] newfstatat(AT_FDCWD, "./53/binderfs", [pid 5645] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5645] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5643] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5643] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] unlink("./53/binderfs" [pid 5643] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... unlink resumed>) = 0 [pid 5643] <... futex resumed>) = 1 [pid 5087] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5645] <... futex resumed>) = 0 [pid 5645] memfd_create("syzkaller", 0 [pid 5643] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5641] <... write resumed>) = 2097152 [pid 5645] <... memfd_create resumed>) = 3 [pid 5641] munmap(0x7f1df2200000, 138412032 [pid 5645] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5646 ./strace-static-x86_64: Process 5646 attached [pid 5645] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] <... umount2 resumed>) = 0 [pid 5646] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5646] chdir("./54") = 0 [pid 5646] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5646] setpgid(0, 0 [pid 5087] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5646] <... setpgid resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5646] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] newfstatat(AT_FDCWD, "./53/file0", [pid 5646] <... openat resumed>) = 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5646] write(3, "1000", 4 [pid 5087] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5646] <... write resumed>) = 4 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5646] close(3 [pid 5087] openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5646] <... close resumed>) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5646] symlink("/dev/binderfs", "./binderfs" [pid 5087] newfstatat(4, "", [pid 5641] <... munmap resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5646] <... symlink resumed>) = 0 [pid 5087] getdents64(4, executing program [pid 5646] write(1, "executing program\n", 18 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5646] <... write resumed>) = 18 [pid 5087] getdents64(4, [pid 5646] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5646] <... futex resumed>) = 0 [pid 5087] close(4 [pid 5646] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5641] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... close resumed>) = 0 [pid 5646] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] rmdir("./53/file0" [pid 5641] <... openat resumed>) = 4 [pid 5646] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5641] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... rmdir resumed>) = 0 [pid 5646] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] getdents64(3, [pid 5646] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5646] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] close(3 [pid 5646] <... mprotect resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5646] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] rmdir("./53") = 0 [pid 5646] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] mkdir("./54", 0777 [pid 5646] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5647 attached [pid 5646] <... clone3 resumed> => {parent_tid=[5647]}, 88) = 5647 [pid 5647] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5646] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5646] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5647] <... rseq resumed>) = 0 [pid 5647] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5646] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... openat resumed>) = 3 [pid 5647] <... set_robust_list resumed>) = 0 [pid 5646] <... futex resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5647] rt_sigprocmask(SIG_SETMASK, [], [pid 5646] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5647] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5647] memfd_create("syzkaller", 0 [pid 5641] <... ioctl resumed>) = 0 [pid 5647] <... memfd_create resumed>) = 3 [pid 5647] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5641] close(3 [pid 5647] <... mmap resumed>) = 0x7f1df2200000 [pid 5645] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5641] <... close resumed>) = 0 [pid 5641] close(4) = 0 [pid 5641] mkdir("./file0", 0777) = 0 [pid 5644] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 123.695025][ T5641] loop4: detected capacity change from 0 to 4096 [pid 5641] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5647] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] <... ioctl resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 5648 ./strace-static-x86_64: Process 5648 attached [pid 5648] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5648] chdir("./54") = 0 [pid 5648] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5648] setpgid(0, 0) = 0 [pid 5648] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5648] write(3, "1000", 4) = 4 [pid 5648] close(3) = 0 [ 123.768833][ T5641] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5648] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5644] <... write resumed>) = 2097152 executing program [pid 5648] write(1, "executing program\n", 18 [pid 5644] munmap(0x7f1df2200000, 138412032 [pid 5648] <... write resumed>) = 18 [pid 5648] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5644] <... munmap resumed>) = 0 [pid 5641] <... mount resumed>) = 0 [pid 5648] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5647] <... write resumed>) = 2097152 [pid 5645] <... write resumed>) = 2097152 [pid 5644] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5641] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5648] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5647] munmap(0x7f1df2200000, 138412032 [pid 5645] munmap(0x7f1df2200000, 138412032 [pid 5644] <... openat resumed>) = 4 [pid 5641] <... openat resumed>) = 3 [pid 5648] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5644] ioctl(4, LOOP_SET_FD, 3 [pid 5648] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5647] <... munmap resumed>) = 0 [pid 5644] <... ioctl resumed>) = 0 [pid 5648] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5641] chdir("./file0" [pid 5644] close(3 [pid 5648] <... mmap resumed>) = 0x7f1dfa693000 [pid 5647] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5645] <... munmap resumed>) = 0 [pid 5641] <... chdir resumed>) = 0 [pid 5648] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5645] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5644] <... close resumed>) = 0 [pid 5641] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5648] <... mprotect resumed>) = 0 [pid 5645] <... openat resumed>) = 4 [pid 5644] close(4 [pid 5641] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 123.832285][ T5641] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 123.863246][ T5644] loop1: detected capacity change from 0 to 4096 [pid 5648] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5647] <... openat resumed>) = 4 [pid 5645] ioctl(4, LOOP_SET_FD, 3 [pid 5644] <... close resumed>) = 0 [pid 5641] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5648] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5647] ioctl(4, LOOP_SET_FD, 3 [pid 5644] mkdir("./file0", 0777 [pid 5648] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5641] <... futex resumed>) = 1 [pid 5640] <... futex resumed>) = 0 [pid 5641] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5640] exit_group(0 [pid 5648] <... clone3 resumed> => {parent_tid=[5649]}, 88) = 5649 [pid 5641] <... futex resumed>) = ? [pid 5640] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 5649 attached [pid 5648] rt_sigprocmask(SIG_SETMASK, [], [pid 5644] <... mkdir resumed>) = 0 [pid 5641] +++ exited with 0 +++ [pid 5649] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5648] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5640] +++ exited with 0 +++ [pid 5649] <... rseq resumed>) = 0 [pid 5648] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5644] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5640, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5649] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5648] <... futex resumed>) = 0 [pid 5649] <... set_robust_list resumed>) = 0 [pid 5648] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5645] <... ioctl resumed>) = 0 [pid 5645] close(3) = 0 [pid 5645] close(4) = 0 [pid 5645] mkdir("./file0", 0777) = 0 [pid 5645] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5647] <... ioctl resumed>) = 0 [pid 5649] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5649] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5647] close(3) = 0 [pid 5647] close(4) = 0 [pid 5647] mkdir("./file0", 0777 [pid 5649] memfd_create("syzkaller", 0 [pid 5647] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5647] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5649] <... memfd_create resumed>) = 3 [ 123.885569][ T5645] loop3: detected capacity change from 0 to 4096 [ 123.900921][ T5647] loop0: detected capacity change from 0 to 4096 [ 123.909813][ T5644] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 123.917758][ T5645] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5089] umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5649] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5649] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] newfstatat(AT_FDCWD, "./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./53/binderfs") = 0 [pid 5089] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5089] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 123.942300][ T5647] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5089] umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, [pid 5647] <... mount resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5647] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5089] close(4 [pid 5647] chdir("./file0") = 0 [pid 5647] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5647] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5646] <... futex resumed>) = 0 [pid 5647] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5646] exit_group(0 [pid 5647] <... futex resumed>) = ? [pid 5646] <... exit_group resumed>) = ? [pid 5647] +++ exited with 0 +++ [pid 5646] +++ exited with 0 +++ [pid 5089] <... close resumed>) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5646, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5645] <... mount resumed>) = 0 [pid 5089] rmdir("./53/file0" [pid 5645] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... rmdir resumed>) = 0 [pid 5085] umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5649] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5645] <... openat resumed>) = 3 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] close(3 [pid 5085] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5645] chdir("./file0" [pid 5085] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 5645] <... chdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5645] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5644] <... mount resumed>) = 0 [pid 5089] rmdir("./53" [pid 5085] getdents64(3, [pid 5645] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5643] <... futex resumed>) = 0 [pid 5645] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5643] exit_group(0 [pid 5645] <... futex resumed>) = ? [pid 5643] <... exit_group resumed>) = ? [pid 5089] <... rmdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5645] +++ exited with 0 +++ [pid 5644] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5643] +++ exited with 0 +++ [pid 5089] mkdir("./54", 0777 [pid 5085] umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5643, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5644] <... openat resumed>) = 3 [ 123.999149][ T5647] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 124.027018][ T5645] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 124.041774][ T5644] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5644] chdir("./file0" [pid 5088] <... restart_syscall resumed>) = 0 [pid 5644] <... chdir resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./54/binderfs", [pid 5644] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] <... mkdir resumed>) = 0 [pid 5088] umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5649] <... write resumed>) = 2097152 [pid 5644] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5649] munmap(0x7f1df2200000, 138412032 [pid 5088] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] unlink("./54/binderfs" [pid 5644] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... openat resumed>) = 3 [pid 5644] <... futex resumed>) = 1 [pid 5642] <... futex resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5644] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5642] exit_group(0 [pid 5644] <... futex resumed>) = ? [pid 5642] <... exit_group resumed>) = ? [pid 5644] +++ exited with 0 +++ [pid 5642] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5642, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5085] <... unlink resumed>) = 0 [pid 5086] umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... openat resumed>) = 3 [pid 5649] <... munmap resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5085] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5649] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] newfstatat(3, "", [pid 5086] newfstatat(3, "", [pid 5649] <... openat resumed>) = 4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5649] ioctl(4, LOOP_SET_FD, 3 [pid 5088] getdents64(3, [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./54/binderfs") = 0 [pid 5086] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5649] <... ioctl resumed>) = 0 [pid 5088] umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5649] close(3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./54/binderfs", [pid 5649] <... close resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5649] close(4 [pid 5088] unlink("./54/binderfs" [pid 5086] <... umount2 resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5649] <... close resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5649] mkdir("./file0", 0777 [pid 5088] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(AT_FDCWD, "./54/file0", [pid 5649] <... mkdir resumed>) = 0 [pid 5086] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] newfstatat(AT_FDCWD, "./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... umount2 resumed>) = 0 [pid 5649] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... openat resumed>) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./54/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./54") = 0 [pid 5085] openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] mkdir("./55", 0777 [pid 5085] <... openat resumed>) = 4 [pid 5088] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... mkdir resumed>) = 0 [pid 5085] newfstatat(4, "", [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] newfstatat(AT_FDCWD, "./54/file0", [pid 5085] getdents64(4, [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... ioctl resumed>) = 0 [pid 5088] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... openat resumed>) = 3 [pid 5085] getdents64(4, [pid 5089] close(3) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] close(4./strace-static-x86_64: Process 5650 attached [pid 5088] openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... close resumed>) = 0 [pid 5650] set_robust_list(0x555580b0d6a0, 24 [pid 5088] <... openat resumed>) = 4 [pid 5085] rmdir("./54/file0" [pid 5650] <... set_robust_list resumed>) = 0 [pid 5650] chdir("./54" [pid 5085] <... rmdir resumed>) = 0 [pid 5650] <... chdir resumed>) = 0 [pid 5088] newfstatat(4, "", [pid 5085] getdents64(3, [pid 5650] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5650 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5650] <... prctl resumed>) = 0 [pid 5650] setpgid(0, 0 [pid 5088] getdents64(4, [pid 5085] close(3 [pid 5650] <... setpgid resumed>) = 0 [pid 5650] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5650] write(3, "1000", 4) = 4 [pid 5650] close(3) = 0 [pid 5650] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5650] write(1, "executing program\n", 18) = 18 [pid 5650] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5650] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5650] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5650] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5650] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5085] <... close resumed>) = 0 [pid 5650] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] rmdir("./54" [pid 5088] getdents64(4, [pid 5650] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5650] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5088] close(4 [pid 5085] mkdir("./55", 0777 [pid 5088] <... close resumed>) = 0 ./strace-static-x86_64: Process 5651 attached [pid 5088] rmdir("./54/file0" [pid 5085] <... mkdir resumed>) = 0 [pid 5651] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [ 124.116577][ T5649] loop2: detected capacity change from 0 to 4096 [ 124.145124][ T5649] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5650] <... clone3 resumed> => {parent_tid=[5651]}, 88) = 5651 [pid 5651] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5650] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... rmdir resumed>) = 0 [pid 5651] <... set_robust_list resumed>) = 0 [pid 5650] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5649] <... mount resumed>) = 0 [pid 5088] getdents64(3, [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5651] rt_sigprocmask(SIG_SETMASK, [], [pid 5650] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5649] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] close(3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5651] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5650] <... futex resumed>) = 0 [pid 5650] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... close resumed>) = 0 [pid 5649] <... openat resumed>) = 3 [pid 5088] rmdir("./54" [pid 5649] chdir("./file0") = 0 [pid 5649] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5651] memfd_create("syzkaller", 0 [pid 5649] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5651] <... memfd_create resumed>) = 3 [pid 5649] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... rmdir resumed>) = 0 [pid 5649] <... futex resumed>) = 1 [pid 5648] <... futex resumed>) = 0 [pid 5088] mkdir("./55", 0777 [pid 5648] exit_group(0 [pid 5649] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5651] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5088] <... mkdir resumed>) = 0 [pid 5649] <... futex resumed>) = ? [pid 5648] <... exit_group resumed>) = ? [pid 5649] +++ exited with 0 +++ [pid 5648] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5648, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... openat resumed>) = 3 [pid 5087] <... openat resumed>) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] newfstatat(3, "", [pid 5086] <... ioctl resumed>) = 0 [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 124.202481][ T5649] ntfs3: loop2: Failed to initialize $Extend/$ObjId. ./strace-static-x86_64: Process 5652 attached [pid 5087] getdents64(3, [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5652 [pid 5652] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5652] <... set_robust_list resumed>) = 0 [pid 5087] umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5652] chdir("./55") = 0 [pid 5652] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5652] <... prctl resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./54/binderfs", [pid 5652] setpgid(0, 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5652] <... setpgid resumed>) = 0 [pid 5087] unlink("./54/binderfs" [pid 5652] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5652] write(3, "1000", 4 [pid 5087] <... unlink resumed>) = 0 [pid 5652] <... write resumed>) = 4 [pid 5087] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5652] close(3) = 0 [pid 5652] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5652] write(1, "executing program\n", 18) = 18 [pid 5652] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5652] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... umount2 resumed>) = 0 [pid 5652] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5651] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5652] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5652] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5652] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5087] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5652] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5652] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5652] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5653]}, 88) = 5653 [pid 5652] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5652] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5652] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5653 attached [pid 5653] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5653] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5653] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5653] memfd_create("syzkaller", 0 [pid 5087] <... openat resumed>) = 4 [pid 5087] newfstatat(4, "", [pid 5085] <... ioctl resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] close(3 [pid 5087] getdents64(4, [pid 5085] <... close resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5654 attached [pid 5087] close(4 [pid 5654] set_robust_list(0x555580b0d6a0, 24 [pid 5653] <... memfd_create resumed>) = 3 [pid 5087] <... close resumed>) = 0 [pid 5653] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5654] <... set_robust_list resumed>) = 0 [pid 5653] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] rmdir("./54/file0" [pid 5654] chdir("./55" [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5654 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3 [pid 5654] <... chdir resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5654] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] rmdir("./54") = 0 [pid 5087] mkdir("./55", 0777) = 0 [pid 5651] <... write resumed>) = 2097152 [pid 5654] <... prctl resumed>) = 0 [pid 5654] setpgid(0, 0) = 0 [pid 5654] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... ioctl resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5654] <... openat resumed>) = 3 [pid 5088] close(3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5654] write(3, "1000", 4 [pid 5088] <... close resumed>) = 0 [pid 5654] <... write resumed>) = 4 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5654] close(3./strace-static-x86_64: Process 5655 attached ) = 0 [pid 5654] symlink("/dev/binderfs", "./binderfs" [pid 5651] munmap(0x7f1df2200000, 138412032 [pid 5655] set_robust_list(0x555580b0d6a0, 24 [pid 5654] <... symlink resumed>) = 0 [pid 5653] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5655 [pid 5655] <... set_robust_list resumed>) = 0 [pid 5654] write(1, "executing program\n", 18executing program [pid 5655] chdir("./55" [pid 5654] <... write resumed>) = 18 [pid 5655] <... chdir resumed>) = 0 [pid 5654] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5651] <... munmap resumed>) = 0 [pid 5651] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5655] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5654] <... futex resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5655] <... prctl resumed>) = 0 [pid 5654] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5655] setpgid(0, 0) = 0 [pid 5654] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] close(3 [pid 5655] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5654] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5653] <... write resumed>) = 2097152 [pid 5651] <... openat resumed>) = 4 [pid 5087] <... close resumed>) = 0 [pid 5655] <... openat resumed>) = 3 [pid 5654] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5653] munmap(0x7f1df2200000, 138412032 [pid 5651] ioctl(4, LOOP_SET_FD, 3 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5655] write(3, "1000", 4 [pid 5654] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0./strace-static-x86_64: Process 5656 attached [pid 5655] <... write resumed>) = 4 [pid 5654] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5656 [pid 5655] close(3 [pid 5654] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5656] set_robust_list(0x555580b0d6a0, 24 [pid 5654] <... mprotect resumed>) = 0 [pid 5656] <... set_robust_list resumed>) = 0 [pid 5654] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5656] chdir("./55" [pid 5655] <... close resumed>) = 0 [pid 5654] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5655] symlink("/dev/binderfs", "./binderfs" [pid 5654] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5657 attached [pid 5656] <... chdir resumed>) = 0 [pid 5655] <... symlink resumed>) = 0 [pid 5657] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5656] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5654] <... clone3 resumed> => {parent_tid=[5657]}, 88) = 5657 [pid 5651] <... ioctl resumed>) = 0 [pid 5657] <... rseq resumed>) = 0 executing program [pid 5656] <... prctl resumed>) = 0 [pid 5655] write(1, "executing program\n", 18 [pid 5654] rt_sigprocmask(SIG_SETMASK, [], [pid 5651] close(3 [pid 5657] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5656] setpgid(0, 0 [pid 5655] <... write resumed>) = 18 [pid 5654] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5651] <... close resumed>) = 0 [pid 5657] <... set_robust_list resumed>) = 0 [pid 5656] <... setpgid resumed>) = 0 [pid 5655] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5654] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5651] close(4 [pid 5657] rt_sigprocmask(SIG_SETMASK, [], [pid 5656] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5655] <... futex resumed>) = 0 [pid 5654] <... futex resumed>) = 0 [pid 5653] <... munmap resumed>) = 0 [pid 5651] <... close resumed>) = 0 [pid 5657] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5656] <... openat resumed>) = 3 [pid 5653] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5651] mkdir("./file0", 0777 [pid 5654] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5655] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5657] memfd_create("syzkaller", 0 [pid 5656] write(3, "1000", 4 [pid 5655] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5653] <... openat resumed>) = 4 [pid 5651] <... mkdir resumed>) = 0 [pid 5657] <... memfd_create resumed>) = 3 [pid 5656] <... write resumed>) = 4 [pid 5655] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5653] ioctl(4, LOOP_SET_FD, 3 [pid 5651] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5657] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5656] close(3 [pid 5655] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5655] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5657] <... mmap resumed>) = 0x7f1df2200000 [pid 5656] <... close resumed>) = 0 [pid 5655] <... mmap resumed>) = 0x7f1dfa693000 [pid 5656] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5655] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5656] write(1, "executing program\n", 18) = 18 [pid 5656] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5655] <... mprotect resumed>) = 0 [pid 5656] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5656] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5655] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5656] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5655] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5653] <... ioctl resumed>) = 0 [pid 5656] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5655] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5653] close(3 [pid 5656] <... mmap resumed>) = 0x7f1dfa693000 [pid 5653] <... close resumed>) = 0 [ 124.448494][ T5651] loop4: detected capacity change from 0 to 4096 [ 124.477667][ T5653] loop1: detected capacity change from 0 to 4096 [ 124.485811][ T5651] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5656] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 5658 attached ) = 0 [pid 5653] close(4 [pid 5658] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5657] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5656] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5655] <... clone3 resumed> => {parent_tid=[5658]}, 88) = 5658 [pid 5653] <... close resumed>) = 0 [pid 5658] <... rseq resumed>) = 0 [pid 5656] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5658] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5656] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5659 attached [pid 5658] <... set_robust_list resumed>) = 0 [pid 5655] rt_sigprocmask(SIG_SETMASK, [], [pid 5653] mkdir("./file0", 0777 [pid 5659] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5658] rt_sigprocmask(SIG_SETMASK, [], [pid 5656] <... clone3 resumed> => {parent_tid=[5659]}, 88) = 5659 [pid 5655] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5653] <... mkdir resumed>) = 0 [pid 5656] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5656] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5655] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5656] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5655] <... futex resumed>) = 0 [pid 5655] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5659] <... rseq resumed>) = 0 [pid 5659] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5653] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5659] <... set_robust_list resumed>) = 0 [pid 5658] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5659] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5658] memfd_create("syzkaller", 0 [pid 5659] memfd_create("syzkaller", 0 [pid 5658] <... memfd_create resumed>) = 3 [pid 5651] <... mount resumed>) = 0 [pid 5658] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5651] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5659] <... memfd_create resumed>) = 3 [pid 5658] <... mmap resumed>) = 0x7f1df2200000 [pid 5657] <... write resumed>) = 2097152 [pid 5659] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5651] <... openat resumed>) = 3 [pid 5659] <... mmap resumed>) = 0x7f1df2200000 [pid 5657] munmap(0x7f1df2200000, 138412032 [pid 5651] chdir("./file0") = 0 [pid 5651] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [ 124.547061][ T5651] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 124.551109][ T5653] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5651] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5650] <... futex resumed>) = 0 [pid 5657] <... munmap resumed>) = 0 [pid 5651] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5650] exit_group(0 [pid 5651] <... futex resumed>) = ? [pid 5650] <... exit_group resumed>) = ? [pid 5657] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5657] ioctl(4, LOOP_SET_FD, 3 [pid 5651] +++ exited with 0 +++ [pid 5650] +++ exited with 0 +++ [pid 5659] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5658] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5657] <... ioctl resumed>) = 0 [pid 5657] close(3 [pid 5653] <... mount resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5650, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5657] <... close resumed>) = 0 [pid 5657] close(4 [pid 5089] umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5657] <... close resumed>) = 0 [pid 5657] mkdir("./file0", 0777 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5653] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./54/binderfs", [pid 5653] <... openat resumed>) = 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5653] chdir("./file0") = 0 [pid 5653] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] unlink("./54/binderfs" [pid 5653] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... unlink resumed>) = 0 [pid 5653] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5657] <... mkdir resumed>) = 0 [pid 5653] <... futex resumed>) = 1 [pid 5652] <... futex resumed>) = 0 [pid 5659] <... write resumed>) = 2097152 [pid 5657] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 124.624967][ T5657] loop0: detected capacity change from 0 to 4096 [ 124.642125][ T5653] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5653] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5652] exit_group(0 [pid 5659] munmap(0x7f1df2200000, 138412032 [pid 5652] <... exit_group resumed>) = ? [pid 5653] <... futex resumed>) = ? [pid 5653] +++ exited with 0 +++ [pid 5659] <... munmap resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5089] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5652] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5652, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5086] umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./54/file0", [pid 5086] newfstatat(AT_FDCWD, "./55/binderfs", [pid 5659] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./55/binderfs" [pid 5659] <... openat resumed>) = 4 [pid 5089] umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... unlink resumed>) = 0 [pid 5659] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5658] <... write resumed>) = 2097152 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5659] <... ioctl resumed>) = 0 [pid 5658] munmap(0x7f1df2200000, 138412032 [pid 5089] close(4 [pid 5659] close(3) = 0 [pid 5659] close(4) = 0 [pid 5659] mkdir("./file0", 0777) = 0 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./54/file0" [pid 5659] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... umount2 resumed>) = 0 [ 124.684207][ T5657] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 124.714797][ T5659] loop2: detected capacity change from 0 to 4096 [pid 5089] <... rmdir resumed>) = 0 [pid 5086] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5658] <... munmap resumed>) = 0 [pid 5089] getdents64(3, [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5658] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] close(3) = 0 [pid 5086] newfstatat(AT_FDCWD, "./55/file0", [pid 5658] <... openat resumed>) = 4 [pid 5089] rmdir("./54" [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... rmdir resumed>) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, [pid 5658] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./55/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./55") = 0 [pid 5086] mkdir("./56", 0777) = 0 [pid 5658] <... ioctl resumed>) = 0 [pid 5089] mkdir("./55", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5658] close(3) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5658] close(4 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5658] <... close resumed>) = 0 [ 124.734007][ T5659] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 124.758866][ T5658] loop3: detected capacity change from 0 to 4096 [pid 5658] mkdir("./file0", 0777 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5658] <... mkdir resumed>) = 0 [pid 5658] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5657] <... mount resumed>) = 0 [pid 5657] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5657] chdir("./file0") = 0 [pid 5657] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5657] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5654] <... futex resumed>) = 0 [pid 5654] exit_group(0) = ? [pid 5657] +++ exited with 0 +++ [pid 5654] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5654, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5659] <... mount resumed>) = 0 [pid 5659] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5659] chdir("./file0") = 0 [pid 5659] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5659] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5656] <... futex resumed>) = 0 [pid 5659] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5656] exit_group(0 [pid 5659] <... futex resumed>) = ? [pid 5656] <... exit_group resumed>) = ? [pid 5659] +++ exited with 0 +++ [pid 5085] umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5656] +++ exited with 0 +++ [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5656, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [ 124.785756][ T5657] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 124.805151][ T5658] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 124.810501][ T5659] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5087] umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 5087] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5085] getdents64(3, [pid 5087] newfstatat(3, "", [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5658] <... mount resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(3, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] newfstatat(AT_FDCWD, "./55/binderfs", [pid 5087] umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5658] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./55/binderfs" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5658] <... openat resumed>) = 3 [pid 5658] chdir("./file0" [pid 5085] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5658] <... chdir resumed>) = 0 [pid 5087] unlink("./55/binderfs" [pid 5658] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] close(3 [pid 5087] <... unlink resumed>) = 0 [pid 5087] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5658] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... close resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5658] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5655] <... futex resumed>) = 0 [pid 5086] close(3) = 0 [pid 5655] exit_group(0 [pid 5658] <... futex resumed>) = 1 [pid 5658] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5655] <... exit_group resumed>) = ? [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5658] <... futex resumed>) = ? [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5660 ./strace-static-x86_64: Process 5660 attached [pid 5660] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5660] chdir("./56"./strace-static-x86_64: Process 5661 attached [pid 5661] set_robust_list(0x555580b0d6a0, 24 [pid 5660] <... chdir resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5661 [pid 5661] <... set_robust_list resumed>) = 0 [pid 5660] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5661] chdir("./55" [pid 5660] setpgid(0, 0) = 0 [pid 5661] <... chdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5661] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5660] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5658] +++ exited with 0 +++ [pid 5655] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5655, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5088] umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 124.889010][ T5658] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5085] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5661] <... prctl resumed>) = 0 [pid 5660] <... openat resumed>) = 3 [pid 5088] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5660] write(3, "1000", 4 [pid 5088] <... openat resumed>) = 3 [pid 5088] newfstatat(3, "", [pid 5660] <... write resumed>) = 4 [pid 5660] close(3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5661] setpgid(0, 0 [pid 5660] <... close resumed>) = 0 [pid 5661] <... setpgid resumed>) = 0 [pid 5660] symlink("/dev/binderfs", "./binderfs" [pid 5088] getdents64(3, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] newfstatat(AT_FDCWD, "./55/file0", [pid 5088] umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 executing program [pid 5660] <... symlink resumed>) = 0 [pid 5661] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5660] write(1, "executing program\n", 18 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5661] <... openat resumed>) = 3 [pid 5088] newfstatat(AT_FDCWD, "./55/binderfs", [pid 5660] <... write resumed>) = 18 [pid 5661] write(3, "1000", 4 [pid 5660] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] newfstatat(AT_FDCWD, "./55/file0", [pid 5660] <... futex resumed>) = 0 [pid 5088] unlink("./55/binderfs" [pid 5661] <... write resumed>) = 4 [pid 5660] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5661] close(3 [pid 5660] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5085] openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5661] <... close resumed>) = 0 [pid 5660] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... openat resumed>) = 4 [pid 5661] symlink("/dev/binderfs", "./binderfs" [pid 5660] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] newfstatat(4, "", [pid 5660] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5660] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] getdents64(4, [pid 5087] openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5660] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] <... openat resumed>) = 4 [pid 5087] newfstatat(4, "", [pid 5660] <... mprotect resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, [pid 5660] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5660] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5662 attached [pid 5662] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5660] <... clone3 resumed> => {parent_tid=[5662]}, 88) = 5662 [pid 5660] rt_sigprocmask(SIG_SETMASK, [], [pid 5662] <... rseq resumed>) = 0 [pid 5662] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5662] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5660] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5662] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5660] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5662] <... futex resumed>) = 0 [pid 5660] <... futex resumed>) = 1 [pid 5660] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5662] memfd_create("syzkaller", 0) = 3 [pid 5662] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5088] <... unlink resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5661] <... symlink resumed>) = 0 [pid 5087] getdents64(4, [pid 5085] getdents64(4, executing program [pid 5661] write(1, "executing program\n", 18 [pid 5088] <... umount2 resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5661] <... write resumed>) = 18 [pid 5087] close(4) = 0 [pid 5661] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5087] rmdir("./55/file0" [pid 5661] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5661] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5085] close(4 [pid 5661] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5085] <... close resumed>) = 0 [pid 5661] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] rmdir("./55/file0" [pid 5661] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5661] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] getdents64(3, [pid 5661] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] newfstatat(AT_FDCWD, "./55/file0", [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5661] <... mprotect resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5661] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] close(3 [pid 5085] getdents64(3, [pid 5088] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... close resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] rmdir("./55" [pid 5661] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5661] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... openat resumed>) = 4 [pid 5087] <... rmdir resumed>) = 0 [pid 5088] newfstatat(4, "", ./strace-static-x86_64: Process 5663 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5663] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5661] <... clone3 resumed> => {parent_tid=[5663]}, 88) = 5663 [pid 5088] getdents64(4, [pid 5087] mkdir("./56", 0777 [pid 5663] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5661] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5663] <... set_robust_list resumed>) = 0 [pid 5661] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5663] rt_sigprocmask(SIG_SETMASK, [], [pid 5661] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] getdents64(4, [pid 5663] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5661] <... futex resumed>) = 0 [pid 5661] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./55/file0" [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... rmdir resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5085] close(3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5663] memfd_create("syzkaller", 0 [pid 5088] getdents64(3, [pid 5085] <... close resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] rmdir("./55" [pid 5663] <... memfd_create resumed>) = 3 [pid 5088] close(3 [pid 5663] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... close resumed>) = 0 [pid 5663] <... mmap resumed>) = 0x7f1df2200000 [pid 5085] <... rmdir resumed>) = 0 [pid 5085] mkdir("./56", 0777 [pid 5088] rmdir("./55") = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] mkdir("./56", 0777 [pid 5662] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5088] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5663] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5662] <... write resumed>) = 2097152 [pid 5662] munmap(0x7f1df2200000, 138412032) = 0 [pid 5662] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5662] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5663] <... write resumed>) = 2097152 [pid 5085] <... ioctl resumed>) = 0 [pid 5663] munmap(0x7f1df2200000, 138412032) = 0 [pid 5085] close(3) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... ioctl resumed>) = 0 [pid 5087] close(3 [pid 5662] close(3 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5664 ./strace-static-x86_64: Process 5664 attached [pid 5662] <... close resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5662] close(4) = 0 [ 125.084092][ T5662] loop1: detected capacity change from 0 to 4096 [pid 5662] mkdir("./file0", 0777 [pid 5664] set_robust_list(0x555580b0d6a0, 24 [pid 5662] <... mkdir resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5663] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5663] ioctl(4, LOOP_SET_FD, 3 [pid 5664] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5665 attached [pid 5664] chdir("./56" [pid 5088] <... ioctl resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5665 [pid 5662] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5665] set_robust_list(0x555580b0d6a0, 24 [pid 5664] <... chdir resumed>) = 0 [pid 5088] close(3 [pid 5664] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5665] <... set_robust_list resumed>) = 0 [pid 5664] <... prctl resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5664] setpgid(0, 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5665] chdir("./56" [pid 5663] <... ioctl resumed>) = 0 [pid 5663] close(3) = 0 [pid 5663] close(4) = 0 [pid 5663] mkdir("./file0", 0777 [pid 5665] <... chdir resumed>) = 0 [pid 5663] <... mkdir resumed>) = 0 [pid 5665] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5664] <... setpgid resumed>) = 0 [pid 5663] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5665] <... prctl resumed>) = 0 [pid 5664] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5666 [pid 5665] setpgid(0, 0 [pid 5664] <... openat resumed>) = 3 [pid 5664] write(3, "1000", 4 [pid 5665] <... setpgid resumed>) = 0 [pid 5665] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5664] <... write resumed>) = 4 [pid 5664] close(3 [pid 5665] <... openat resumed>) = 3 [pid 5664] <... close resumed>) = 0 [ 125.125233][ T5663] loop4: detected capacity change from 0 to 4096 [ 125.143504][ T5662] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). executing program executing program ./strace-static-x86_64: Process 5666 attached [pid 5665] write(3, "1000", 4 [pid 5664] symlink("/dev/binderfs", "./binderfs" [pid 5666] set_robust_list(0x555580b0d6a0, 24 [pid 5665] <... write resumed>) = 4 [pid 5664] <... symlink resumed>) = 0 [pid 5666] <... set_robust_list resumed>) = 0 [pid 5665] close(3 [pid 5664] write(1, "executing program\n", 18 [pid 5665] <... close resumed>) = 0 [pid 5664] <... write resumed>) = 18 [pid 5665] symlink("/dev/binderfs", "./binderfs" [pid 5666] chdir("./56" [pid 5665] <... symlink resumed>) = 0 [pid 5665] write(1, "executing program\n", 18) = 18 [pid 5664] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5666] <... chdir resumed>) = 0 [pid 5665] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5664] <... futex resumed>) = 0 [pid 5666] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5665] <... futex resumed>) = 0 [pid 5666] <... prctl resumed>) = 0 [pid 5665] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5664] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5666] setpgid(0, 0 [pid 5665] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5664] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5666] <... setpgid resumed>) = 0 [pid 5665] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5664] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5666] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5664] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5665] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5664] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5665] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5664] <... mmap resumed>) = 0x7f1dfa693000 [pid 5666] <... openat resumed>) = 3 [pid 5665] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5664] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5665] <... mprotect resumed>) = 0 [pid 5664] <... mprotect resumed>) = 0 [pid 5665] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5666] write(3, "1000", 4) = 4 [pid 5666] close(3) = 0 [pid 5666] symlink("/dev/binderfs", "./binderfs" [pid 5665] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5664] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5665] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5667 attached [pid 5664] <... rt_sigprocmask resumed>[], 8) = 0 [ 125.166836][ T5663] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5667] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5666] <... symlink resumed>) = 0 [pid 5664] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5665] <... clone3 resumed> => {parent_tid=[5667]}, 88) = 5667 executing program ./strace-static-x86_64: Process 5668 attached [pid 5667] <... rseq resumed>) = 0 [pid 5666] write(1, "executing program\n", 18 [pid 5665] rt_sigprocmask(SIG_SETMASK, [], [pid 5668] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5667] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5666] <... write resumed>) = 18 [pid 5665] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5664] <... clone3 resumed> => {parent_tid=[5668]}, 88) = 5668 [pid 5668] <... rseq resumed>) = 0 [pid 5667] <... set_robust_list resumed>) = 0 [pid 5666] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5665] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5664] rt_sigprocmask(SIG_SETMASK, [], [pid 5666] <... futex resumed>) = 0 [pid 5666] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5666] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5666] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5668] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5667] rt_sigprocmask(SIG_SETMASK, [], [pid 5666] <... mmap resumed>) = 0x7f1dfa693000 [pid 5665] <... futex resumed>) = 0 [pid 5664] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5668] <... set_robust_list resumed>) = 0 [pid 5667] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5666] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5664] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5668] rt_sigprocmask(SIG_SETMASK, [], [pid 5666] <... mprotect resumed>) = 0 [pid 5665] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5664] <... futex resumed>) = 0 [pid 5668] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5667] memfd_create("syzkaller", 0 [pid 5666] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5664] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5663] <... mount resumed>) = 0 [pid 5662] <... mount resumed>) = 0 [pid 5667] <... memfd_create resumed>) = 3 [pid 5666] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5667] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5666] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5667] <... mmap resumed>) = 0x7f1df2200000 [pid 5663] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5668] memfd_create("syzkaller", 0 [pid 5666] <... clone3 resumed> => {parent_tid=[5669]}, 88) = 5669 ./strace-static-x86_64: Process 5669 attached [pid 5668] <... memfd_create resumed>) = 3 [pid 5666] rt_sigprocmask(SIG_SETMASK, [], [pid 5663] <... openat resumed>) = 3 [pid 5666] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5663] chdir("./file0" [pid 5668] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5666] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5663] <... chdir resumed>) = 0 [pid 5666] <... futex resumed>) = 0 [pid 5669] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5668] <... mmap resumed>) = 0x7f1df2200000 [pid 5666] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5663] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5669] <... rseq resumed>) = 0 [pid 5669] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5663] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5669] <... set_robust_list resumed>) = 0 [pid 5669] rt_sigprocmask(SIG_SETMASK, [], [pid 5663] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5669] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5663] <... futex resumed>) = 1 [pid 5661] <... futex resumed>) = 0 [pid 5669] memfd_create("syzkaller", 0 [pid 5663] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5661] exit_group(0 [pid 5669] <... memfd_create resumed>) = 3 [pid 5662] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5661] <... exit_group resumed>) = ? [pid 5669] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5662] <... openat resumed>) = 3 [pid 5663] <... futex resumed>) = ? [pid 5669] <... mmap resumed>) = 0x7f1df2200000 [pid 5662] chdir("./file0") = 0 [pid 5662] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5663] +++ exited with 0 +++ [pid 5662] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5661] +++ exited with 0 +++ [pid 5662] <... futex resumed>) = 1 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5661, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5662] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5660] <... futex resumed>) = 0 [ 125.230916][ T5663] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 125.242244][ T5662] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5089] <... restart_syscall resumed>) = 0 [pid 5660] exit_group(0) = ? [pid 5089] umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", [pid 5662] <... futex resumed>) = ? [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5662] +++ exited with 0 +++ [pid 5660] +++ exited with 0 +++ [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5660, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5089] umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] unlink("./55/binderfs") = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./56/binderfs", [pid 5089] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] unlink("./56/binderfs" [pid 5089] newfstatat(AT_FDCWD, "./55/file0", [pid 5086] <... unlink resumed>) = 0 [pid 5667] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] <... umount2 resumed>) = 0 [pid 5086] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5668] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] newfstatat(AT_FDCWD, "./56/file0", [pid 5089] <... openat resumed>) = 4 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] newfstatat(4, "", [pid 5086] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] getdents64(4, [pid 5086] <... openat resumed>) = 4 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] newfstatat(4, "", [pid 5089] getdents64(4, [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] getdents64(4, [pid 5089] close(4 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... close resumed>) = 0 [pid 5086] getdents64(4, [pid 5089] rmdir("./55/file0" [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5086] close(4 [pid 5089] getdents64(3, [pid 5086] <... close resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] rmdir("./56/file0" [pid 5089] close(3) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5089] rmdir("./55" [pid 5669] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 5089] mkdir("./56", 0777 [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./56" [pid 5089] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5086] <... rmdir resumed>) = 0 [pid 5086] mkdir("./57", 0777) = 0 [pid 5669] <... write resumed>) = 2097152 [pid 5667] <... write resumed>) = 2097152 [pid 5669] munmap(0x7f1df2200000, 138412032 [pid 5668] <... write resumed>) = 2097152 [pid 5667] munmap(0x7f1df2200000, 138412032 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5669] <... munmap resumed>) = 0 [pid 5668] munmap(0x7f1df2200000, 138412032 [pid 5086] <... openat resumed>) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5669] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5667] <... munmap resumed>) = 0 [pid 5669] ioctl(4, LOOP_SET_FD, 3 [pid 5668] <... munmap resumed>) = 0 [pid 5667] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5669] <... ioctl resumed>) = 0 [pid 5668] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5669] close(3 [pid 5668] <... openat resumed>) = 4 [pid 5667] <... openat resumed>) = 4 [pid 5669] <... close resumed>) = 0 [pid 5668] ioctl(4, LOOP_SET_FD, 3 [pid 5669] close(4 [pid 5667] ioctl(4, LOOP_SET_FD, 3 [pid 5669] <... close resumed>) = 0 [pid 5668] <... ioctl resumed>) = 0 [pid 5669] mkdir("./file0", 0777) = 0 [ 125.399359][ T5669] loop3: detected capacity change from 0 to 4096 [ 125.421801][ T5668] loop0: detected capacity change from 0 to 4096 [ 125.422390][ T5667] loop2: detected capacity change from 0 to 4096 [pid 5669] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5668] close(3 [pid 5667] <... ioctl resumed>) = 0 [pid 5668] <... close resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5668] close(4) = 0 [pid 5668] mkdir("./file0", 0777 [pid 5089] close(3) = 0 [pid 5668] <... mkdir resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5668] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5667] close(3) = 0 [pid 5667] close(4 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5670 [pid 5667] <... close resumed>) = 0 [pid 5667] mkdir("./file0", 0777) = 0 ./strace-static-x86_64: Process 5670 attached [pid 5667] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] close(3 [pid 5670] set_robust_list(0x555580b0d6a0, 24 [pid 5086] <... close resumed>) = 0 [pid 5670] <... set_robust_list resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5670] chdir("./56") = 0 [pid 5670] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5670] setpgid(0, 0) = 0 [ 125.446880][ T5669] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 125.483616][ T5668] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). ./strace-static-x86_64: Process 5671 attached [pid 5670] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5671] set_robust_list(0x555580b0d6a0, 24) = 0 executing program executing program [pid 5671] chdir("./57" [pid 5670] <... openat resumed>) = 3 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5671 [pid 5671] <... chdir resumed>) = 0 [pid 5671] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5671] setpgid(0, 0) = 0 [pid 5670] write(3, "1000", 4) = 4 [pid 5671] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5670] close(3) = 0 [pid 5670] symlink("/dev/binderfs", "./binderfs" [pid 5671] <... openat resumed>) = 3 [pid 5671] write(3, "1000", 4 [pid 5670] <... symlink resumed>) = 0 [pid 5671] <... write resumed>) = 4 [pid 5670] write(1, "executing program\n", 18) = 18 [pid 5671] close(3 [pid 5670] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5671] <... close resumed>) = 0 [pid 5670] <... futex resumed>) = 0 [pid 5671] symlink("/dev/binderfs", "./binderfs" [pid 5670] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5670] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5671] <... symlink resumed>) = 0 [pid 5670] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5671] write(1, "executing program\n", 18 [pid 5670] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5671] <... write resumed>) = 18 [pid 5670] <... mmap resumed>) = 0x7f1dfa693000 [pid 5671] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5670] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5671] <... futex resumed>) = 0 [pid 5670] <... mprotect resumed>) = 0 [pid 5671] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5671] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5670] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5671] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5671] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5670] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5671] <... mmap resumed>) = 0x7f1dfa693000 [pid 5670] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [ 125.493112][ T5667] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5671] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 5672 attached ) = 0 [pid 5670] <... clone3 resumed> => {parent_tid=[5672]}, 88) = 5672 [pid 5672] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5670] rt_sigprocmask(SIG_SETMASK, [], [pid 5671] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5672] <... rseq resumed>) = 0 [pid 5670] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5672] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5670] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5672] <... set_robust_list resumed>) = 0 [pid 5670] <... futex resumed>) = 0 [pid 5672] rt_sigprocmask(SIG_SETMASK, [], [pid 5671] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5672] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5671] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5670] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5672] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5673 attached [pid 5671] <... clone3 resumed> => {parent_tid=[5673]}, 88) = 5673 [pid 5672] <... memfd_create resumed>) = 3 [pid 5673] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5671] rt_sigprocmask(SIG_SETMASK, [], [pid 5669] <... mount resumed>) = 0 [pid 5668] <... mount resumed>) = 0 [pid 5671] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5673] <... rseq resumed>) = 0 [pid 5669] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5671] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5673] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5669] <... openat resumed>) = 3 [pid 5673] <... set_robust_list resumed>) = 0 [pid 5671] <... futex resumed>) = 0 [pid 5673] rt_sigprocmask(SIG_SETMASK, [], [pid 5671] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5669] chdir("./file0" [pid 5672] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5673] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5672] <... mmap resumed>) = 0x7f1df2200000 [pid 5669] <... chdir resumed>) = 0 [pid 5673] memfd_create("syzkaller", 0 [pid 5669] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5673] <... memfd_create resumed>) = 3 [pid 5669] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5668] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5669] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5668] <... openat resumed>) = 3 [pid 5669] <... futex resumed>) = 1 [pid 5668] chdir("./file0" [pid 5666] <... futex resumed>) = 0 [pid 5673] <... mmap resumed>) = 0x7f1df2200000 [pid 5669] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5668] <... chdir resumed>) = 0 [pid 5666] exit_group(0 [pid 5669] <... futex resumed>) = ? [pid 5668] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5666] <... exit_group resumed>) = ? [pid 5669] +++ exited with 0 +++ [pid 5668] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 125.554064][ T5669] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 125.563082][ T5668] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5668] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5664] <... futex resumed>) = 0 [pid 5668] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5664] exit_group(0 [pid 5668] <... futex resumed>) = ? [pid 5664] <... exit_group resumed>) = ? [pid 5666] +++ exited with 0 +++ [pid 5668] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5666, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5088] umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5664] +++ exited with 0 +++ [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5664, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] newfstatat(AT_FDCWD, "./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5088] unlink("./56/binderfs" [pid 5085] newfstatat(3, "", [pid 5088] <... unlink resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(3, [pid 5088] <... umount2 resumed>) = 0 [pid 5667] <... mount resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5667] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./56/binderfs" [pid 5667] <... openat resumed>) = 3 [pid 5088] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5667] chdir("./file0" [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... unlink resumed>) = 0 [pid 5667] <... chdir resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./56/file0", [pid 5085] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5667] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5672] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5667] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5667] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5665] <... futex resumed>) = 0 [pid 5665] exit_group(0 [pid 5088] openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5665] <... exit_group resumed>) = ? [pid 5088] <... openat resumed>) = 4 [pid 5088] newfstatat(4, "", [pid 5085] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [ 125.625425][ T5667] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5085] newfstatat(AT_FDCWD, "./56/file0", [pid 5673] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5667] +++ exited with 0 +++ [pid 5665] +++ exited with 0 +++ [pid 5088] getdents64(4, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5665, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5085] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] close(4) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] rmdir("./56/file0" [pid 5087] umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... rmdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] getdents64(3, [pid 5087] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... openat resumed>) = 4 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5088] close(3 [pid 5087] newfstatat(3, "", [pid 5085] newfstatat(4, "", [pid 5088] <... close resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] rmdir("./56") = 0 [pid 5087] getdents64(3, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] mkdir("./57", 0777 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] getdents64(4, [pid 5088] <... mkdir resumed>) = 0 [pid 5087] umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] <... openat resumed>) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] newfstatat(AT_FDCWD, "./56/binderfs", [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] close(4) = 0 [pid 5087] unlink("./56/binderfs" [pid 5085] rmdir("./56/file0" [pid 5087] <... unlink resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5087] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./56") = 0 [pid 5085] mkdir("./57", 0777 [pid 5087] <... umount2 resumed>) = 0 [pid 5672] <... write resumed>) = 2097152 [pid 5087] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... mkdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] newfstatat(AT_FDCWD, "./56/file0", [pid 5672] munmap(0x7f1df2200000, 138412032 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5087] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5087] <... openat resumed>) = 4 [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5672] <... munmap resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5087] getdents64(4, [pid 5672] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5087] rmdir("./56/file0") = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./56") = 0 [pid 5087] mkdir("./57", 0777) = 0 [pid 5673] <... write resumed>) = 2097152 [pid 5672] <... openat resumed>) = 4 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5673] munmap(0x7f1df2200000, 138412032 [pid 5672] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... openat resumed>) = 3 [pid 5673] <... munmap resumed>) = 0 [pid 5088] close(3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5674 attached [pid 5674] set_robust_list(0x555580b0d6a0, 24 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5674 [pid 5674] <... set_robust_list resumed>) = 0 [pid 5674] chdir("./57") = 0 [pid 5674] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5673] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5672] <... ioctl resumed>) = 0 [pid 5674] setpgid(0, 0 [pid 5673] <... openat resumed>) = 4 [pid 5674] <... setpgid resumed>) = 0 [pid 5673] ioctl(4, LOOP_SET_FD, 3 [pid 5672] close(3 [pid 5674] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5672] <... close resumed>) = 0 [pid 5674] <... openat resumed>) = 3 [pid 5672] close(4) = 0 [pid 5674] write(3, "1000", 4) = 4 [pid 5672] mkdir("./file0", 0777 [pid 5674] close(3 [pid 5672] <... mkdir resumed>) = 0 [pid 5674] <... close resumed>) = 0 [pid 5672] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5673] <... ioctl resumed>) = 0 [ 125.756257][ T5672] loop4: detected capacity change from 0 to 4096 [ 125.785976][ T5673] loop1: detected capacity change from 0 to 4096 [pid 5673] close(3 [pid 5674] symlink("/dev/binderfs", "./binderfs" [pid 5673] <... close resumed>) = 0 [pid 5673] close(4 [pid 5674] <... symlink resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5674] write(1, "executing program\n", 18 [pid 5673] <... close resumed>) = 0 executing program [pid 5673] mkdir("./file0", 0777 [pid 5674] <... write resumed>) = 18 [pid 5673] <... mkdir resumed>) = 0 [pid 5674] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] close(3 [pid 5674] <... futex resumed>) = 0 [pid 5673] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... ioctl resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5674] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] close(3./strace-static-x86_64: Process 5675 attached [pid 5674] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] <... close resumed>) = 0 [pid 5675] set_robust_list(0x555580b0d6a0, 24 [pid 5674] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5675 [pid 5675] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5676 attached [pid 5675] chdir("./57" [pid 5674] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5676] set_robust_list(0x555580b0d6a0, 24 [pid 5675] <... chdir resumed>) = 0 [pid 5674] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5676 [pid 5676] <... set_robust_list resumed>) = 0 [pid 5674] <... mmap resumed>) = 0x7f1dfa693000 [pid 5676] chdir("./57") = 0 [pid 5675] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5674] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5676] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5675] <... prctl resumed>) = 0 [pid 5674] <... mprotect resumed>) = 0 [pid 5676] <... prctl resumed>) = 0 [pid 5675] setpgid(0, 0 [pid 5674] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5676] setpgid(0, 0 [pid 5675] <... setpgid resumed>) = 0 [pid 5674] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5676] <... setpgid resumed>) = 0 [pid 5675] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5674] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5677 attached [pid 5676] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5675] <... openat resumed>) = 3 [pid 5677] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5676] <... openat resumed>) = 3 [pid 5675] write(3, "1000", 4 [pid 5674] <... clone3 resumed> => {parent_tid=[5677]}, 88) = 5677 [pid 5677] <... rseq resumed>) = 0 [pid 5676] write(3, "1000", 4 [pid 5675] <... write resumed>) = 4 [pid 5674] rt_sigprocmask(SIG_SETMASK, [], [pid 5677] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5676] <... write resumed>) = 4 [pid 5675] close(3 [pid 5674] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 125.824229][ T5672] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 125.858493][ T5673] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5677] <... set_robust_list resumed>) = 0 [pid 5676] close(3 [pid 5675] <... close resumed>) = 0 [pid 5674] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5677] rt_sigprocmask(SIG_SETMASK, [], [pid 5676] <... close resumed>) = 0 [pid 5675] symlink("/dev/binderfs", "./binderfs" [pid 5674] <... futex resumed>) = 0 [pid 5677] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5676] symlink("/dev/binderfs", "./binderfs" [pid 5674] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5675] <... symlink resumed>) = 0 executing program [pid 5676] <... symlink resumed>) = 0 [pid 5675] write(1, "executing program\n", 18 [pid 5677] memfd_create("syzkaller", 0 [pid 5676] write(1, "executing program\n", 18 [pid 5675] <... write resumed>) = 18 [pid 5675] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000executing program [pid 5676] <... write resumed>) = 18 [pid 5677] <... memfd_create resumed>) = 3 [pid 5676] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5677] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5676] <... futex resumed>) = 0 [pid 5677] <... mmap resumed>) = 0x7f1df2200000 [pid 5676] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5675] <... futex resumed>) = 0 [pid 5676] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5675] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5676] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5675] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5676] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5675] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5676] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5676] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5676] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5676] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5678 attached => {parent_tid=[5678]}, 88) = 5678 [pid 5678] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5676] rt_sigprocmask(SIG_SETMASK, [], [pid 5678] <... rseq resumed>) = 0 [pid 5675] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5678] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5676] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5675] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5678] <... set_robust_list resumed>) = 0 [pid 5676] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5675] <... mmap resumed>) = 0x7f1dfa693000 [pid 5678] rt_sigprocmask(SIG_SETMASK, [], [pid 5676] <... futex resumed>) = 0 [pid 5675] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5678] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5676] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5675] <... mprotect resumed>) = 0 [pid 5673] <... mount resumed>) = 0 [pid 5678] memfd_create("syzkaller", 0) = 3 [pid 5675] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5673] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5678] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5675] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5673] <... openat resumed>) = 3 [pid 5678] <... mmap resumed>) = 0x7f1df2200000 [pid 5675] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5673] chdir("./file0"./strace-static-x86_64: Process 5679 attached ) = 0 [pid 5679] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5675] <... clone3 resumed> => {parent_tid=[5679]}, 88) = 5679 [pid 5673] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5675] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5673] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5675] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5673] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5679] <... rseq resumed>) = 0 [pid 5675] <... futex resumed>) = 0 [pid 5673] <... futex resumed>) = 1 [pid 5671] <... futex resumed>) = 0 [pid 5679] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5675] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5673] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5671] exit_group(0 [pid 5679] <... set_robust_list resumed>) = 0 [pid 5677] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5673] <... futex resumed>) = ? [pid 5671] <... exit_group resumed>) = ? [pid 5679] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 125.920476][ T5673] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5679] memfd_create("syzkaller", 0) = 3 [pid 5673] +++ exited with 0 +++ [pid 5671] +++ exited with 0 +++ [pid 5679] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5672] <... mount resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5671, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5672] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5672] chdir("./file0" [pid 5086] umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5672] <... chdir resumed>) = 0 [pid 5672] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5672] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5672] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5672] <... futex resumed>) = 1 [pid 5670] <... futex resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5672] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5670] exit_group(0 [pid 5086] newfstatat(3, "", [pid 5672] <... futex resumed>) = ? [pid 5670] <... exit_group resumed>) = ? [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5672] +++ exited with 0 +++ [pid 5679] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] getdents64(3, [pid 5670] +++ exited with 0 +++ [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5670, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5086] umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./57/binderfs", [pid 5089] openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] newfstatat(3, "", [pid 5086] unlink("./57/binderfs" [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 5086] <... unlink resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./56/binderfs", [pid 5086] <... umount2 resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] unlink("./56/binderfs" [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5678] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5677] <... write resumed>) = 2097152 [pid 5089] <... unlink resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./57/file0", [pid 5677] munmap(0x7f1df2200000, 138412032 [pid 5089] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4 [pid 5089] <... umount2 resumed>) = 0 [pid 5086] <... close resumed>) = 0 [ 125.981659][ T5672] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5086] rmdir("./57/file0") = 0 [pid 5679] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5677] <... munmap resumed>) = 0 [pid 5089] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(3, [pid 5678] <... write resumed>) = 2097152 [pid 5677] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5678] munmap(0x7f1df2200000, 138412032 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5677] <... openat resumed>) = 4 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] close(3 [pid 5677] ioctl(4, LOOP_SET_FD, 3 [pid 5089] newfstatat(AT_FDCWD, "./56/file0", [pid 5678] <... munmap resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5678] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5677] <... ioctl resumed>) = 0 [pid 5089] umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... close resumed>) = 0 [pid 5679] <... write resumed>) = 2097152 [pid 5678] <... openat resumed>) = 4 [pid 5677] close(3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] rmdir("./57" [pid 5679] munmap(0x7f1df2200000, 138412032 [pid 5678] ioctl(4, LOOP_SET_FD, 3 [pid 5089] openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5677] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [pid 5086] <... rmdir resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 5086] mkdir("./58", 0777 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] rmdir("./56/file0" [pid 5086] <... openat resumed>) = 3 [pid 5089] <... rmdir resumed>) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5089] getdents64(3, [pid 5679] <... munmap resumed>) = 0 [pid 5678] <... ioctl resumed>) = 0 [pid 5677] close(4 [pid 5679] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5679] <... openat resumed>) = 4 [pid 5677] <... close resumed>) = 0 [pid 5089] close(3 [ 126.052489][ T5677] loop3: detected capacity change from 0 to 4096 [ 126.081291][ T5678] loop2: detected capacity change from 0 to 4096 [pid 5679] ioctl(4, LOOP_SET_FD, 3 [pid 5677] mkdir("./file0", 0777 [pid 5089] <... close resumed>) = 0 [pid 5678] close(3 [pid 5089] rmdir("./56" [pid 5678] <... close resumed>) = 0 [pid 5677] <... mkdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5678] close(4 [pid 5089] mkdir("./57", 0777 [pid 5678] <... close resumed>) = 0 [pid 5678] mkdir("./file0", 0777 [pid 5677] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5678] <... mkdir resumed>) = 0 [pid 5679] <... ioctl resumed>) = 0 [pid 5678] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5679] close(3) = 0 [pid 5679] close(4) = 0 [pid 5679] mkdir("./file0", 0777) = 0 [ 126.098122][ T5679] loop0: detected capacity change from 0 to 4096 [ 126.111751][ T5677] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 126.123061][ T5678] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 126.132537][ T5679] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5679] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... ioctl resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5680 attached [pid 5680] set_robust_list(0x555580b0d6a0, 24 [pid 5679] <... mount resumed>) = 0 [pid 5089] close(3 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5680 [pid 5680] <... set_robust_list resumed>) = 0 [pid 5680] chdir("./58") = 0 [pid 5680] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5680] setpgid(0, 0) = 0 [pid 5680] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5680] <... openat resumed>) = 3 [pid 5678] <... mount resumed>) = 0 [pid 5677] <... mount resumed>) = 0 [pid 5678] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5677] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5678] <... openat resumed>) = 3 [pid 5678] chdir("./file0" [pid 5680] write(3, "1000", 4 [pid 5678] <... chdir resumed>) = 0 [pid 5677] <... openat resumed>) = 3 [pid 5680] <... write resumed>) = 4 [pid 5680] close(3) = 0 [pid 5677] chdir("./file0" [pid 5678] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 5681 attached [pid 5681] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5680] symlink("/dev/binderfs", "./binderfs" [pid 5678] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5677] <... chdir resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5681 [pid 5681] chdir("./57" [pid 5680] <... symlink resumed>) = 0 [pid 5678] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5677] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5681] <... chdir resumed>) = 0 [pid 5678] <... futex resumed>) = 1 [pid 5677] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5681] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5678] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5681] <... prctl resumed>) = 0 [pid 5677] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5676] <... futex resumed>) = 0 [pid 5681] setpgid(0, 0 [pid 5677] <... futex resumed>) = 1 [pid 5676] exit_group(0 [pid 5681] <... setpgid resumed>) = 0 [pid 5677] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5674] <... futex resumed>) = 0 [pid 5678] <... futex resumed>) = ? [pid 5676] <... exit_group resumed>) = ? [pid 5680] write(1, "executing program\n", 18 [pid 5679] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5678] +++ exited with 0 +++ [pid 5674] exit_group(0executing program [pid 5681] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5680] <... write resumed>) = 18 [pid 5679] <... openat resumed>) = 3 [pid 5677] <... futex resumed>) = ? [pid 5674] <... exit_group resumed>) = ? [pid 5680] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5679] chdir("./file0" [pid 5680] <... futex resumed>) = 0 [pid 5679] <... chdir resumed>) = 0 [pid 5677] +++ exited with 0 +++ [pid 5680] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5679] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5680] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5679] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5680] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5679] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5681] <... openat resumed>) = 3 [pid 5680] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5679] <... futex resumed>) = 1 [pid 5680] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5679] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5681] write(3, "1000", 4 [pid 5680] <... mmap resumed>) = 0x7f1dfa693000 [pid 5676] +++ exited with 0 +++ [pid 5675] <... futex resumed>) = 0 [pid 5681] <... write resumed>) = 4 [pid 5680] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5675] exit_group(0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5676, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5681] close(3 [pid 5680] <... mprotect resumed>) = 0 [pid 5679] <... futex resumed>) = ? [pid 5675] <... exit_group resumed>) = ? [pid 5674] +++ exited with 0 +++ [pid 5681] <... close resumed>) = 0 [pid 5680] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5679] +++ exited with 0 +++ [pid 5675] +++ exited with 0 +++ [pid 5680] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5680] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5675, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- ./strace-static-x86_64: Process 5682 attached [pid 5682] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5681] symlink("/dev/binderfs", "./binderfs" [ 126.197501][ T5678] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 126.221492][ T5679] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 126.232532][ T5677] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5680] <... clone3 resumed> => {parent_tid=[5682]}, 88) = 5682 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5674, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5682] <... rseq resumed>) = 0 [pid 5680] rt_sigprocmask(SIG_SETMASK, [], [pid 5682] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5681] <... symlink resumed>) = 0 [pid 5680] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5085] umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 5682] <... set_robust_list resumed>) = 0 [pid 5681] write(1, "executing program\n", 18 [pid 5680] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... restart_syscall resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5682] rt_sigprocmask(SIG_SETMASK, [], [pid 5681] <... write resumed>) = 18 [pid 5680] <... futex resumed>) = 0 [pid 5087] umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5682] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5681] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5680] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... openat resumed>) = 3 [pid 5682] memfd_create("syzkaller", 0 [pid 5681] <... futex resumed>) = 0 [pid 5088] umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 5681] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(3, "", [pid 5681] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5682] <... memfd_create resumed>) = 3 [pid 5681] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] getdents64(3, [pid 5085] getdents64(3, [pid 5682] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5681] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] newfstatat(3, "", [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5681] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5681] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5681] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] getdents64(3, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] newfstatat(AT_FDCWD, "./57/binderfs", [pid 5085] newfstatat(AT_FDCWD, "./57/binderfs", [pid 5681] <... mprotect resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5681] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] unlink("./57/binderfs" [pid 5085] unlink("./57/binderfs" [pid 5087] <... unlink resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5087] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5681] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5681] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] newfstatat(AT_FDCWD, "./57/binderfs", ./strace-static-x86_64: Process 5683 attached {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5681] <... clone3 resumed> => {parent_tid=[5683]}, 88) = 5683 [pid 5085] <... umount2 resumed>) = 0 [pid 5681] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] unlink("./57/binderfs" [pid 5085] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... unlink resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5681] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5681] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] newfstatat(AT_FDCWD, "./57/file0", [pid 5681] <... futex resumed>) = 0 [pid 5681] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5683] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5088] <... umount2 resumed>) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5683] <... rseq resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5085] newfstatat(4, "", [pid 5683] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5683] <... set_robust_list resumed>) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5683] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] getdents64(4, [pid 5683] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5683] memfd_create("syzkaller", 0 [pid 5682] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] rmdir("./57/file0" [pid 5683] <... memfd_create resumed>) = 3 [pid 5088] newfstatat(AT_FDCWD, "./57/file0", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... rmdir resumed>) = 0 [pid 5683] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] newfstatat(AT_FDCWD, "./57/file0", [pid 5088] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] getdents64(3, [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] close(3 [pid 5683] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] <... openat resumed>) = 4 [pid 5087] openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... close resumed>) = 0 [pid 5088] newfstatat(4, "", [pid 5087] <... openat resumed>) = 4 [pid 5085] rmdir("./57" [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] newfstatat(4, "", [pid 5085] <... rmdir resumed>) = 0 [pid 5088] getdents64(4, [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] mkdir("./58", 0777 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, [pid 5085] <... mkdir resumed>) = 0 [pid 5088] getdents64(4, [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] getdents64(4, [pid 5088] close(4 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] <... close resumed>) = 0 [pid 5087] close(4 [pid 5088] rmdir("./57/file0" [pid 5087] <... close resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] getdents64(3, [pid 5087] rmdir("./57/file0" [pid 5085] <... openat resumed>) = 3 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5088] close(3) = 0 [pid 5087] getdents64(3, [pid 5088] rmdir("./57") = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] mkdir("./58", 0777 [pid 5087] close(3 [pid 5088] <... mkdir resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./57") = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] mkdir("./58", 0777 [pid 5088] <... openat resumed>) = 3 [pid 5087] <... mkdir resumed>) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5682] <... write resumed>) = 2097152 [pid 5087] <... openat resumed>) = 3 [pid 5683] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5682] munmap(0x7f1df2200000, 138412032 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5682] <... munmap resumed>) = 0 [pid 5682] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5682] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5683] <... write resumed>) = 2097152 [pid 5088] <... ioctl resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5682] close(3) = 0 [pid 5682] close(4 [pid 5088] close(3 [pid 5682] <... close resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5682] mkdir("./file0", 0777 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5683] munmap(0x7f1df2200000, 138412032 [pid 5682] <... mkdir resumed>) = 0 [pid 5682] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5684 ./strace-static-x86_64: Process 5684 attached [ 126.443008][ T5682] loop1: detected capacity change from 0 to 4096 [pid 5684] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5684] chdir("./58") = 0 [pid 5684] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5684] setpgid(0, 0) = 0 [pid 5684] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5085] close(3 [pid 5684] write(3, "1000", 4) = 4 [pid 5085] <... close resumed>) = 0 [pid 5684] close(3 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5683] <... munmap resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5684] <... close resumed>) = 0 [pid 5683] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5683] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5685 attached [pid 5684] symlink("/dev/binderfs", "./binderfs" [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5684] <... symlink resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5685 executing program [pid 5684] write(1, "executing program\n", 18 [pid 5685] set_robust_list(0x555580b0d6a0, 24 [pid 5684] <... write resumed>) = 18 ./strace-static-x86_64: Process 5686 attached [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5686 [pid 5686] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5686] chdir("./58") = 0 [pid 5686] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5686] setpgid(0, 0) = 0 [pid 5686] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5683] <... ioctl resumed>) = 0 [pid 5683] close(3) = 0 [pid 5686] write(3, "1000", 4 [pid 5683] close(4 [pid 5686] <... write resumed>) = 4 [pid 5685] <... set_robust_list resumed>) = 0 [pid 5684] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5683] <... close resumed>) = 0 [pid 5686] close(3 [pid 5683] mkdir("./file0", 0777 [pid 5686] <... close resumed>) = 0 [pid 5685] chdir("./58" [pid 5684] <... futex resumed>) = 0 [pid 5683] <... mkdir resumed>) = 0 [pid 5686] symlink("/dev/binderfs", "./binderfs" [pid 5685] <... chdir resumed>) = 0 [ 126.486271][ T5682] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 126.515695][ T5683] loop4: detected capacity change from 0 to 4096 [pid 5684] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5686] <... symlink resumed>) = 0 [pid 5685] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5684] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5683] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5684] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5684] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5686] write(1, "executing program\n", 18 [pid 5685] <... prctl resumed>) = 0 [pid 5684] <... mmap resumed>) = 0x7f1dfa693000 executing program [pid 5686] <... write resumed>) = 18 [pid 5686] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5686] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5685] setpgid(0, 0 [pid 5684] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5686] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5686] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5686] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5685] <... setpgid resumed>) = 0 [pid 5684] <... mprotect resumed>) = 0 [pid 5686] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5686] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5684] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5684] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5685] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5686] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5686] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5688]}, 88) = 5688 [pid 5686] rt_sigprocmask(SIG_SETMASK, [], [pid 5685] <... openat resumed>) = 3 [pid 5686] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5686] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5685] write(3, "1000", 4 [pid 5684] <... clone3 resumed> => {parent_tid=[5687]}, 88) = 5687 [pid 5682] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5688 attached ./strace-static-x86_64: Process 5687 attached [pid 5686] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5685] <... write resumed>) = 4 [pid 5684] rt_sigprocmask(SIG_SETMASK, [], [pid 5688] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5687] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5685] close(3 [pid 5688] <... rseq resumed>) = 0 [pid 5687] <... rseq resumed>) = 0 [pid 5685] <... close resumed>) = 0 [pid 5684] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5682] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5688] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5687] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5685] symlink("/dev/binderfs", "./binderfs" [pid 5684] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5682] <... openat resumed>) = 3 [pid 5688] <... set_robust_list resumed>) = 0 [pid 5687] <... set_robust_list resumed>) = 0 [pid 5685] <... symlink resumed>) = 0 [pid 5684] <... futex resumed>) = 0 [pid 5682] chdir("./file0" [pid 5688] rt_sigprocmask(SIG_SETMASK, [], [pid 5687] rt_sigprocmask(SIG_SETMASK, [], [pid 5685] write(1, "executing program\n", 18 executing program [pid 5684] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5682] <... chdir resumed>) = 0 [pid 5688] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5687] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5685] <... write resumed>) = 18 [pid 5682] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5688] memfd_create("syzkaller", 0 [pid 5687] memfd_create("syzkaller", 0 [pid 5685] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5682] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5685] <... futex resumed>) = 0 [pid 5682] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5680] <... futex resumed>) = 0 [pid 5685] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5680] exit_group(0 [pid 5688] <... memfd_create resumed>) = 3 [pid 5687] <... memfd_create resumed>) = 3 [pid 5685] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5680] <... exit_group resumed>) = ? [pid 5688] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5687] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5682] +++ exited with 0 +++ [pid 5680] +++ exited with 0 +++ [ 126.569420][ T5683] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 126.578793][ T5682] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5685] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5688] <... mmap resumed>) = 0x7f1df2200000 [pid 5687] <... mmap resumed>) = 0x7f1df2200000 [pid 5685] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5680, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5685] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5685] <... mmap resumed>) = 0x7f1dfa693000 [pid 5086] <... restart_syscall resumed>) = 0 [pid 5685] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] umount2("./58", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5685] <... mprotect resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5685] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5086] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5685] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5685] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5689 attached [pid 5687] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5685] <... clone3 resumed> => {parent_tid=[5689]}, 88) = 5689 [pid 5086] umount2("./58/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5689] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5685] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5689] <... rseq resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./58/binderfs", [pid 5689] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5683] <... mount resumed>) = 0 [pid 5689] <... set_robust_list resumed>) = 0 [pid 5685] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5689] rt_sigprocmask(SIG_SETMASK, [], [pid 5685] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5683] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] unlink("./58/binderfs" [pid 5689] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5685] <... futex resumed>) = 0 [pid 5086] <... unlink resumed>) = 0 [pid 5685] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5683] <... openat resumed>) = 3 [pid 5683] chdir("./file0") = 0 [pid 5086] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5689] memfd_create("syzkaller", 0 [pid 5688] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5687] <... write resumed>) = 2097152 [pid 5683] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] <... umount2 resumed>) = 0 [pid 5689] <... memfd_create resumed>) = 3 [pid 5687] munmap(0x7f1df2200000, 138412032 [pid 5683] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5689] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5687] <... munmap resumed>) = 0 [pid 5683] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5689] <... mmap resumed>) = 0x7f1df2200000 [ 126.658766][ T5683] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5086] newfstatat(AT_FDCWD, "./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5681] <... futex resumed>) = 0 [pid 5681] exit_group(0) = ? [pid 5683] <... futex resumed>) = ? [pid 5086] openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5687] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5688] <... write resumed>) = 2097152 [pid 5687] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... openat resumed>) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, [pid 5683] +++ exited with 0 +++ [pid 5681] +++ exited with 0 +++ [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5681, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4 [pid 5688] munmap(0x7f1df2200000, 138412032) = 0 [pid 5687] <... ioctl resumed>) = 0 [pid 5089] umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... close resumed>) = 0 [pid 5688] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5687] close(3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] rmdir("./58/file0" [pid 5688] <... openat resumed>) = 4 [pid 5687] <... close resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5687] close(4 [pid 5089] <... openat resumed>) = 3 [pid 5086] <... rmdir resumed>) = 0 [pid 5688] ioctl(4, LOOP_SET_FD, 3 [pid 5687] <... close resumed>) = 0 [pid 5089] newfstatat(3, "", [pid 5086] getdents64(3, [pid 5689] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5688] <... ioctl resumed>) = 0 [pid 5687] mkdir("./file0", 0777 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] getdents64(3, [pid 5086] close(3 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] rmdir("./58" [pid 5089] newfstatat(AT_FDCWD, "./57/binderfs", [pid 5687] <... mkdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5089] unlink("./57/binderfs") = 0 [pid 5086] mkdir("./59", 0777 [pid 5089] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5687] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... mkdir resumed>) = 0 [pid 5688] close(3 [pid 5089] <... umount2 resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] <... openat resumed>) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5089] newfstatat(AT_FDCWD, "./57/file0", [pid 5688] <... close resumed>) = 0 [pid 5688] close(4) = 0 [pid 5688] mkdir("./file0", 0777 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5688] <... mkdir resumed>) = 0 [pid 5688] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 126.740400][ T5687] loop3: detected capacity change from 0 to 4096 [ 126.761765][ T5688] loop2: detected capacity change from 0 to 4096 [ 126.777991][ T5687] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5089] umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, [pid 5689] <... write resumed>) = 2097152 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5689] munmap(0x7f1df2200000, 138412032 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./57/file0") = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5689] <... munmap resumed>) = 0 [pid 5089] close(3 [pid 5689] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... close resumed>) = 0 [pid 5689] <... openat resumed>) = 4 [ 126.811740][ T5688] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5089] rmdir("./57" [pid 5689] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... rmdir resumed>) = 0 [pid 5089] mkdir("./58", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5086] <... ioctl resumed>) = 0 [pid 5689] <... ioctl resumed>) = 0 [pid 5689] close(3) = 0 [pid 5689] close(4) = 0 [pid 5689] mkdir("./file0", 0777 [pid 5086] close(3) = 0 [pid 5689] <... mkdir resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5687] <... mount resumed>) = 0 [pid 5689] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5688] <... mount resumed>) = 0 [pid 5687] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... ioctl resumed>) = 0 [pid 5688] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5687] <... openat resumed>) = 3 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5690 ./strace-static-x86_64: Process 5690 attached [pid 5688] <... openat resumed>) = 3 [ 126.872518][ T5689] loop0: detected capacity change from 0 to 4096 [ 126.886753][ T5687] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 126.907766][ T5688] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5687] chdir("./file0" [pid 5690] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5690] chdir("./59") = 0 [pid 5690] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5690] setpgid(0, 0) = 0 [pid 5690] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5690] write(3, "1000", 4) = 4 [pid 5690] close(3) = 0 [pid 5089] close(3 [pid 5690] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... close resumed>) = 0 [pid 5690] <... symlink resumed>) = 0 [pid 5688] chdir("./file0" [pid 5687] <... chdir resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5688] <... chdir resumed>) = 0 [pid 5687] openat(AT_FDCWD, "/dev/loop3", O_RDWRexecuting program ./strace-static-x86_64: Process 5691 attached [pid 5690] write(1, "executing program\n", 18 [pid 5688] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5687] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5691] set_robust_list(0x555580b0d6a0, 24 [pid 5690] <... write resumed>) = 18 [pid 5688] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5687] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5688] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5687] <... futex resumed>) = 1 [pid 5684] <... futex resumed>) = 0 [pid 5691] <... set_robust_list resumed>) = 0 [pid 5690] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5688] <... futex resumed>) = 1 [pid 5687] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5686] <... futex resumed>) = 0 [pid 5684] exit_group(0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5691 [pid 5691] chdir("./58" [pid 5690] <... futex resumed>) = 0 [pid 5688] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5687] <... futex resumed>) = ? [pid 5686] exit_group(0 [pid 5684] <... exit_group resumed>) = ? [pid 5691] <... chdir resumed>) = 0 [pid 5687] +++ exited with 0 +++ [pid 5691] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5690] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5686] <... exit_group resumed>) = ? [pid 5691] <... prctl resumed>) = 0 [pid 5690] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5691] setpgid(0, 0 [pid 5690] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5691] <... setpgid resumed>) = 0 [pid 5690] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5691] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5690] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5688] <... futex resumed>) = ? [pid 5690] <... mmap resumed>) = 0x7f1dfa693000 [pid 5691] <... openat resumed>) = 3 [pid 5690] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5691] write(3, "1000", 4 [pid 5690] <... mprotect resumed>) = 0 [pid 5684] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5684, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5690] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5691] <... write resumed>) = 4 [pid 5691] close(3 [pid 5690] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5691] <... close resumed>) = 0 [pid 5690] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5691] symlink("/dev/binderfs", "./binderfs" [pid 5088] umount2("./58", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5692 attached [pid 5691] <... symlink resumed>) = 0 [pid 5690] <... clone3 resumed> => {parent_tid=[5692]}, 88) = 5692 [pid 5688] +++ exited with 0 +++ [pid 5686] +++ exited with 0 +++ executing program [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5692] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5691] write(1, "executing program\n", 18 [pid 5690] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5692] <... rseq resumed>) = 0 [pid 5691] <... write resumed>) = 18 [pid 5690] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5686, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5692] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5691] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5690] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... openat resumed>) = 3 [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5692] <... set_robust_list resumed>) = 0 [pid 5691] <... futex resumed>) = 0 [pid 5690] <... futex resumed>) = 0 [pid 5088] newfstatat(3, "", [pid 5087] <... restart_syscall resumed>) = 0 [pid 5692] rt_sigprocmask(SIG_SETMASK, [], [pid 5691] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5690] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5691] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5692] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5691] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5691] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5691] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5088] getdents64(3, [pid 5691] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [ 126.942335][ T5689] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5087] umount2("./58", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5691] <... mprotect resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5691] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5692] memfd_create("syzkaller", 0 [pid 5689] <... mount resumed>) = 0 [pid 5088] umount2("./58/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5692] <... memfd_create resumed>) = 3 [pid 5691] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5689] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... openat resumed>) = 3 [pid 5692] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5689] <... openat resumed>) = 3 [pid 5088] newfstatat(AT_FDCWD, "./58/binderfs", [pid 5087] newfstatat(3, "", ./strace-static-x86_64: Process 5693 attached [pid 5692] <... mmap resumed>) = 0x7f1df2200000 [pid 5689] chdir("./file0" [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5693] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5691] <... clone3 resumed> => {parent_tid=[5693]}, 88) = 5693 [pid 5088] unlink("./58/binderfs" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5693] <... rseq resumed>) = 0 [pid 5689] <... chdir resumed>) = 0 [pid 5087] getdents64(3, [pid 5691] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5693] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5691] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5693] <... set_robust_list resumed>) = 0 [pid 5691] <... futex resumed>) = 0 [pid 5689] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] <... unlink resumed>) = 0 [pid 5087] umount2("./58/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5693] rt_sigprocmask(SIG_SETMASK, [], [pid 5691] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5693] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5689] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5693] memfd_create("syzkaller", 0 [pid 5689] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] newfstatat(AT_FDCWD, "./58/binderfs", [pid 5693] <... memfd_create resumed>) = 3 [pid 5689] <... futex resumed>) = 1 [pid 5685] <... futex resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5693] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5689] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5685] exit_group(0 [pid 5087] unlink("./58/binderfs" [pid 5685] <... exit_group resumed>) = ? [pid 5689] <... futex resumed>) = ? [pid 5693] <... mmap resumed>) = 0x7f1df2200000 [pid 5689] +++ exited with 0 +++ [pid 5088] <... umount2 resumed>) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5088] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] newfstatat(AT_FDCWD, "./58/file0", [pid 5685] +++ exited with 0 +++ [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5088] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5692] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5685, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [ 127.002641][ T5689] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5088] <... openat resumed>) = 4 [pid 5087] newfstatat(AT_FDCWD, "./58/file0", [pid 5085] umount2("./58", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] newfstatat(4, "", [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(4, [pid 5085] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... openat resumed>) = 3 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5085] newfstatat(3, "", [pid 5088] close(4 [pid 5087] newfstatat(4, "", [pid 5088] <... close resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] rmdir("./58/file0" [pid 5087] getdents64(4, [pid 5085] getdents64(3, [pid 5088] <... rmdir resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(3, [pid 5087] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] umount2("./58/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] close(3 [pid 5087] close(4 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... close resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./58/binderfs", [pid 5088] rmdir("./58" [pid 5087] rmdir("./58/file0" [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./58/binderfs" [pid 5088] <... rmdir resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5088] mkdir("./59", 0777 [pid 5085] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... rmdir resumed>) = 0 [pid 5087] getdents64(3, [pid 5693] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5692] <... write resumed>) = 2097152 [pid 5088] <... mkdir resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5087] close(3 [pid 5692] munmap(0x7f1df2200000, 138412032 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] <... close resumed>) = 0 [pid 5085] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... openat resumed>) = 3 [pid 5087] rmdir("./58" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] <... rmdir resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./58/file0", [pid 5692] <... munmap resumed>) = 0 [pid 5087] mkdir("./59", 0777 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5085] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... openat resumed>) = 3 [pid 5085] <... openat resumed>) = 4 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./58/file0" [pid 5693] <... write resumed>) = 2097152 [pid 5692] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5693] munmap(0x7f1df2200000, 138412032 [pid 5692] <... openat resumed>) = 4 [pid 5085] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, [pid 5692] ioctl(4, LOOP_SET_FD, 3 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./58") = 0 [pid 5085] mkdir("./59", 0777 [pid 5693] <... munmap resumed>) = 0 [pid 5692] <... ioctl resumed>) = 0 [pid 5692] close(3 [pid 5693] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5692] <... close resumed>) = 0 [pid 5693] <... openat resumed>) = 4 [pid 5692] close(4 [pid 5085] <... mkdir resumed>) = 0 [pid 5693] ioctl(4, LOOP_SET_FD, 3 [pid 5692] <... close resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5692] mkdir("./file0", 0777) = 0 [pid 5692] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5693] <... ioctl resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5693] close(3) = 0 [pid 5693] close(4) = 0 [pid 5693] mkdir("./file0", 0777 [pid 5088] close(3 [pid 5693] <... mkdir resumed>) = 0 [pid 5088] <... close resumed>) = 0 [ 127.122587][ T5692] loop1: detected capacity change from 0 to 4096 [ 127.139047][ T5693] loop4: detected capacity change from 0 to 4096 [ 127.147537][ T5692] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5693] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, ""./strace-static-x86_64: Process 5694 attached [pid 5694] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5694] chdir("./59" [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5694 [pid 5694] <... chdir resumed>) = 0 [pid 5694] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] <... ioctl resumed>) = 0 [pid 5694] <... prctl resumed>) = 0 [pid 5694] setpgid(0, 0) = 0 [pid 5694] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] close(3) = 0 [pid 5694] <... openat resumed>) = 3 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5694] write(3, "1000", 4./strace-static-x86_64: Process 5695 attached ) = 4 [pid 5085] <... ioctl resumed>) = 0 [ 127.191744][ T5693] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5695] set_robust_list(0x555580b0d6a0, 24 [pid 5694] close(3 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5695 [pid 5694] <... close resumed>) = 0 [pid 5695] <... set_robust_list resumed>) = 0 [pid 5694] symlink("/dev/binderfs", "./binderfs" [pid 5085] close(3 [pid 5695] chdir("./59" [pid 5694] <... symlink resumed>) = 0 [pid 5085] <... close resumed>) = 0 executing program [pid 5695] <... chdir resumed>) = 0 [pid 5694] write(1, "executing program\n", 18 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5695] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5694] <... write resumed>) = 18 [pid 5694] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5695] <... prctl resumed>) = 0 [pid 5694] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5695] setpgid(0, 0 [pid 5694] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5695] <... setpgid resumed>) = 0 [pid 5694] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5696 ./strace-static-x86_64: Process 5696 attached [pid 5695] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5694] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5696] set_robust_list(0x555580b0d6a0, 24 [pid 5695] <... openat resumed>) = 3 [pid 5694] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5696] <... set_robust_list resumed>) = 0 [pid 5695] write(3, "1000", 4 [pid 5694] <... mmap resumed>) = 0x7f1dfa693000 [pid 5695] <... write resumed>) = 4 [pid 5694] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5695] close(3) = 0 [pid 5696] chdir("./59" [pid 5695] symlink("/dev/binderfs", "./binderfs" [pid 5694] <... mprotect resumed>) = 0 [pid 5696] <... chdir resumed>) = 0 [pid 5694] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5695] <... symlink resumed>) = 0 [pid 5694] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5696] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5695] write(1, "executing program\n", 18 [pid 5694] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}executing program [pid 5696] <... prctl resumed>) = 0 [pid 5695] <... write resumed>) = 18 ./strace-static-x86_64: Process 5697 attached [pid 5696] setpgid(0, 0 [pid 5697] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5696] <... setpgid resumed>) = 0 [pid 5696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5697] <... rseq resumed>) = 0 [pid 5696] <... openat resumed>) = 3 [pid 5695] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5697] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5695] <... futex resumed>) = 0 [pid 5694] <... clone3 resumed> => {parent_tid=[5697]}, 88) = 5697 [pid 5696] write(3, "1000", 4 [pid 5694] rt_sigprocmask(SIG_SETMASK, [], [pid 5695] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5697] <... set_robust_list resumed>) = 0 [pid 5696] <... write resumed>) = 4 [pid 5695] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5694] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5692] <... mount resumed>) = 0 [pid 5697] rt_sigprocmask(SIG_SETMASK, [], [pid 5696] close(3 [pid 5695] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5694] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5695] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5694] <... futex resumed>) = 0 [pid 5695] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5694] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5695] <... mmap resumed>) = 0x7f1dfa693000 [pid 5695] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5695] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5695] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5697] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5696] <... close resumed>) = 0 [pid 5695] <... clone3 resumed> => {parent_tid=[5698]}, 88) = 5698 [pid 5692] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5695] rt_sigprocmask(SIG_SETMASK, [], [pid 5692] <... openat resumed>) = 3 [pid 5697] memfd_create("syzkaller", 0 [pid 5696] symlink("/dev/binderfs", "./binderfs" [pid 5695] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5692] chdir("./file0" [pid 5696] <... symlink resumed>) = 0 [pid 5695] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5692] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5698 attached [pid 5696] write(1, "executing program\n", 18 [pid 5695] <... futex resumed>) = 0 [pid 5692] openat(AT_FDCWD, "/dev/loop1", O_RDWRexecuting program [pid 5698] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5697] <... memfd_create resumed>) = 3 [pid 5696] <... write resumed>) = 18 [pid 5695] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5693] <... mount resumed>) = 0 [pid 5692] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5698] <... rseq resumed>) = 0 [pid 5697] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5696] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5693] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5692] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5698] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5697] <... mmap resumed>) = 0x7f1df2200000 [pid 5696] <... futex resumed>) = 0 [pid 5693] <... openat resumed>) = 3 [pid 5698] <... set_robust_list resumed>) = 0 [pid 5696] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5698] rt_sigprocmask(SIG_SETMASK, [], [pid 5696] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5693] chdir("./file0" [pid 5698] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5696] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5693] <... chdir resumed>) = 0 [pid 5692] <... futex resumed>) = 1 [pid 5690] <... futex resumed>) = 0 [pid 5692] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5690] exit_group(0 [pid 5693] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5692] <... futex resumed>) = ? [pid 5690] <... exit_group resumed>) = ? [pid 5696] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5693] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5692] +++ exited with 0 +++ [pid 5698] memfd_create("syzkaller", 0 [pid 5696] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5693] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5690] +++ exited with 0 +++ [pid 5696] <... mmap resumed>) = 0x7f1dfa693000 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5690, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5693] <... futex resumed>) = 1 [pid 5696] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5691] <... futex resumed>) = 0 [pid 5693] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5698] <... memfd_create resumed>) = 3 [pid 5698] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5696] <... mprotect resumed>) = 0 [pid 5691] exit_group(0 [pid 5698] <... mmap resumed>) = 0x7f1df2200000 [pid 5696] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5693] <... futex resumed>) = ? [pid 5691] <... exit_group resumed>) = ? [ 127.303966][ T5692] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 127.316344][ T5693] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5086] umount2("./59", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5696] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5696] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5086] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", ./strace-static-x86_64: Process 5699 attached [pid 5699] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5699] <... rseq resumed>) = 0 [pid 5696] <... clone3 resumed> => {parent_tid=[5699]}, 88) = 5699 [pid 5086] getdents64(3, [pid 5699] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5697] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5696] rt_sigprocmask(SIG_SETMASK, [], [pid 5693] +++ exited with 0 +++ [pid 5691] +++ exited with 0 +++ [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5699] <... set_robust_list resumed>) = 0 [pid 5696] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] umount2("./59/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5699] rt_sigprocmask(SIG_SETMASK, [], [pid 5696] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5699] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5696] <... futex resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5696] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5691, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5086] newfstatat(AT_FDCWD, "./59/binderfs", [pid 5089] umount2("./58", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] unlink("./59/binderfs" [pid 5089] openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] <... unlink resumed>) = 0 [pid 5089] newfstatat(3, "", [pid 5086] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5699] memfd_create("syzkaller", 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./58/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5699] <... memfd_create resumed>) = 3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5699] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] newfstatat(AT_FDCWD, "./58/binderfs", [pid 5699] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5089] unlink("./58/binderfs") = 0 [pid 5089] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5698] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./58/file0", [pid 5086] <... openat resumed>) = 4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] newfstatat(4, "", [pid 5089] umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5697] <... write resumed>) = 2097152 [pid 5086] getdents64(4, [pid 5697] munmap(0x7f1df2200000, 138412032 [pid 5699] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5698] <... write resumed>) = 2097152 [pid 5697] <... munmap resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] getdents64(4, [pid 5698] munmap(0x7f1df2200000, 138412032 [pid 5697] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... openat resumed>) = 4 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5697] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", [pid 5697] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] close(4 [pid 5698] <... munmap resumed>) = 0 [pid 5089] getdents64(4, [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./59/file0" [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... rmdir resumed>) = 0 [pid 5089] getdents64(4, [pid 5086] getdents64(3, [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 5089] close(4 [pid 5086] <... close resumed>) = 0 [pid 5698] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... close resumed>) = 0 [pid 5086] rmdir("./59" [pid 5698] <... openat resumed>) = 4 [pid 5089] rmdir("./58/file0" [pid 5698] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... rmdir resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./58") = 0 [pid 5089] mkdir("./59", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5697] <... ioctl resumed>) = 0 [pid 5699] <... write resumed>) = 2097152 [pid 5698] <... ioctl resumed>) = 0 [pid 5086] mkdir("./60", 0777 [pid 5699] munmap(0x7f1df2200000, 138412032) = 0 [pid 5698] close(3 [pid 5697] close(3 [pid 5086] <... mkdir resumed>) = 0 [pid 5699] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5698] <... close resumed>) = 0 [pid 5697] <... close resumed>) = 0 [pid 5699] <... openat resumed>) = 4 [ 127.455165][ T5697] loop3: detected capacity change from 0 to 4096 [ 127.470694][ T5698] loop2: detected capacity change from 0 to 4096 [pid 5698] close(4 [pid 5697] close(4 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5699] ioctl(4, LOOP_SET_FD, 3 [pid 5698] <... close resumed>) = 0 [pid 5699] <... ioctl resumed>) = 0 [pid 5697] <... close resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5698] mkdir("./file0", 0777 [pid 5697] mkdir("./file0", 0777 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5698] <... mkdir resumed>) = 0 [pid 5697] <... mkdir resumed>) = 0 [pid 5698] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5697] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5699] close(3) = 0 [pid 5699] close(4) = 0 [pid 5699] mkdir("./file0", 0777) = 0 [pid 5699] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... ioctl resumed>) = 0 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5700 attached , child_tidptr=0x555580b0d690) = 5700 [pid 5700] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5700] chdir("./59") = 0 [ 127.503134][ T5699] loop0: detected capacity change from 0 to 4096 [ 127.516671][ T5697] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 127.526005][ T5698] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 127.540255][ T5699] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5700] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5700] setpgid(0, 0) = 0 [pid 5700] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] <... ioctl resumed>) = 0 executing program [pid 5700] write(3, "1000", 4) = 4 [pid 5700] close(3) = 0 [pid 5700] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5700] write(1, "executing program\n", 18) = 18 [pid 5700] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5700] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5700] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5700] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5699] <... mount resumed>) = 0 [pid 5700] <... mmap resumed>) = 0x7f1dfa693000 [pid 5700] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] close(3 [pid 5700] <... mprotect resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5701 attached [pid 5700] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5701] set_robust_list(0x555580b0d6a0, 24 [pid 5700] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5700] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5701] <... set_robust_list resumed>) = 0 [pid 5701] chdir("./60" [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5701 ./strace-static-x86_64: Process 5702 attached [pid 5702] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5702] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5702] rt_sigprocmask(SIG_SETMASK, [], [pid 5701] <... chdir resumed>) = 0 [pid 5700] <... clone3 resumed> => {parent_tid=[5702]}, 88) = 5702 [pid 5702] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5701] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5700] rt_sigprocmask(SIG_SETMASK, [], [pid 5702] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5701] <... prctl resumed>) = 0 [pid 5700] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5701] setpgid(0, 0 [pid 5700] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5702] <... futex resumed>) = 0 [pid 5701] <... setpgid resumed>) = 0 [pid 5700] <... futex resumed>) = 1 [pid 5699] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5698] <... mount resumed>) = 0 [pid 5700] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5702] memfd_create("syzkaller", 0 [pid 5701] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5699] <... openat resumed>) = 3 [pid 5698] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5699] chdir("./file0" [pid 5698] <... openat resumed>) = 3 [pid 5699] <... chdir resumed>) = 0 [pid 5699] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5699] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5702] <... memfd_create resumed>) = 3 [pid 5699] <... futex resumed>) = 1 [pid 5698] chdir("./file0" [pid 5697] <... mount resumed>) = 0 [pid 5696] <... futex resumed>) = 0 [pid 5699] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5696] exit_group(0 [pid 5699] <... futex resumed>) = ? [pid 5697] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5696] <... exit_group resumed>) = ? [pid 5702] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5699] +++ exited with 0 +++ [pid 5698] <... chdir resumed>) = 0 [pid 5697] <... openat resumed>) = 3 [pid 5702] <... mmap resumed>) = 0x7f1df2200000 [pid 5701] <... openat resumed>) = 3 [pid 5701] write(3, "1000", 4 [pid 5698] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5701] <... write resumed>) = 4 [pid 5701] close(3) = 0 [pid 5698] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5697] chdir("./file0" [pid 5701] symlink("/dev/binderfs", "./binderfs" [pid 5698] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5697] <... chdir resumed>) = 0 [pid 5697] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5701] <... symlink resumed>) = 0 [pid 5698] <... futex resumed>) = 1 [pid 5697] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 127.612927][ T5699] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 127.630306][ T5697] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 127.642139][ T5698] ntfs3: loop2: Failed to initialize $Extend/$ObjId. executing program [pid 5695] <... futex resumed>) = 0 [pid 5701] write(1, "executing program\n", 18 [pid 5698] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5697] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5696] +++ exited with 0 +++ [pid 5697] <... futex resumed>) = 1 [pid 5694] <... futex resumed>) = 0 [pid 5701] <... write resumed>) = 18 [pid 5697] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5695] exit_group(0 [pid 5694] exit_group(0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5696, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5701] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5698] <... futex resumed>) = ? [pid 5697] <... futex resumed>) = ? [pid 5695] <... exit_group resumed>) = ? [pid 5694] <... exit_group resumed>) = ? [pid 5701] <... futex resumed>) = 0 [pid 5698] +++ exited with 0 +++ [pid 5697] +++ exited with 0 +++ [pid 5085] umount2("./59", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5701] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5694] +++ exited with 0 +++ [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5694, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5085] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", [pid 5088] umount2("./59", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5701] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5695] +++ exited with 0 +++ [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] getdents64(3, [pid 5701] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5695, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5701] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5085] umount2("./59/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5701] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] newfstatat(3, "", [pid 5087] <... restart_syscall resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5701] <... mmap resumed>) = 0x7f1dfa693000 [pid 5085] newfstatat(AT_FDCWD, "./59/binderfs", [pid 5701] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5701] <... mprotect resumed>) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./59", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5701] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] umount2("./59/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] unlink("./59/binderfs" [pid 5701] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... unlink resumed>) = 0 [pid 5701] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] newfstatat(AT_FDCWD, "./59/binderfs", [pid 5087] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] newfstatat(3, "", [pid 5085] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5701] <... clone3 resumed> => {parent_tid=[5703]}, 88) = 5703 [pid 5701] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5703 attached [pid 5088] unlink("./59/binderfs" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5703] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5088] <... unlink resumed>) = 0 [pid 5087] getdents64(3, [pid 5703] <... rseq resumed>) = 0 [pid 5088] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5703] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5087] umount2("./59/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5703] <... set_robust_list resumed>) = 0 [pid 5701] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5703] rt_sigprocmask(SIG_SETMASK, [], [pid 5701] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5703] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5701] <... futex resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./59/binderfs", [pid 5703] memfd_create("syzkaller", 0 [pid 5701] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... umount2 resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] unlink("./59/binderfs" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... unlink resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./59/file0", [pid 5087] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5703] <... memfd_create resumed>) = 3 [pid 5702] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5703] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5703] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] newfstatat(AT_FDCWD, "./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(4, "", [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(4, [pid 5088] <... openat resumed>) = 4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(4, "", [pid 5087] newfstatat(AT_FDCWD, "./59/file0", [pid 5085] getdents64(4, [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 5088] getdents64(4, [pid 5087] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... close resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] rmdir("./59/file0" [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... rmdir resumed>) = 0 [pid 5088] getdents64(4, [pid 5087] <... openat resumed>) = 4 [pid 5085] getdents64(3, [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] newfstatat(4, "", [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(4 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] close(3 [pid 5088] <... close resumed>) = 0 [pid 5087] getdents64(4, [pid 5085] <... close resumed>) = 0 [pid 5088] rmdir("./59/file0" [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] rmdir("./59" [pid 5702] <... write resumed>) = 2097152 [pid 5702] munmap(0x7f1df2200000, 138412032) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5087] getdents64(4, [pid 5085] <... rmdir resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] mkdir("./60", 0777 [pid 5087] close(4 [pid 5702] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5703] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] getdents64(3, [pid 5087] <... close resumed>) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5702] <... openat resumed>) = 4 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] rmdir("./59/file0" [pid 5702] ioctl(4, LOOP_SET_FD, 3 [pid 5088] close(3 [pid 5087] <... rmdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./59" [pid 5087] getdents64(3, [pid 5085] <... openat resumed>) = 3 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5087] close(3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./59" [pid 5088] mkdir("./60", 0777 [pid 5087] <... rmdir resumed>) = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 5087] mkdir("./60", 0777) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5702] <... ioctl resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5702] close(3 [pid 5087] <... openat resumed>) = 3 [pid 5702] <... close resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5702] close(4) = 0 [pid 5702] mkdir("./file0", 0777 [pid 5703] <... write resumed>) = 2097152 [pid 5703] munmap(0x7f1df2200000, 138412032 [pid 5702] <... mkdir resumed>) = 0 [pid 5702] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5703] <... munmap resumed>) = 0 [pid 5703] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 127.806401][ T5702] loop4: detected capacity change from 0 to 4096 [ 127.833524][ T5702] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5703] ioctl(4, LOOP_SET_FD, 3 [pid 5085] <... ioctl resumed>) = 0 [ 127.852375][ T5703] loop1: detected capacity change from 0 to 4096 [pid 5085] close(3 [pid 5703] <... ioctl resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5703] close(3) = 0 [pid 5088] close(3 [pid 5087] close(3 [pid 5085] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5703] close(4 [pid 5088] <... close resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5703] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5703] mkdir("./file0", 0777./strace-static-x86_64: Process 5705 attached ./strace-static-x86_64: Process 5704 attached ) = 0 [pid 5702] <... mount resumed>) = 0 [pid 5705] set_robust_list(0x555580b0d6a0, 24 [pid 5703] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5704 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5705 [pid 5705] <... set_robust_list resumed>) = 0 [pid 5704] set_robust_list(0x555580b0d6a0, 24 [pid 5702] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5704] <... set_robust_list resumed>) = 0 [pid 5702] <... openat resumed>) = 3 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5706 [pid 5705] chdir("./60" [pid 5704] chdir("./60" [pid 5702] chdir("./file0") = 0 [pid 5705] <... chdir resumed>) = 0 [pid 5704] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5706 attached [pid 5705] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5704] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5702] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5706] set_robust_list(0x555580b0d6a0, 24 [pid 5705] <... prctl resumed>) = 0 [pid 5704] <... prctl resumed>) = 0 [pid 5702] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5705] setpgid(0, 0 [pid 5704] setpgid(0, 0 [pid 5706] <... set_robust_list resumed>) = 0 [pid 5705] <... setpgid resumed>) = 0 [pid 5704] <... setpgid resumed>) = 0 [pid 5702] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5700] <... futex resumed>) = 0 [pid 5704] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5702] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5700] exit_group(0 [pid 5705] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5702] <... futex resumed>) = ? [pid 5700] <... exit_group resumed>) = ? [pid 5704] <... openat resumed>) = 3 [pid 5702] +++ exited with 0 +++ [pid 5700] +++ exited with 0 +++ [pid 5704] write(3, "1000", 4 [pid 5706] chdir("./60" [pid 5705] <... openat resumed>) = 3 [pid 5704] <... write resumed>) = 4 [pid 5706] <... chdir resumed>) = 0 [pid 5705] write(3, "1000", 4 [pid 5704] close(3 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5700, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5706] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5705] <... write resumed>) = 4 [pid 5704] <... close resumed>) = 0 [pid 5706] <... prctl resumed>) = 0 [pid 5705] close(3 [pid 5704] symlink("/dev/binderfs", "./binderfs" [pid 5706] setpgid(0, 0 [pid 5705] <... close resumed>) = 0 [pid 5704] <... symlink resumed>) = 0 [pid 5089] umount2("./59", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5706] <... setpgid resumed>) = 0 [pid 5705] symlink("/dev/binderfs", "./binderfs" [pid 5704] write(1, "executing program\n", 18 executing program [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5706] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5705] <... symlink resumed>) = 0 [pid 5704] <... write resumed>) = 18 [pid 5089] openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORYexecuting program [pid 5705] write(1, "executing program\n", 18 [pid 5704] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... openat resumed>) = 3 [pid 5706] <... openat resumed>) = 3 [pid 5705] <... write resumed>) = 18 [pid 5704] <... futex resumed>) = 0 [pid 5089] newfstatat(3, "", [pid 5706] write(3, "1000", 4 [pid 5705] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5704] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 5704] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5706] <... write resumed>) = 4 [pid 5705] <... futex resumed>) = 0 [pid 5704] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] umount2("./59/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5706] close(3 [pid 5705] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5704] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5706] <... close resumed>) = 0 [pid 5705] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5704] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] newfstatat(AT_FDCWD, "./59/binderfs", [pid 5706] symlink("/dev/binderfs", "./binderfs" [pid 5705] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5704] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 127.899410][ T5702] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 127.923371][ T5703] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5706] <... symlink resumed>) = 0 [pid 5705] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5704] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] unlink("./59/binderfs"executing program [pid 5706] write(1, "executing program\n", 18 [pid 5705] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5704] <... mprotect resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5706] <... write resumed>) = 18 [pid 5705] <... mmap resumed>) = 0x7f1dfa693000 [pid 5704] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5706] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5705] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5704] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5706] <... futex resumed>) = 0 [pid 5705] <... mprotect resumed>) = 0 [pid 5704] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5707 attached [pid 5706] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5705] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... umount2 resumed>) = 0 [pid 5707] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5706] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5707] <... rseq resumed>) = 0 [pid 5706] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5707] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5706] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5705] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5704] <... clone3 resumed> => {parent_tid=[5707]}, 88) = 5707 [pid 5089] newfstatat(AT_FDCWD, "./59/file0", [pid 5707] <... set_robust_list resumed>) = 0 [pid 5706] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5705] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5704] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5708 attached [pid 5707] rt_sigprocmask(SIG_SETMASK, [], [pid 5706] <... mmap resumed>) = 0x7f1dfa693000 [pid 5704] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5708] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5707] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5706] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5705] <... clone3 resumed> => {parent_tid=[5708]}, 88) = 5708 [pid 5704] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5708] <... rseq resumed>) = 0 [pid 5707] memfd_create("syzkaller", 0 [pid 5706] <... mprotect resumed>) = 0 [pid 5705] rt_sigprocmask(SIG_SETMASK, [], [pid 5704] <... futex resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5708] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5705] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5704] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5708] <... set_robust_list resumed>) = 0 [pid 5706] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5705] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... openat resumed>) = 4 [pid 5708] rt_sigprocmask(SIG_SETMASK, [], [pid 5707] <... memfd_create resumed>) = 3 [pid 5706] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5705] <... futex resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 5707] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5707] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5708] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5705] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5706] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5708] memfd_create("syzkaller", 0 [pid 5706] <... clone3 resumed> => {parent_tid=[5709]}, 88) = 5709 [pid 5089] close(4./strace-static-x86_64: Process 5709 attached [pid 5708] <... memfd_create resumed>) = 3 [pid 5706] rt_sigprocmask(SIG_SETMASK, [], [pid 5703] <... mount resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5709] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5708] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5706] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5703] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5709] <... rseq resumed>) = 0 [pid 5708] <... mmap resumed>) = 0x7f1df2200000 [pid 5706] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5703] <... openat resumed>) = 3 [pid 5089] rmdir("./59/file0" [pid 5706] <... futex resumed>) = 0 [pid 5709] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5706] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5703] chdir("./file0") = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5703] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5089] getdents64(3, [pid 5703] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5709] <... set_robust_list resumed>) = 0 [pid 5703] <... futex resumed>) = 1 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5703] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5709] rt_sigprocmask(SIG_SETMASK, [], [pid 5701] <... futex resumed>) = 0 [pid 5089] close(3 [pid 5709] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5701] exit_group(0 [pid 5089] <... close resumed>) = 0 [pid 5703] <... futex resumed>) = ? [pid 5701] <... exit_group resumed>) = ? [pid 5089] rmdir("./59" [pid 5703] +++ exited with 0 +++ [pid 5709] memfd_create("syzkaller", 0 [pid 5701] +++ exited with 0 +++ [pid 5089] <... rmdir resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5701, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5708] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] mkdir("./60", 0777 [pid 5086] umount2("./60", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5709] <... memfd_create resumed>) = 3 [pid 5089] <... mkdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5709] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] <... openat resumed>) = 3 [pid 5709] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] newfstatat(3, "", [pid 5089] <... openat resumed>) = 3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./60/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 128.015098][ T5703] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5086] newfstatat(AT_FDCWD, "./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5707] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] unlink("./60/binderfs") = 0 [pid 5086] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5708] <... write resumed>) = 2097152 [pid 5086] <... umount2 resumed>) = 0 [pid 5708] munmap(0x7f1df2200000, 138412032 [pid 5086] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./60/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5709] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5708] <... munmap resumed>) = 0 [pid 5707] <... write resumed>) = 2097152 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5707] munmap(0x7f1df2200000, 138412032 [pid 5086] <... openat resumed>) = 4 [pid 5089] <... ioctl resumed>) = 0 [pid 5086] newfstatat(4, "", [pid 5708] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5707] <... munmap resumed>) = 0 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5710 attached [pid 5710] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5710] chdir("./60") = 0 [pid 5710] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5710] setpgid(0, 0) = 0 [pid 5710] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5708] <... openat resumed>) = 4 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5710 [pid 5708] ioctl(4, LOOP_SET_FD, 3 [pid 5086] getdents64(4, [pid 5710] write(3, "1000", 4) = 4 [pid 5710] close(3) = 0 [pid 5710] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5708] <... ioctl resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5707] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5710] write(1, "executing program\n", 18) = 18 [pid 5710] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5710] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5086] getdents64(4, [pid 5710] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5708] close(3 [pid 5707] <... openat resumed>) = 4 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5710] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5708] <... close resumed>) = 0 [pid 5707] ioctl(4, LOOP_SET_FD, 3 [pid 5086] close(4 [pid 5710] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5710] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5710] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5710] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5709] <... write resumed>) = 2097152 [pid 5708] close(4 [pid 5707] <... ioctl resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5710] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5709] munmap(0x7f1df2200000, 138412032 [pid 5708] <... close resumed>) = 0 [pid 5707] close(3 [pid 5710] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5708] mkdir("./file0", 0777./strace-static-x86_64: Process 5711 attached ) = 0 [pid 5711] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5710] <... clone3 resumed> => {parent_tid=[5711]}, 88) = 5711 [pid 5711] <... rseq resumed>) = 0 [pid 5710] rt_sigprocmask(SIG_SETMASK, [], [pid 5711] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5710] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5711] <... set_robust_list resumed>) = 0 [pid 5710] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5708] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5711] rt_sigprocmask(SIG_SETMASK, [], [pid 5710] <... futex resumed>) = 0 [pid 5711] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5710] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5086] rmdir("./60/file0" [pid 5711] memfd_create("syzkaller", 0 [pid 5709] <... munmap resumed>) = 0 [pid 5707] <... close resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5707] close(4 [pid 5086] getdents64(3, [pid 5707] <... close resumed>) = 0 [pid 5707] mkdir("./file0", 0777 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5711] <... memfd_create resumed>) = 3 [pid 5711] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5086] close(3 [pid 5707] <... mkdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./60" [pid 5711] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] <... rmdir resumed>) = 0 [pid 5709] openat(AT_FDCWD, "/dev/loop0", O_RDWR [ 128.153415][ T5708] loop2: detected capacity change from 0 to 4096 [ 128.169044][ T5707] loop3: detected capacity change from 0 to 4096 [ 128.192972][ T5708] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5707] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] mkdir("./61", 0777 [pid 5709] <... openat resumed>) = 4 [pid 5709] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... mkdir resumed>) = 0 [pid 5709] <... ioctl resumed>) = 0 [pid 5709] close(3 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5709] <... close resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5709] close(4 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5709] <... close resumed>) = 0 [pid 5709] mkdir("./file0", 0777) = 0 [ 128.212487][ T5709] loop0: detected capacity change from 0 to 4096 [ 128.220139][ T5707] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5709] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5708] <... mount resumed>) = 0 [pid 5708] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... ioctl resumed>) = 0 [pid 5708] <... openat resumed>) = 3 [pid 5708] chdir("./file0") = 0 [ 128.258927][ T5709] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 128.272654][ T5708] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5708] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5708] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5708] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5705] <... futex resumed>) = 0 [pid 5705] exit_group(0 [pid 5707] <... mount resumed>) = 0 [pid 5708] <... futex resumed>) = ? [pid 5705] <... exit_group resumed>) = ? [pid 5708] +++ exited with 0 +++ [pid 5707] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5711] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5705] +++ exited with 0 +++ [pid 5707] <... openat resumed>) = 3 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5705, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5707] chdir("./file0" [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5707] <... chdir resumed>) = 0 [pid 5087] <... restart_syscall resumed>) = 0 [pid 5707] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5086] close(3 [pid 5707] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./60", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5707] <... futex resumed>) = 1 [pid 5704] <... futex resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5707] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5704] exit_group(0 [pid 5087] <... openat resumed>) = 3 [pid 5704] <... exit_group resumed>) = ? [pid 5087] newfstatat(3, "", [pid 5707] <... futex resumed>) = ? [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5712 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5712 attached [pid 5707] +++ exited with 0 +++ [pid 5704] +++ exited with 0 +++ [pid 5087] umount2("./60/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5704, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./60/binderfs", [pid 5712] set_robust_list(0x555580b0d6a0, 24 [pid 5088] umount2("./60", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5712] <... set_robust_list resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5712] chdir("./61" [pid 5088] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] unlink("./60/binderfs" [pid 5088] <... openat resumed>) = 3 [pid 5087] <... unlink resumed>) = 0 [pid 5088] newfstatat(3, "", [pid 5087] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, [pid 5712] <... chdir resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] <... umount2 resumed>) = 0 [pid 5712] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] umount2("./60/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [ 128.312587][ T5707] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5712] setpgid(0, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5712] <... setpgid resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./60/binderfs", [pid 5712] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./60/binderfs") = 0 [pid 5088] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5712] <... openat resumed>) = 3 [pid 5712] write(3, "1000", 4 [pid 5087] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5712] <... write resumed>) = 4 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./60/file0", [pid 5712] close(3) = 0 [pid 5712] symlink("/dev/binderfs", "./binderfs" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5709] <... mount resumed>) = 0 [pid 5712] <... symlink resumed>) = 0 [pid 5087] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5712] write(1, "executing program\n", 18 [pid 5088] <... umount2 resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 5712] <... write resumed>) = 18 [pid 5087] openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5712] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] newfstatat(4, "", [pid 5712] <... futex resumed>) = 0 [pid 5711] <... write resumed>) = 2097152 [pid 5709] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5712] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] getdents64(4, [pid 5712] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5709] <... openat resumed>) = 3 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5712] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5709] chdir("./file0" [pid 5087] getdents64(4, [pid 5712] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5709] <... chdir resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5712] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] close(4 [pid 5709] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5712] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... close resumed>) = 0 [pid 5709] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5712] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] rmdir("./60/file0" [pid 5709] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5712] <... mprotect resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5709] <... futex resumed>) = 1 [pid 5706] <... futex resumed>) = 0 [pid 5087] getdents64(3, [pid 5712] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5709] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5706] exit_group(0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5706] <... exit_group resumed>) = ? [pid 5087] close(3) = 0 [pid 5088] newfstatat(AT_FDCWD, "./60/file0", [pid 5709] <... futex resumed>) = ? [pid 5087] rmdir("./60" [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5087] mkdir("./61", 0777 [pid 5711] munmap(0x7f1df2200000, 138412032 [pid 5712] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5709] +++ exited with 0 +++ [pid 5706] +++ exited with 0 +++ [pid 5088] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... mkdir resumed>) = 0 [pid 5712] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5706, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- ./strace-static-x86_64: Process 5713 attached [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5713] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5712] <... clone3 resumed> => {parent_tid=[5713]}, 88) = 5713 [pid 5713] <... rseq resumed>) = 0 [pid 5712] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] umount2("./60", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5713] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5712] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 128.382870][ T5709] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5087] <... openat resumed>) = 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5712] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... openat resumed>) = 4 [pid 5085] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5712] <... futex resumed>) = 0 [pid 5711] <... munmap resumed>) = 0 [pid 5088] newfstatat(4, "", [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5085] <... openat resumed>) = 3 [pid 5712] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5713] <... set_robust_list resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, [pid 5713] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5713] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] umount2("./60/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5711] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5711] <... openat resumed>) = 4 [pid 5085] newfstatat(AT_FDCWD, "./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5711] ioctl(4, LOOP_SET_FD, 3 [pid 5085] unlink("./60/binderfs" [pid 5713] memfd_create("syzkaller", 0 [pid 5088] getdents64(4, [pid 5713] <... memfd_create resumed>) = 3 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5713] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5711] <... ioctl resumed>) = 0 [pid 5088] close(4 [pid 5713] <... mmap resumed>) = 0x7f1df2200000 [pid 5711] close(3 [pid 5088] <... close resumed>) = 0 [pid 5711] <... close resumed>) = 0 [pid 5088] rmdir("./60/file0" [pid 5085] <... unlink resumed>) = 0 [pid 5711] close(4 [pid 5088] <... rmdir resumed>) = 0 [pid 5711] <... close resumed>) = 0 [pid 5085] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5711] mkdir("./file0", 0777) = 0 [pid 5711] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5713] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] rmdir("./60" [pid 5085] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... rmdir resumed>) = 0 [pid 5088] mkdir("./61", 0777 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./60/file0", [pid 5088] <... mkdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5085] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... openat resumed>) = 3 [pid 5087] close(3 [pid 5085] <... openat resumed>) = 4 [ 128.449861][ T5711] loop4: detected capacity change from 0 to 4096 [ 128.477139][ T5711] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] <... close resumed>) = 0 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./60/file0"./strace-static-x86_64: Process 5714 attached ) = 0 [pid 5714] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5714 [pid 5714] <... set_robust_list resumed>) = 0 [pid 5714] chdir("./61" [pid 5085] getdents64(3, [pid 5714] <... chdir resumed>) = 0 [pid 5714] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5714] <... prctl resumed>) = 0 [pid 5085] rmdir("./60" [pid 5714] setpgid(0, 0) = 0 [pid 5714] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] <... rmdir resumed>) = 0 [pid 5714] <... openat resumed>) = 3 [pid 5085] mkdir("./61", 0777 [pid 5714] write(3, "1000", 4 [pid 5085] <... mkdir resumed>) = 0 [pid 5714] <... write resumed>) = 4 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5714] close(3) = 0 [pid 5713] <... write resumed>) = 2097152 [pid 5711] <... mount resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5711] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5714] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5711] <... openat resumed>) = 3 [pid 5711] chdir("./file0"executing program ) = 0 [pid 5713] munmap(0x7f1df2200000, 138412032 [pid 5714] write(1, "executing program\n", 18 [pid 5711] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5714] <... write resumed>) = 18 [pid 5714] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5711] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5711] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5710] <... futex resumed>) = 0 [pid 5711] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5710] exit_group(0) = ? [pid 5714] <... futex resumed>) = 0 [pid 5711] <... futex resumed>) = ? [pid 5711] +++ exited with 0 +++ [pid 5714] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5710] +++ exited with 0 +++ [pid 5714] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5710, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5088] <... ioctl resumed>) = 0 [pid 5714] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5714] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5713] <... munmap resumed>) = 0 [pid 5714] <... mmap resumed>) = 0x7f1dfa693000 [pid 5713] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5714] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5089] umount2("./60", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5713] <... openat resumed>) = 4 [pid 5713] ioctl(4, LOOP_SET_FD, 3 [pid 5714] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5714] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./60/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./60/binderfs") = 0 [pid 5714] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5713] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5715 attached [pid 5713] close(3 [pid 5089] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] close(3 [pid 5715] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5714] <... clone3 resumed> => {parent_tid=[5715]}, 88) = 5715 [pid 5713] <... close resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5716 attached [pid 5714] rt_sigprocmask(SIG_SETMASK, [], [pid 5713] close(4 [pid 5089] <... umount2 resumed>) = 0 [pid 5715] <... rseq resumed>) = 0 [pid 5714] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5713] <... close resumed>) = 0 [pid 5714] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5713] mkdir("./file0", 0777 [pid 5714] <... futex resumed>) = 0 [pid 5716] set_robust_list(0x555580b0d6a0, 24 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5716 [pid 5716] <... set_robust_list resumed>) = 0 [pid 5716] chdir("./61") = 0 [pid 5716] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5716] <... prctl resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5716] setpgid(0, 0 [pid 5089] newfstatat(AT_FDCWD, "./60/file0", [pid 5716] <... setpgid resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5716] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] umount2("./60/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5716] <... openat resumed>) = 3 [pid 5714] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5713] <... mkdir resumed>) = 0 [pid 5715] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5716] write(3, "1000", 4 [pid 5715] <... set_robust_list resumed>) = 0 [pid 5716] <... write resumed>) = 4 [pid 5715] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] newfstatat(4, "", [pid 5716] close(3 [pid 5715] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5716] <... close resumed>) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./60/file0" [pid 5713] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... rmdir resumed>) = 0 [ 128.569946][ T5711] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 128.603727][ T5713] loop1: detected capacity change from 0 to 4096 [pid 5716] symlink("/dev/binderfs", "./binderfs" [pid 5089] getdents64(3, executing program [pid 5716] <... symlink resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5716] write(1, "executing program\n", 18 [pid 5089] close(3 [pid 5716] <... write resumed>) = 18 [pid 5089] <... close resumed>) = 0 [pid 5716] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] rmdir("./60" [pid 5716] <... futex resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5716] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5089] mkdir("./61", 0777 [pid 5716] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] <... mkdir resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5716] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5715] memfd_create("syzkaller", 0 [pid 5716] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5716] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5716] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5716] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5717 attached => {parent_tid=[5717]}, 88) = 5717 [pid 5716] rt_sigprocmask(SIG_SETMASK, [], [pid 5717] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5716] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5717] <... rseq resumed>) = 0 [pid 5716] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5717] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5716] <... futex resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5717] <... set_robust_list resumed>) = 0 [pid 5716] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5715] <... memfd_create resumed>) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5717] rt_sigprocmask(SIG_SETMASK, [], [pid 5715] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5717] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5715] <... mmap resumed>) = 0x7f1df2200000 [pid 5085] close(3 [pid 5717] memfd_create("syzkaller", 0 [pid 5085] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5717] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 5718 attached [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5718 [pid 5717] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5718] set_robust_list(0x555580b0d6a0, 24 [pid 5717] <... mmap resumed>) = 0x7f1df2200000 [pid 5715] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5718] <... set_robust_list resumed>) = 0 [pid 5718] chdir("./61") = 0 [pid 5718] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 128.646632][ T5713] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5718] setpgid(0, 0) = 0 [pid 5718] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5718] write(3, "1000", 4) = 4 [pid 5718] close(3) = 0 [pid 5718] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5718] write(1, "executing program\n", 18executing program ) = 18 [pid 5718] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5718] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5718] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5718] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5718] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5718] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5718] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5719 attached => {parent_tid=[5719]}, 88) = 5719 [pid 5718] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5718] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5718] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5719] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5717] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5719] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5089] <... ioctl resumed>) = 0 [pid 5719] <... set_robust_list resumed>) = 0 [pid 5089] close(3 [pid 5719] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... close resumed>) = 0 [pid 5719] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5713] <... mount resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5719] memfd_create("syzkaller", 0 [pid 5713] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5720 [pid 5713] <... openat resumed>) = 3 [pid 5719] <... memfd_create resumed>) = 3 [pid 5713] chdir("./file0" [pid 5719] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5713] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5720 attached [pid 5719] <... mmap resumed>) = 0x7f1df2200000 [pid 5715] <... write resumed>) = 2097152 [pid 5713] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5720] set_robust_list(0x555580b0d6a0, 24 [pid 5713] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5713] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5712] <... futex resumed>) = 0 [pid 5712] exit_group(0) = ? [pid 5720] <... set_robust_list resumed>) = 0 [pid 5720] chdir("./61") = 0 [pid 5715] munmap(0x7f1df2200000, 138412032 [pid 5720] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5720] setpgid(0, 0) = 0 [pid 5720] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 128.765074][ T5713] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5720] write(3, "1000", 4) = 4 [pid 5720] close(3) = 0 [pid 5720] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5720] write(1, "executing program\n", 18) = 18 [pid 5720] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5720] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5720] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5720] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5720] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5713] +++ exited with 0 +++ [pid 5712] +++ exited with 0 +++ [pid 5720] <... mprotect resumed>) = 0 [pid 5715] <... munmap resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5712, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5720] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5715] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5720] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5715] <... openat resumed>) = 4 [pid 5720] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5086] umount2("./61", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5720] <... clone3 resumed> => {parent_tid=[5721]}, 88) = 5721 [pid 5086] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5720] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5720] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] newfstatat(3, "", [pid 5720] <... futex resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5720] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5086] getdents64(3, ./strace-static-x86_64: Process 5721 attached 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5721] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5086] umount2("./61/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5721] <... rseq resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5721] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5086] newfstatat(AT_FDCWD, "./61/binderfs", [pid 5721] <... set_robust_list resumed>) = 0 [pid 5715] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5721] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5717] <... write resumed>) = 2097152 [pid 5086] unlink("./61/binderfs" [pid 5721] memfd_create("syzkaller", 0 [pid 5715] <... ioctl resumed>) = 0 [pid 5715] close(3) = 0 [pid 5715] close(4) = 0 [pid 5721] <... memfd_create resumed>) = 3 [pid 5719] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5717] munmap(0x7f1df2200000, 138412032 [pid 5086] <... unlink resumed>) = 0 [pid 5721] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5715] mkdir("./file0", 0777 [pid 5086] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5715] <... mkdir resumed>) = 0 [pid 5721] <... mmap resumed>) = 0x7f1df2200000 [ 128.852506][ T5715] loop2: detected capacity change from 0 to 4096 [pid 5717] <... munmap resumed>) = 0 [pid 5715] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... umount2 resumed>) = 0 [pid 5086] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5719] <... write resumed>) = 2097152 [pid 5717] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5717] <... openat resumed>) = 4 [pid 5086] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5717] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5721] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [ 128.899731][ T5715] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 128.928488][ T5717] loop3: detected capacity change from 0 to 4096 [pid 5086] close(4) = 0 [pid 5719] munmap(0x7f1df2200000, 138412032 [pid 5086] rmdir("./61/file0" [pid 5719] <... munmap resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, [pid 5719] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5719] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5717] <... ioctl resumed>) = 0 [pid 5715] <... mount resumed>) = 0 [pid 5086] close(3 [pid 5717] close(3 [pid 5086] <... close resumed>) = 0 [pid 5717] <... close resumed>) = 0 [pid 5086] rmdir("./61" [pid 5717] close(4 [pid 5719] <... ioctl resumed>) = 0 [pid 5721] <... write resumed>) = 2097152 [pid 5717] <... close resumed>) = 0 [pid 5715] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... rmdir resumed>) = 0 [pid 5721] munmap(0x7f1df2200000, 138412032 [pid 5719] close(3 [pid 5717] mkdir("./file0", 0777 [pid 5715] <... openat resumed>) = 3 [pid 5086] mkdir("./62", 0777 [pid 5719] <... close resumed>) = 0 [pid 5717] <... mkdir resumed>) = 0 [pid 5715] chdir("./file0" [pid 5086] <... mkdir resumed>) = 0 [pid 5719] close(4 [pid 5715] <... chdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5721] <... munmap resumed>) = 0 [pid 5719] <... close resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5721] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5719] mkdir("./file0", 0777 [pid 5717] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5715] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5721] <... openat resumed>) = 4 [ 128.949037][ T5715] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 128.961355][ T5719] loop0: detected capacity change from 0 to 4096 [pid 5721] ioctl(4, LOOP_SET_FD, 3 [pid 5719] <... mkdir resumed>) = 0 [pid 5715] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5719] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5715] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5714] <... futex resumed>) = 0 [pid 5715] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5714] exit_group(0) = ? [pid 5721] <... ioctl resumed>) = 0 [pid 5715] <... futex resumed>) = ? [pid 5721] close(3 [pid 5715] +++ exited with 0 +++ [pid 5714] +++ exited with 0 +++ [pid 5721] <... close resumed>) = 0 [pid 5721] close(4) = 0 [pid 5721] mkdir("./file0", 0777 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5714, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5721] <... mkdir resumed>) = 0 [pid 5721] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] umount2("./61", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 128.995420][ T5717] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 129.005595][ T5721] loop4: detected capacity change from 0 to 4096 [ 129.015211][ T5719] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./61/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./61/binderfs" [pid 5719] <... mount resumed>) = 0 [pid 5087] <... unlink resumed>) = 0 [ 129.062265][ T5721] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 129.092907][ T5719] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5087] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... ioctl resumed>) = 0 [pid 5719] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5717] <... mount resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5086] close(3 [pid 5719] chdir("./file0" [pid 5717] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... close resumed>) = 0 [pid 5719] <... chdir resumed>) = 0 [pid 5717] <... openat resumed>) = 3 [pid 5087] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5719] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5717] chdir("./file0" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5719] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5717] <... chdir resumed>) = 0 [pid 5719] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5718] <... futex resumed>) = 0 [pid 5717] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] newfstatat(AT_FDCWD, "./61/file0", [pid 5719] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5718] exit_group(0 [pid 5717] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5722 [pid 5719] <... futex resumed>) = ? [pid 5718] <... exit_group resumed>) = ? [pid 5717] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5719] +++ exited with 0 +++ [pid 5717] <... futex resumed>) = 1 [pid 5717] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5087] newfstatat(4, "", [pid 5716] <... futex resumed>) = 0 [pid 5716] exit_group(0./strace-static-x86_64: Process 5722 attached [pid 5718] +++ exited with 0 +++ [pid 5717] <... futex resumed>) = ? [pid 5716] <... exit_group resumed>) = ? [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5722] set_robust_list(0x555580b0d6a0, 24 [pid 5717] +++ exited with 0 +++ [pid 5716] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5718, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5087] getdents64(4, [pid 5085] restart_syscall(<... resuming interrupted clone ...> [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5716, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... restart_syscall resumed>) = 0 [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5087] getdents64(4, [pid 5088] <... restart_syscall resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4 [pid 5085] umount2("./61", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] umount2("./61", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] rmdir("./61/file0" [pid 5085] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5722] <... set_robust_list resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5088] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] newfstatat(3, "", [pid 5722] chdir("./62" [pid 5088] <... openat resumed>) = 3 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5722] <... chdir resumed>) = 0 [pid 5088] newfstatat(3, "", [pid 5087] getdents64(3, [pid 5085] getdents64(3, [pid 5722] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5722] <... prctl resumed>) = 0 [pid 5088] getdents64(3, [pid 5087] close(3 [pid 5085] umount2("./61/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5722] setpgid(0, 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5722] <... setpgid resumed>) = 0 [pid 5088] umount2("./61/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] rmdir("./61" [ 129.116757][ T5717] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5085] newfstatat(AT_FDCWD, "./61/binderfs", [pid 5722] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./61/binderfs" [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./61/binderfs", [pid 5087] mkdir("./62", 0777 [pid 5085] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5722] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5722] write(3, "1000", 4 [pid 5721] <... mount resumed>) = 0 [pid 5088] unlink("./61/binderfs" [pid 5722] <... write resumed>) = 4 [pid 5721] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... unlink resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] <... umount2 resumed>) = 0 [pid 5722] close(3 [pid 5721] <... openat resumed>) = 3 [pid 5722] <... close resumed>) = 0 [pid 5721] chdir("./file0" [pid 5087] <... openat resumed>) = 3 [pid 5722] symlink("/dev/binderfs", "./binderfs" [pid 5721] <... chdir resumed>) = 0 [pid 5085] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5722] <... symlink resumed>) = 0 [pid 5721] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 5722] write(1, "executing program\n", 18 [pid 5721] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5722] <... write resumed>) = 18 [pid 5721] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] newfstatat(AT_FDCWD, "./61/file0", [pid 5722] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5721] <... futex resumed>) = 1 [pid 5720] <... futex resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5722] <... futex resumed>) = 0 [pid 5721] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5720] exit_group(0 [pid 5722] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5721] <... futex resumed>) = ? [pid 5720] <... exit_group resumed>) = ? [pid 5085] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5722] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5721] +++ exited with 0 +++ [pid 5720] +++ exited with 0 +++ [pid 5088] <... umount2 resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5722] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5720, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5088] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5722] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5722] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] umount2("./61", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] newfstatat(AT_FDCWD, "./61/file0", [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5722] <... mmap resumed>) = 0x7f1dfa693000 [pid 5085] <... openat resumed>) = 4 [pid 5722] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] newfstatat(3, "", [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5722] <... mprotect resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] getdents64(3, [pid 5088] <... openat resumed>) = 4 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./61/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(4, "", [pid 5089] newfstatat(AT_FDCWD, "./61/binderfs", [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./61/binderfs" [pid 5088] getdents64(4, [pid 5089] <... unlink resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5722] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] getdents64(4, [pid 5085] newfstatat(4, "", [pid 5722] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5722] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] getdents64(4, [pid 5089] <... umount2 resumed>) = 0 [pid 5088] close(4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5723 attached [pid 5722] <... clone3 resumed> => {parent_tid=[5723]}, 88) = 5723 [pid 5089] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... close resumed>) = 0 [pid 5085] getdents64(4, [pid 5723] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5722] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] rmdir("./61/file0" [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5723] <... rseq resumed>) = 0 [pid 5722] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] newfstatat(AT_FDCWD, "./61/file0", [pid 5088] <... rmdir resumed>) = 0 [pid 5723] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5722] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] close(4 [pid 5723] <... set_robust_list resumed>) = 0 [pid 5722] <... futex resumed>) = 0 [pid 5723] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] <... close resumed>) = 0 [pid 5723] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5722] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5085] rmdir("./61/file0" [pid 5723] memfd_create("syzkaller", 0 [pid 5089] umount2("./61/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(3, [pid 5723] <... memfd_create resumed>) = 3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... rmdir resumed>) = 0 [pid 5723] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5723] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] close(3 [pid 5089] <... openat resumed>) = 4 [pid 5088] <... close resumed>) = 0 [pid 5085] getdents64(3, [pid 5089] newfstatat(4, "", [pid 5088] rmdir("./61" [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] close(3 [pid 5089] getdents64(4, [pid 5085] <... close resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [ 129.177441][ T5721] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5089] getdents64(4, [pid 5088] mkdir("./62", 0777 [pid 5085] rmdir("./61" [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./61/file0") = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] mkdir("./62", 0777 [pid 5088] <... openat resumed>) = 3 [pid 5089] getdents64(3, [pid 5085] <... mkdir resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5089] close(3 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./61" [pid 5085] <... openat resumed>) = 3 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] mkdir("./62", 0777) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5723] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] close(3 [pid 5089] <... openat resumed>) = 3 [pid 5087] <... close resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5724 attached [pid 5724] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5724 [pid 5724] <... set_robust_list resumed>) = 0 [pid 5723] <... write resumed>) = 2097152 [pid 5723] munmap(0x7f1df2200000, 138412032 [pid 5724] chdir("./62") = 0 [pid 5723] <... munmap resumed>) = 0 [pid 5724] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5723] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5724] <... prctl resumed>) = 0 [pid 5723] <... openat resumed>) = 4 [pid 5724] setpgid(0, 0) = 0 [pid 5723] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... ioctl resumed>) = 0 [pid 5724] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] close(3 [pid 5724] <... openat resumed>) = 3 [pid 5088] <... close resumed>) = 0 [pid 5724] write(3, "1000", 4 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5724] <... write resumed>) = 4 [pid 5724] close(3) = 0 [pid 5724] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5725 attached ) = 0 [pid 5725] set_robust_list(0x555580b0d6a0, 24 [pid 5724] write(1, "executing program\n", 18executing program [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5725 [pid 5725] <... set_robust_list resumed>) = 0 [pid 5724] <... write resumed>) = 18 [pid 5724] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5725] chdir("./62" [pid 5724] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5724] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5725] <... chdir resumed>) = 0 [pid 5724] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5725] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5724] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5725] <... prctl resumed>) = 0 [pid 5724] <... mprotect resumed>) = 0 [pid 5723] <... ioctl resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5725] setpgid(0, 0 [pid 5085] close(3) = 0 [pid 5725] <... setpgid resumed>) = 0 [pid 5725] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5724] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5723] close(3 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5723] <... close resumed>) = 0 [pid 5725] <... openat resumed>) = 3 [pid 5723] close(4 [pid 5089] <... ioctl resumed>) = 0 [pid 5725] write(3, "1000", 4 [pid 5724] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5723] <... close resumed>) = 0 [pid 5089] close(3 [pid 5725] <... write resumed>) = 4 [pid 5724] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5723] mkdir("./file0", 0777 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5726 [pid 5725] close(3 [pid 5089] <... close resumed>) = 0 [pid 5725] <... close resumed>) = 0 [ 129.337737][ T5723] loop1: detected capacity change from 0 to 4096 [pid 5725] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5727 attached ./strace-static-x86_64: Process 5726 attached ) = 0 [pid 5724] <... clone3 resumed> => {parent_tid=[5727]}, 88) = 5727 [pid 5723] <... mkdir resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5726] set_robust_list(0x555580b0d6a0, 24) = 0 executing program [pid 5726] chdir("./62") = 0 [pid 5725] write(1, "executing program\n", 18) = 18 [pid 5726] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5726] setpgid(0, 0) = 0 [pid 5727] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5726] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5725] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5724] rt_sigprocmask(SIG_SETMASK, [], [pid 5723] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5727] <... rseq resumed>) = 0 [pid 5726] <... openat resumed>) = 3 [pid 5724] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5727] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5725] <... futex resumed>) = 0 [pid 5724] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5728 attached [pid 5726] write(3, "1000", 4 [pid 5725] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5724] <... futex resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5728 [pid 5726] <... write resumed>) = 4 [pid 5726] close(3 [pid 5725] <... rt_sigaction resumed>NULL, 8) = 0 executing program [pid 5724] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5728] set_robust_list(0x555580b0d6a0, 24 [pid 5727] <... set_robust_list resumed>) = 0 [pid 5726] <... close resumed>) = 0 [pid 5725] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5728] <... set_robust_list resumed>) = 0 [pid 5726] symlink("/dev/binderfs", "./binderfs" [pid 5728] chdir("./62" [pid 5726] <... symlink resumed>) = 0 [pid 5728] <... chdir resumed>) = 0 [pid 5726] write(1, "executing program\n", 18 [pid 5728] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5726] <... write resumed>) = 18 [pid 5728] <... prctl resumed>) = 0 [pid 5726] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5728] setpgid(0, 0 [pid 5726] <... futex resumed>) = 0 [pid 5728] <... setpgid resumed>) = 0 [pid 5726] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5728] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5726] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5726] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5728] write(3, "1000", 4 [pid 5727] rt_sigprocmask(SIG_SETMASK, [], [pid 5726] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5725] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5728] <... write resumed>) = 4 [pid 5727] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5726] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5728] close(3 [pid 5726] <... mmap resumed>) = 0x7f1dfa693000 [pid 5725] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5728] <... close resumed>) = 0 [pid 5726] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5728] symlink("/dev/binderfs", "./binderfs" [pid 5726] <... mprotect resumed>) = 0 [pid 5728] <... symlink resumed>) = 0 [pid 5727] memfd_create("syzkaller", 0 [pid 5726] rt_sigprocmask(SIG_BLOCK, ~[], executing program [pid 5725] <... mmap resumed>) = 0x7f1dfa693000 [pid 5728] write(1, "executing program\n", 18 [pid 5725] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5728] <... write resumed>) = 18 [pid 5728] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5725] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5728] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5726] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5728] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5726] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5729 attached [pid 5728] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5729] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5728] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5729] <... rseq resumed>) = 0 [pid 5728] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5726] <... clone3 resumed> => {parent_tid=[5729]}, 88) = 5729 [pid 5725] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5729] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5728] <... mmap resumed>) = 0x7f1dfa693000 [pid 5726] rt_sigprocmask(SIG_SETMASK, [], [pid 5729] <... set_robust_list resumed>) = 0 [pid 5728] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5726] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5725] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5729] rt_sigprocmask(SIG_SETMASK, [], [pid 5728] <... mprotect resumed>) = 0 [pid 5726] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5729] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5726] <... futex resumed>) = 0 [pid 5728] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5727] <... memfd_create resumed>) = 3 [pid 5726] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5727] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5729] memfd_create("syzkaller", 0) = 3 [pid 5729] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 ./strace-static-x86_64: Process 5730 attached [pid 5725] <... clone3 resumed> => {parent_tid=[5730]}, 88) = 5730 [pid 5730] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5725] rt_sigprocmask(SIG_SETMASK, [], [pid 5730] <... rseq resumed>) = 0 [pid 5725] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5730] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5725] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5730] <... set_robust_list resumed>) = 0 [pid 5730] rt_sigprocmask(SIG_SETMASK, [], [pid 5728] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5725] <... futex resumed>) = 0 [pid 5730] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5728] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5725] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5728] <... clone3 resumed> => {parent_tid=[5731]}, 88) = 5731 [pid 5728] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 5731 attached [pid 5728] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5731] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5728] <... futex resumed>) = 0 [pid 5731] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5728] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5731] <... set_robust_list resumed>) = 0 [pid 5731] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5731] memfd_create("syzkaller", 0 [pid 5730] memfd_create("syzkaller", 0 [pid 5731] <... memfd_create resumed>) = 3 [pid 5730] <... memfd_create resumed>) = 3 [pid 5731] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5730] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5731] <... mmap resumed>) = 0x7f1df2200000 [pid 5730] <... mmap resumed>) = 0x7f1df2200000 [ 129.415816][ T5723] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5730] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5727] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5729] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5731] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5723] <... mount resumed>) = 0 [pid 5723] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5723] chdir("./file0") = 0 [pid 5723] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5729] <... write resumed>) = 2097152 [pid 5723] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5723] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5723] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5722] <... futex resumed>) = 0 [pid 5722] exit_group(0 [pid 5723] <... futex resumed>) = ? [pid 5722] <... exit_group resumed>) = ? [pid 5723] +++ exited with 0 +++ [pid 5729] munmap(0x7f1df2200000, 138412032 [pid 5722] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5722, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5727] <... write resumed>) = 2097152 [pid 5086] umount2("./62", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5729] <... munmap resumed>) = 0 [pid 5727] munmap(0x7f1df2200000, 138412032 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5729] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] <... openat resumed>) = 3 [pid 5729] <... openat resumed>) = 4 [pid 5086] newfstatat(3, "", [pid 5730] <... write resumed>) = 2097152 [ 129.531568][ T5723] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5730] munmap(0x7f1df2200000, 138412032 [pid 5729] ioctl(4, LOOP_SET_FD, 3 [pid 5086] getdents64(3, [pid 5730] <... munmap resumed>) = 0 [pid 5729] <... ioctl resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./62/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./62/binderfs") = 0 [pid 5086] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5727] <... munmap resumed>) = 0 [pid 5731] <... write resumed>) = 2097152 [pid 5730] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5729] close(3 [pid 5727] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5086] <... umount2 resumed>) = 0 [pid 5731] munmap(0x7f1df2200000, 138412032 [pid 5730] <... openat resumed>) = 4 [pid 5729] <... close resumed>) = 0 [pid 5727] ioctl(4, LOOP_SET_FD, 3 [pid 5730] ioctl(4, LOOP_SET_FD, 3 [pid 5729] close(4 [pid 5727] <... ioctl resumed>) = 0 [pid 5731] <... munmap resumed>) = 0 [pid 5729] <... close resumed>) = 0 [pid 5727] close(3 [pid 5086] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5729] mkdir("./file0", 0777 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5729] <... mkdir resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./62/file0", [pid 5729] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5727] <... close resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 129.591679][ T5729] loop0: detected capacity change from 0 to 4096 [ 129.611675][ T5727] loop2: detected capacity change from 0 to 4096 [ 129.619315][ T5730] loop3: detected capacity change from 0 to 4096 [pid 5727] close(4 [pid 5086] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5731] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5730] <... ioctl resumed>) = 0 [pid 5727] <... close resumed>) = 0 [pid 5730] close(3) = 0 [pid 5730] close(4) = 0 [pid 5730] mkdir("./file0", 0777 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", [pid 5727] mkdir("./file0", 0777 [pid 5730] <... mkdir resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5730] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5731] <... openat resumed>) = 4 [pid 5727] <... mkdir resumed>) = 0 [pid 5086] getdents64(4, [pid 5731] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, [pid 5727] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./62/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./62") = 0 [pid 5086] mkdir("./63", 0777) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5731] <... ioctl resumed>) = 0 [pid 5731] close(3) = 0 [pid 5731] close(4) = 0 [pid 5731] mkdir("./file0", 0777) = 0 [ 129.633722][ T5729] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 129.646892][ T5730] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 129.652841][ T5731] loop4: detected capacity change from 0 to 4096 [ 129.665632][ T5727] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 129.708206][ T5731] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5731] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5727] <... mount resumed>) = 0 [pid 5729] <... mount resumed>) = 0 [pid 5727] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... ioctl resumed>) = 0 [pid 5727] <... openat resumed>) = 3 [pid 5086] close(3 [pid 5727] chdir("./file0" [pid 5729] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5727] <... chdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5727] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5729] <... openat resumed>) = 3 [pid 5727] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5727] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5724] <... futex resumed>) = 0 [pid 5727] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5732 attached [pid 5730] <... mount resumed>) = 0 [pid 5729] chdir("./file0" [pid 5724] exit_group(0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5732 [pid 5732] set_robust_list(0x555580b0d6a0, 24 [pid 5729] <... chdir resumed>) = 0 [pid 5727] <... futex resumed>) = ? [pid 5724] <... exit_group resumed>) = ? [pid 5732] <... set_robust_list resumed>) = 0 [pid 5727] +++ exited with 0 +++ [pid 5732] chdir("./63") = 0 [pid 5730] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5724] +++ exited with 0 +++ [pid 5729] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5724, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5729] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5732] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5730] chdir("./file0" [pid 5729] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5732] <... prctl resumed>) = 0 [pid 5732] setpgid(0, 0 [pid 5729] <... futex resumed>) = 1 [pid 5726] <... futex resumed>) = 0 [pid 5732] <... setpgid resumed>) = 0 [pid 5729] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5726] exit_group(0 [pid 5732] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5730] <... chdir resumed>) = 0 [pid 5729] <... futex resumed>) = ? [pid 5726] <... exit_group resumed>) = ? [pid 5732] <... openat resumed>) = 3 [pid 5730] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] umount2("./62", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5732] write(3, "1000", 4 [pid 5730] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5732] <... write resumed>) = 4 [pid 5730] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5732] close(3 [pid 5730] <... futex resumed>) = 1 [pid 5725] <... futex resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5732] <... close resumed>) = 0 [pid 5730] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5729] +++ exited with 0 +++ [pid 5726] +++ exited with 0 +++ [pid 5725] exit_group(0 [pid 5087] newfstatat(3, "", [ 129.762059][ T5727] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 129.781873][ T5729] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 129.801399][ T5730] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5732] symlink("/dev/binderfs", "./binderfs" [pid 5730] <... futex resumed>) = ? [pid 5725] <... exit_group resumed>) = ? [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5732] <... symlink resumed>) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5726, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- executing program [pid 5732] write(1, "executing program\n", 18 [pid 5087] getdents64(3, [pid 5732] <... write resumed>) = 18 [pid 5730] +++ exited with 0 +++ [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5732] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./62/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5732] <... futex resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5732] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] newfstatat(AT_FDCWD, "./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./62/binderfs" [pid 5732] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5732] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5732] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5731] <... mount resumed>) = 0 [pid 5087] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5732] <... mmap resumed>) = 0x7f1dfa693000 [pid 5732] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5725] +++ exited with 0 +++ [pid 5732] <... mprotect resumed>) = 0 [pid 5732] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5725, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5732] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5732] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 5733 attached [pid 5732] <... clone3 resumed> => {parent_tid=[5733]}, 88) = 5733 [pid 5085] umount2("./62", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5733] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5732] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] umount2("./62", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5733] <... rseq resumed>) = 0 [pid 5732] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = 0 [pid 5733] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5732] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5733] <... set_robust_list resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5733] rt_sigprocmask(SIG_SETMASK, [], [pid 5732] <... futex resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5733] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5732] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5085] <... openat resumed>) = 3 [pid 5733] memfd_create("syzkaller", 0 [pid 5088] newfstatat(3, "", [pid 5085] newfstatat(3, "", [pid 5087] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] newfstatat(AT_FDCWD, "./62/file0", [pid 5085] getdents64(3, [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./62/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./62/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5733] <... memfd_create resumed>) = 3 [pid 5731] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] newfstatat(AT_FDCWD, "./62/binderfs", [pid 5087] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5733] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5731] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./62/binderfs", [pid 5733] <... mmap resumed>) = 0x7f1df2200000 [pid 5731] chdir("./file0" [pid 5088] unlink("./62/binderfs" [pid 5087] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5731] <... chdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5731] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... openat resumed>) = 4 [pid 5085] unlink("./62/binderfs" [pid 5088] <... unlink resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5731] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5731] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5731] <... futex resumed>) = 1 [pid 5728] <... futex resumed>) = 0 [pid 5728] exit_group(0) = ? [pid 5087] newfstatat(4, "", [pid 5085] <... umount2 resumed>) = 0 [pid 5731] +++ exited with 0 +++ [pid 5728] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5728, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5088] <... umount2 resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 129.841557][ T5731] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5089] <... restart_syscall resumed>) = 0 [pid 5085] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(4, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] newfstatat(AT_FDCWD, "./62/file0", [pid 5089] umount2("./62", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] newfstatat(AT_FDCWD, "./62/file0", [pid 5087] getdents64(4, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] close(4 [pid 5085] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... openat resumed>) = 3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] rmdir("./62/file0" [pid 5089] newfstatat(3, "", [pid 5085] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... openat resumed>) = 4 [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 5088] newfstatat(4, "", [pid 5087] getdents64(3, [pid 5085] newfstatat(4, "", [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, [pid 5087] close(3 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... close resumed>) = 0 [pid 5085] getdents64(4, [pid 5733] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] umount2("./62/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(4, [pid 5087] rmdir("./62" [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5085] getdents64(4, [pid 5089] newfstatat(AT_FDCWD, "./62/binderfs", [pid 5088] close(4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5088] rmdir("./62/file0" [pid 5085] rmdir("./62/file0" [pid 5089] unlink("./62/binderfs" [pid 5088] <... rmdir resumed>) = 0 [pid 5087] mkdir("./63", 0777 [pid 5085] <... rmdir resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5733] <... write resumed>) = 2097152 [pid 5089] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(3, [pid 5085] getdents64(3, [pid 5733] munmap(0x7f1df2200000, 138412032 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3 [pid 5087] <... openat resumed>) = 3 [pid 5085] close(3 [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./62" [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5085] <... close resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] rmdir("./62") = 0 [pid 5733] <... munmap resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5088] mkdir("./63", 0777 [pid 5089] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./62/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5733] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] <... mkdir resumed>) = 0 [pid 5085] mkdir("./63", 0777 [pid 5733] <... openat resumed>) = 4 [pid 5089] openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... openat resumed>) = 4 [pid 5733] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... openat resumed>) = 3 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5089] getdents64(4, [pid 5733] <... ioctl resumed>) = 0 [pid 5733] close(3) = 0 [pid 5733] close(4) = 0 [pid 5733] mkdir("./file0", 0777 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... mkdir resumed>) = 0 [pid 5733] <... mkdir resumed>) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... close resumed>) = 0 [pid 5733] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] rmdir("./62/file0" [pid 5087] <... ioctl resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] <... rmdir resumed>) = 0 [ 129.969240][ T5733] loop1: detected capacity change from 0 to 4096 [ 130.009361][ T5733] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5087] close(3 [pid 5089] close(3) = 0 [pid 5087] <... close resumed>) = 0 [pid 5089] rmdir("./62" [pid 5088] close(3 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] <... rmdir resumed>) = 0 [pid 5088] <... close resumed>) = 0 ./strace-static-x86_64: Process 5734 attached [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5734 [pid 5734] set_robust_list(0x555580b0d6a0, 24 [pid 5089] mkdir("./63", 0777./strace-static-x86_64: Process 5735 attached [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5735 [pid 5735] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5734] <... set_robust_list resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5734] chdir("./63" [pid 5735] chdir("./63" [pid 5734] <... chdir resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5735] <... chdir resumed>) = 0 [pid 5735] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5735] setpgid(0, 0) = 0 [pid 5734] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5735] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5734] <... prctl resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5734] setpgid(0, 0 [pid 5735] <... openat resumed>) = 3 [pid 5734] <... setpgid resumed>) = 0 [pid 5733] <... mount resumed>) = 0 [pid 5735] write(3, "1000", 4 [pid 5734] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5735] <... write resumed>) = 4 [pid 5733] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5735] close(3) = 0 [pid 5734] <... openat resumed>) = 3 [pid 5733] <... openat resumed>) = 3 [pid 5735] symlink("/dev/binderfs", "./binderfs" [pid 5734] write(3, "1000", 4 [pid 5733] chdir("./file0" [pid 5735] <... symlink resumed>) = 0 executing program [pid 5735] write(1, "executing program\n", 18 [pid 5734] <... write resumed>) = 4 [pid 5733] <... chdir resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5735] <... write resumed>) = 18 [pid 5734] close(3 [pid 5733] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5735] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] close(3 [pid 5735] <... futex resumed>) = 0 [pid 5734] <... close resumed>) = 0 [pid 5733] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] <... close resumed>) = 0 [pid 5735] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5734] symlink("/dev/binderfs", "./binderfs"executing program [pid 5733] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5735] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5734] <... symlink resumed>) = 0 [pid 5733] <... futex resumed>) = 1 [pid 5735] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5733] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5734] write(1, "executing program\n", 18) = 18 ./strace-static-x86_64: Process 5736 attached [pid 5735] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5734] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5732] <... futex resumed>) = 0 [pid 5736] set_robust_list(0x555580b0d6a0, 24 [pid 5735] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5734] <... futex resumed>) = 0 [pid 5732] exit_group(0 [pid 5736] <... set_robust_list resumed>) = 0 [pid 5735] <... mmap resumed>) = 0x7f1dfa693000 [pid 5734] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5732] <... exit_group resumed>) = ? [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5736 [pid 5735] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5734] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5733] <... futex resumed>) = ? [pid 5736] chdir("./63" [pid 5735] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5734] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5736] <... chdir resumed>) = 0 [pid 5735] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5734] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5734] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5736] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5735] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5736] <... prctl resumed>) = 0 [pid 5734] <... mmap resumed>) = 0x7f1dfa693000 [pid 5735] <... clone3 resumed> => {parent_tid=[5737]}, 88) = 5737 [pid 5736] setpgid(0, 0 [ 130.090587][ T5733] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5735] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 5737 attached [pid 5736] <... setpgid resumed>) = 0 [pid 5735] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5734] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5733] +++ exited with 0 +++ [pid 5732] +++ exited with 0 +++ [pid 5089] <... ioctl resumed>) = 0 [pid 5737] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5736] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5735] <... futex resumed>) = 0 [pid 5734] <... mprotect resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5732, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5089] close(3 [pid 5737] <... rseq resumed>) = 0 [pid 5735] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5734] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5737] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5734] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] <... close resumed>) = 0 [pid 5737] <... set_robust_list resumed>) = 0 [pid 5734] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] umount2("./63", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5738 attached [pid 5737] rt_sigprocmask(SIG_SETMASK, [], [pid 5736] <... openat resumed>) = 3 [pid 5738] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5737] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5734] <... clone3 resumed> => {parent_tid=[5738]}, 88) = 5738 [pid 5738] <... rseq resumed>) = 0 [pid 5737] memfd_create("syzkaller", 0 [pid 5736] write(3, "1000", 4 [pid 5734] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5738] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5734] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5738] <... set_robust_list resumed>) = 0 [pid 5734] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5739 attached [pid 5738] rt_sigprocmask(SIG_SETMASK, [], [pid 5737] <... memfd_create resumed>) = 3 [pid 5736] <... write resumed>) = 4 [pid 5734] <... futex resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5739 [pid 5086] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5739] set_robust_list(0x555580b0d6a0, 24 [pid 5738] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5737] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5736] close(3 [pid 5734] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5739] <... set_robust_list resumed>) = 0 [pid 5738] memfd_create("syzkaller", 0 [pid 5737] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] <... openat resumed>) = 3 [pid 5739] chdir("./63") = 0 [pid 5736] <... close resumed>) = 0 [pid 5739] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5736] symlink("/dev/binderfs", "./binderfs" [pid 5739] <... prctl resumed>) = 0 [pid 5738] <... memfd_create resumed>) = 3 [pid 5739] setpgid(0, 0 [pid 5736] <... symlink resumed>) = 0 [pid 5086] newfstatat(3, "", [pid 5739] <... setpgid resumed>) = 0 [pid 5738] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, [pid 5739] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5738] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5739] <... openat resumed>) = 3 [pid 5086] umount2("./63/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./63/binderfs" [pid 5739] write(3, "1000", 4 [pid 5736] write(1, "executing program\n", 18 [pid 5086] <... unlink resumed>) = 0 executing program [pid 5739] <... write resumed>) = 4 [pid 5736] <... write resumed>) = 18 [pid 5086] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5739] close(3 [pid 5736] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... umount2 resumed>) = 0 [pid 5086] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5739] <... close resumed>) = 0 [pid 5736] <... futex resumed>) = 0 [pid 5739] symlink("/dev/binderfs", "./binderfs" [pid 5736] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5086] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5736] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5739] <... symlink resumed>) = 0 [pid 5736] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5086] newfstatat(4, "", executing program [pid 5736] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5739] write(1, "executing program\n", 18 [pid 5736] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5739] <... write resumed>) = 18 [pid 5736] <... mmap resumed>) = 0x7f1dfa693000 [pid 5086] getdents64(4, [pid 5736] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5739] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5736] <... mprotect resumed>) = 0 [pid 5739] <... futex resumed>) = 0 [pid 5736] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5086] getdents64(4, [pid 5736] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5736] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5086] close(4./strace-static-x86_64: Process 5740 attached [pid 5739] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5086] <... close resumed>) = 0 [pid 5740] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5739] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5736] <... clone3 resumed> => {parent_tid=[5740]}, 88) = 5740 [pid 5740] <... rseq resumed>) = 0 [pid 5739] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5736] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] rmdir("./63/file0" [pid 5740] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5739] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5736] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5740] <... set_robust_list resumed>) = 0 [pid 5736] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5739] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5740] rt_sigprocmask(SIG_SETMASK, [], [pid 5736] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5740] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5739] <... mmap resumed>) = 0x7f1dfa693000 [pid 5086] getdents64(3, [pid 5740] memfd_create("syzkaller", 0 [pid 5739] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 5739] <... mprotect resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./63" [pid 5740] <... memfd_create resumed>) = 3 [pid 5086] <... rmdir resumed>) = 0 [pid 5740] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5739] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5740] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] mkdir("./64", 0777 [pid 5739] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5739] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5737] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5741 attached [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5741] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5739] <... clone3 resumed> => {parent_tid=[5741]}, 88) = 5741 [pid 5739] rt_sigprocmask(SIG_SETMASK, [], [pid 5741] <... rseq resumed>) = 0 [pid 5741] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5739] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5741] <... set_robust_list resumed>) = 0 [pid 5740] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5739] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5738] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5739] <... futex resumed>) = 0 [pid 5741] rt_sigprocmask(SIG_SETMASK, [], [pid 5739] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5741] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5741] memfd_create("syzkaller", 0) = 3 [pid 5741] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5738] <... write resumed>) = 2097152 [pid 5737] <... write resumed>) = 2097152 [pid 5738] munmap(0x7f1df2200000, 138412032 [pid 5737] munmap(0x7f1df2200000, 138412032 [pid 5738] <... munmap resumed>) = 0 [pid 5740] <... write resumed>) = 2097152 [pid 5086] <... ioctl resumed>) = 0 [pid 5740] munmap(0x7f1df2200000, 138412032 [pid 5738] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5740] <... munmap resumed>) = 0 [pid 5738] ioctl(4, LOOP_SET_FD, 3 [pid 5737] <... munmap resumed>) = 0 [pid 5737] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5737] ioctl(4, LOOP_SET_FD, 3 [pid 5741] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5740] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5738] <... ioctl resumed>) = 0 [pid 5086] close(3 [pid 5740] <... openat resumed>) = 4 [pid 5086] <... close resumed>) = 0 [pid 5738] close(3 [pid 5740] ioctl(4, LOOP_SET_FD, 3 [pid 5738] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5737] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5742 attached [pid 5740] <... ioctl resumed>) = 0 [pid 5738] close(4 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5742 [pid 5738] <... close resumed>) = 0 [pid 5738] mkdir("./file0", 0777 [pid 5742] set_robust_list(0x555580b0d6a0, 24 [pid 5740] close(3 [pid 5738] <... mkdir resumed>) = 0 [pid 5742] <... set_robust_list resumed>) = 0 [pid 5740] <... close resumed>) = 0 [pid 5737] close(3 [pid 5742] chdir("./64" [pid 5740] close(4 [pid 5737] <... close resumed>) = 0 [pid 5740] <... close resumed>) = 0 [pid 5737] close(4 [pid 5740] mkdir("./file0", 0777 [pid 5738] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5737] <... close resumed>) = 0 [pid 5742] <... chdir resumed>) = 0 [pid 5740] <... mkdir resumed>) = 0 [pid 5742] prctl(PR_SET_PDEATHSIG, SIGKILL [ 130.330566][ T5738] loop2: detected capacity change from 0 to 4096 [ 130.333239][ T5737] loop3: detected capacity change from 0 to 4096 [ 130.345845][ T5740] loop0: detected capacity change from 0 to 4096 [pid 5737] mkdir("./file0", 0777 [pid 5742] <... prctl resumed>) = 0 [pid 5737] <... mkdir resumed>) = 0 [pid 5742] setpgid(0, 0 [pid 5740] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5742] <... setpgid resumed>) = 0 [pid 5737] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5742] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5741] <... write resumed>) = 2097152 [pid 5742] <... openat resumed>) = 3 [pid 5742] write(3, "1000", 4) = 4 [pid 5742] close(3) = 0 [pid 5742] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5742] write(1, "executing program\n", 18executing program ) = 18 [pid 5742] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5742] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5742] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5742] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5742] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5742] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5742] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5741] munmap(0x7f1df2200000, 138412032 [pid 5742] <... clone3 resumed> => {parent_tid=[5743]}, 88) = 5743 [pid 5741] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5743 attached [pid 5742] rt_sigprocmask(SIG_SETMASK, [], [pid 5743] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5742] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5743] <... rseq resumed>) = 0 [pid 5742] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5743] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5742] <... futex resumed>) = 0 [pid 5743] <... set_robust_list resumed>) = 0 [pid 5742] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5743] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5743] memfd_create("syzkaller", 0) = 3 [pid 5743] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [ 130.380864][ T5738] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 130.391293][ T5737] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 130.400854][ T5740] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5741] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5741] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5741] close(3) = 0 [pid 5741] close(4) = 0 [pid 5741] mkdir("./file0", 0777) = 0 [pid 5741] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5738] <... mount resumed>) = 0 [pid 5738] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5738] chdir("./file0") = 0 [ 130.455221][ T5741] loop4: detected capacity change from 0 to 4096 [ 130.473964][ T5738] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5738] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5738] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5734] <... futex resumed>) = 0 [pid 5738] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5734] exit_group(0) = ? [pid 5743] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5738] <... futex resumed>) = ? [pid 5738] +++ exited with 0 +++ [pid 5734] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5734, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5087] umount2("./63", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./63/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./63/binderfs") = 0 [pid 5087] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5737] <... mount resumed>) = 0 [pid 5737] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5737] chdir("./file0") = 0 [pid 5737] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5087] <... umount2 resumed>) = 0 [pid 5737] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5737] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 130.510113][ T5741] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 130.527500][ T5737] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 130.547554][ T5740] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5087] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5735] <... futex resumed>) = 0 [pid 5735] exit_group(0 [pid 5737] <... futex resumed>) = ? [pid 5735] <... exit_group resumed>) = ? [pid 5087] newfstatat(AT_FDCWD, "./63/file0", [pid 5737] +++ exited with 0 +++ [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5740] <... mount resumed>) = 0 [pid 5735] +++ exited with 0 +++ [pid 5087] <... openat resumed>) = 4 [pid 5740] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5735, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5740] <... openat resumed>) = 3 [pid 5740] chdir("./file0") = 0 [pid 5088] umount2("./63", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(4, "", [pid 5740] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5740] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] getdents64(4, [pid 5740] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5740] <... futex resumed>) = 1 [pid 5740] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] <... openat resumed>) = 3 [pid 5087] getdents64(4, [pid 5088] newfstatat(3, "", [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5736] <... futex resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] close(4 [pid 5736] exit_group(0 [pid 5088] getdents64(3, [pid 5087] <... close resumed>) = 0 [pid 5741] <... mount resumed>) = 0 [pid 5740] <... futex resumed>) = ? [pid 5736] <... exit_group resumed>) = ? [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] rmdir("./63/file0" [pid 5741] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5740] +++ exited with 0 +++ [pid 5736] +++ exited with 0 +++ [pid 5088] umount2("./63/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... rmdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] getdents64(3, [pid 5088] newfstatat(AT_FDCWD, "./63/binderfs", [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5741] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./63/binderfs" [pid 5087] close(3 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5736, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5741] chdir("./file0" [pid 5088] <... unlink resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5085] umount2("./63", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5741] <... chdir resumed>) = 0 [pid 5088] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] rmdir("./63" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5741] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... rmdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5741] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] <... openat resumed>) = 3 [pid 5741] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5085] newfstatat(3, "", [pid 5741] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5739] <... futex resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5739] exit_group(0 [pid 5085] getdents64(3, [pid 5739] <... exit_group resumed>) = ? [pid 5741] <... futex resumed>) = ? [pid 5088] <... umount2 resumed>) = 0 [pid 5087] mkdir("./64", 0777 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] <... mkdir resumed>) = 0 [pid 5743] <... write resumed>) = 2097152 [pid 5741] +++ exited with 0 +++ [pid 5739] +++ exited with 0 +++ [pid 5088] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./63/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... openat resumed>) = 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5739, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5085] newfstatat(AT_FDCWD, "./63/binderfs", [pid 5089] umount2("./63", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] unlink("./63/binderfs" [pid 5089] openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] newfstatat(AT_FDCWD, "./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5089] <... openat resumed>) = 3 [pid 5085] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5743] munmap(0x7f1df2200000, 138412032 [pid 5089] newfstatat(3, "", [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, [pid 5089] getdents64(3, [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [ 130.602410][ T5741] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5088] rmdir("./63/file0" [pid 5743] <... munmap resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5089] umount2("./63/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(3, [pid 5743] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5743] <... openat resumed>) = 4 [pid 5089] newfstatat(AT_FDCWD, "./63/binderfs", [pid 5743] ioctl(4, LOOP_SET_FD, 3 [pid 5088] close(3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... close resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./63/file0", [pid 5088] rmdir("./63" [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5743] <... ioctl resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] mkdir("./64", 0777 [pid 5087] <... ioctl resumed>) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5089] unlink("./63/binderfs" [pid 5088] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... unlink resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5089] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(4, "", [pid 5743] close(3) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5743] close(4 [pid 5085] getdents64(4, [pid 5743] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] close(4 [pid 5089] newfstatat(AT_FDCWD, "./63/file0", [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./63/file0") = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] umount2("./63/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] close(3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... close resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] rmdir("./63" [pid 5089] <... openat resumed>) = 4 [pid 5085] <... rmdir resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 5085] mkdir("./64", 0777 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5089] getdents64(4, [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... openat resumed>) = 3 [pid 5089] getdents64(4, [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5743] mkdir("./file0", 0777 [pid 5089] close(4) = 0 [pid 5089] rmdir("./63/file0" [pid 5743] <... mkdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5089] getdents64(3, [pid 5087] close(3 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... close resumed>) = 0 [pid 5089] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] rmdir("./63"./strace-static-x86_64: Process 5744 attached ) = 0 [pid 5744] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5744] chdir("./64" [pid 5089] mkdir("./64", 0777 [pid 5744] <... chdir resumed>) = 0 [pid 5744] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... mkdir resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5744 [pid 5744] <... prctl resumed>) = 0 [ 130.668960][ T5743] loop1: detected capacity change from 0 to 4096 [pid 5744] setpgid(0, 0 [pid 5743] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5744] <... setpgid resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5744] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5744] <... openat resumed>) = 3 [pid 5744] write(3, "1000", 4) = 4 [pid 5744] close(3) = 0 executing program [pid 5744] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5744] write(1, "executing program\n", 18) = 18 [pid 5744] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5744] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5744] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5744] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5744] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5744] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5744] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5745]}, 88) = 5745 ./strace-static-x86_64: Process 5745 attached [pid 5744] rt_sigprocmask(SIG_SETMASK, [], [pid 5745] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5744] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5745] <... rseq resumed>) = 0 [pid 5744] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... ioctl resumed>) = 0 [pid 5744] <... futex resumed>) = 0 [pid 5744] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5745] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5745] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] close(3) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5745] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5745] memfd_create("syzkaller", 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5746 ./strace-static-x86_64: Process 5746 attached [pid 5745] <... memfd_create resumed>) = 3 [pid 5089] <... ioctl resumed>) = 0 [pid 5746] set_robust_list(0x555580b0d6a0, 24 [pid 5745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5746] <... set_robust_list resumed>) = 0 [pid 5745] <... mmap resumed>) = 0x7f1df2200000 [ 130.764744][ T5743] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5746] chdir("./64") = 0 [pid 5746] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5746] setpgid(0, 0) = 0 [pid 5746] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5746] write(3, "1000", 4) = 4 [pid 5746] close(3 [pid 5089] close(3 [pid 5746] <... close resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5746] symlink("/dev/binderfs", "./binderfs" [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 5746] <... symlink resumed>) = 0 [pid 5088] close(3 [pid 5746] write(1, "executing program\n", 18 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5747 [pid 5746] <... write resumed>) = 18 [pid 5088] <... close resumed>) = 0 [pid 5746] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5747 attached ) = 0 [pid 5747] set_robust_list(0x555580b0d6a0, 24 [pid 5746] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5746] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5746] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5747] <... set_robust_list resumed>) = 0 [pid 5746] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5747] chdir("./64" [pid 5746] <... mprotect resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5748 [pid 5747] <... chdir resumed>) = 0 [pid 5746] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5747] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5746] <... rt_sigprocmask resumed>[], 8) = 0 ./strace-static-x86_64: Process 5748 attached [pid 5747] setpgid(0, 0 [pid 5748] set_robust_list(0x555580b0d6a0, 24 [pid 5747] <... setpgid resumed>) = 0 [pid 5748] <... set_robust_list resumed>) = 0 [pid 5747] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5748] chdir("./64" [pid 5747] <... openat resumed>) = 3 [pid 5748] <... chdir resumed>) = 0 [pid 5747] write(3, "1000", 4 [pid 5746] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5748] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5747] <... write resumed>) = 4 ./strace-static-x86_64: Process 5749 attached [pid 5748] <... prctl resumed>) = 0 [pid 5747] close(3 [pid 5746] <... clone3 resumed> => {parent_tid=[5749]}, 88) = 5749 [pid 5749] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5748] setpgid(0, 0 [pid 5747] <... close resumed>) = 0 [pid 5746] rt_sigprocmask(SIG_SETMASK, [], [pid 5749] <... rseq resumed>) = 0 [pid 5748] <... setpgid resumed>) = 0 [pid 5747] symlink("/dev/binderfs", "./binderfs"executing program [pid 5749] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5748] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5747] <... symlink resumed>) = 0 [pid 5746] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5749] <... set_robust_list resumed>) = 0 [pid 5746] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5748] <... openat resumed>) = 3 [pid 5749] rt_sigprocmask(SIG_SETMASK, [], [pid 5747] write(1, "executing program\n", 18 [pid 5748] write(3, "1000", 4 [pid 5749] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5747] <... write resumed>) = 18 [pid 5749] memfd_create("syzkaller", 0 [pid 5748] <... write resumed>) = 4 [pid 5747] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5748] close(3 [pid 5747] <... futex resumed>) = 0 [pid 5746] <... futex resumed>) = 0 [pid 5748] <... close resumed>) = 0 [pid 5746] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5748] symlink("/dev/binderfs", "./binderfs" [pid 5747] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5748] <... symlink resumed>) = 0 [pid 5747] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5747] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5747] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 executing program [pid 5748] write(1, "executing program\n", 18 [pid 5747] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5748] <... write resumed>) = 18 [pid 5747] <... mprotect resumed>) = 0 [pid 5749] <... memfd_create resumed>) = 3 [pid 5748] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5747] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5749] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5748] <... futex resumed>) = 0 [pid 5749] <... mmap resumed>) = 0x7f1df2200000 [pid 5748] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5747] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5748] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5747] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5745] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5748] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5747] <... clone3 resumed> => {parent_tid=[5750]}, 88) = 5750 ./strace-static-x86_64: Process 5750 attached [pid 5748] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5747] rt_sigprocmask(SIG_SETMASK, [], [pid 5748] <... mmap resumed>) = 0x7f1dfa693000 [pid 5747] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5743] <... mount resumed>) = 0 [pid 5750] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5748] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5750] <... rseq resumed>) = 0 [pid 5750] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5747] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5750] <... set_robust_list resumed>) = 0 [pid 5747] <... futex resumed>) = 0 [pid 5750] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5748] <... mprotect resumed>) = 0 [pid 5747] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5748] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5750] memfd_create("syzkaller", 0 [pid 5748] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5748] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5751]}, 88) = 5751 [pid 5748] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5748] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 5751 attached [pid 5748] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5751] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5751] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5750] <... memfd_create resumed>) = 3 [pid 5750] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5751] rt_sigprocmask(SIG_SETMASK, [], [pid 5750] <... mmap resumed>) = 0x7f1df2200000 [pid 5743] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5751] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5743] <... openat resumed>) = 3 [pid 5751] memfd_create("syzkaller", 0 [pid 5743] chdir("./file0") = 0 [pid 5751] <... memfd_create resumed>) = 3 [pid 5743] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5751] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5743] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5751] <... mmap resumed>) = 0x7f1df2200000 [pid 5743] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5742] <... futex resumed>) = 0 [pid 5742] exit_group(0 [pid 5743] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL) = ? [pid 5742] <... exit_group resumed>) = ? [ 130.883782][ T5743] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5743] +++ exited with 0 +++ [pid 5742] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5742, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5086] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5745] <... write resumed>) = 2097152 [pid 5086] umount2("./64", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./64/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5751] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5745] munmap(0x7f1df2200000, 138412032 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./64/binderfs") = 0 [pid 5086] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5749] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... umount2 resumed>) = 0 [pid 5745] <... munmap resumed>) = 0 [pid 5086] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5750] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5749] <... write resumed>) = 2097152 [pid 5745] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5745] <... openat resumed>) = 4 [pid 5745] ioctl(4, LOOP_SET_FD, 3 [pid 5086] newfstatat(AT_FDCWD, "./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./64/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5745] <... ioctl resumed>) = 0 [pid 5086] close(3) = 0 [pid 5745] close(3 [pid 5086] rmdir("./64" [pid 5745] <... close resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5745] close(4 [pid 5751] <... write resumed>) = 2097152 [pid 5086] mkdir("./65", 0777 [pid 5745] <... close resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5749] munmap(0x7f1df2200000, 138412032) = 0 [pid 5745] mkdir("./file0", 0777 [pid 5751] munmap(0x7f1df2200000, 138412032 [pid 5745] <... mkdir resumed>) = 0 [pid 5745] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5749] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5751] <... munmap resumed>) = 0 [pid 5750] <... write resumed>) = 2097152 [pid 5751] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5749] <... openat resumed>) = 4 [pid 5751] <... openat resumed>) = 4 [pid 5750] munmap(0x7f1df2200000, 138412032 [ 131.002912][ T5745] loop2: detected capacity change from 0 to 4096 [ 131.041140][ T5745] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5749] ioctl(4, LOOP_SET_FD, 3 [pid 5751] ioctl(4, LOOP_SET_FD, 3 [pid 5750] <... munmap resumed>) = 0 [pid 5750] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5749] <... ioctl resumed>) = 0 [pid 5750] ioctl(4, LOOP_SET_FD, 3 [pid 5749] close(3) = 0 [pid 5749] close(4) = 0 [pid 5749] mkdir("./file0", 0777 [pid 5751] <... ioctl resumed>) = 0 [pid 5749] <... mkdir resumed>) = 0 [pid 5749] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5751] close(3) = 0 [pid 5751] close(4) = 0 [pid 5751] mkdir("./file0", 0777) = 0 [ 131.060784][ T5749] loop0: detected capacity change from 0 to 4096 [ 131.069359][ T5751] loop3: detected capacity change from 0 to 4096 [ 131.080263][ T5745] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 131.088602][ T5750] loop4: detected capacity change from 0 to 4096 [pid 5751] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5750] <... ioctl resumed>) = 0 [pid 5745] <... mount resumed>) = 0 [pid 5750] close(3) = 0 [pid 5745] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5750] close(4 [pid 5745] chdir("./file0" [pid 5750] <... close resumed>) = 0 [pid 5745] <... chdir resumed>) = 0 [pid 5745] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5750] mkdir("./file0", 0777 [pid 5745] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5750] <... mkdir resumed>) = 0 [pid 5745] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5744] <... futex resumed>) = 0 [pid 5750] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5745] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5744] exit_group(0 [pid 5086] <... ioctl resumed>) = 0 [pid 5744] <... exit_group resumed>) = ? [pid 5086] close(3 [pid 5745] <... futex resumed>) = ? [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5752 attached [pid 5752] set_robust_list(0x555580b0d6a0, 24 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5752 [pid 5752] <... set_robust_list resumed>) = 0 [pid 5752] chdir("./65" [pid 5745] +++ exited with 0 +++ [pid 5744] +++ exited with 0 +++ [pid 5752] <... chdir resumed>) = 0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5744, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5752] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5752] setpgid(0, 0) = 0 [pid 5087] umount2("./64", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5752] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5752] <... openat resumed>) = 3 [pid 5087] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5752] write(3, "1000", 4 [ 131.111770][ T5749] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 131.121263][ T5751] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 131.149271][ T5750] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5087] newfstatat(3, "", [pid 5752] <... write resumed>) = 4 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5752] close(3 [pid 5087] getdents64(3, [pid 5752] <... close resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./64/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./64/binderfs") = 0 [pid 5087] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5752] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5752] write(1, "executing program\n", 18executing program ) = 18 [pid 5752] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5752] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5752] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5752] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [ 131.192037][ T5749] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 131.192235][ T5750] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5752] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5751] <... mount resumed>) = 0 [pid 5749] <... mount resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5752] <... mprotect resumed>) = 0 [pid 5752] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5752] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5749] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5749] <... openat resumed>) = 3 [pid 5752] <... clone3 resumed> => {parent_tid=[5753]}, 88) = 5753 [pid 5749] chdir("./file0" [pid 5087] newfstatat(AT_FDCWD, "./64/file0", [pid 5752] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5753 attached NULL, 8) = 0 [pid 5750] <... mount resumed>) = 0 [pid 5753] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5752] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5750] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5749] <... chdir resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5753] <... rseq resumed>) = 0 [pid 5752] <... futex resumed>) = 0 [pid 5749] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5753] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5752] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5750] <... openat resumed>) = 3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5753] <... set_robust_list resumed>) = 0 [pid 5750] chdir("./file0" [pid 5749] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5753] rt_sigprocmask(SIG_SETMASK, [], [pid 5750] <... chdir resumed>) = 0 [pid 5753] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5750] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5749] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... openat resumed>) = 4 [pid 5753] memfd_create("syzkaller", 0 [pid 5751] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5750] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] newfstatat(4, "", [pid 5750] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5749] <... futex resumed>) = 1 [pid 5747] <... futex resumed>) = 0 [pid 5746] <... futex resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5753] <... memfd_create resumed>) = 3 [pid 5751] <... openat resumed>) = 3 [pid 5750] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5747] exit_group(0 [pid 5746] exit_group(0 [pid 5087] getdents64(4, [pid 5753] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5751] chdir("./file0" [pid 5750] <... futex resumed>) = ? [pid 5747] <... exit_group resumed>) = ? [pid 5746] <... exit_group resumed>) = ? [pid 5753] <... mmap resumed>) = 0x7f1df2200000 [pid 5751] <... chdir resumed>) = 0 [pid 5750] +++ exited with 0 +++ [pid 5749] +++ exited with 0 +++ [pid 5747] +++ exited with 0 +++ [pid 5746] +++ exited with 0 +++ [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5747, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5751] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5089] <... restart_syscall resumed>) = 0 [pid 5751] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5089] umount2("./64", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5751] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5748] <... futex resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] getdents64(4, [pid 5089] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./64/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 131.232722][ T5751] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5089] unlink("./64/binderfs") = 0 [pid 5748] exit_group(0 [pid 5089] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5746, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5751] <... futex resumed>) = ? [pid 5748] <... exit_group resumed>) = ? [pid 5087] close(4 [pid 5085] umount2("./64", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5751] +++ exited with 0 +++ [pid 5748] +++ exited with 0 +++ [pid 5087] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] rmdir("./64/file0" [pid 5085] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5748, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5087] getdents64(3, [pid 5085] newfstatat(3, "", [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] close(3 [pid 5085] getdents64(3, [pid 5089] <... umount2 resumed>) = 0 [pid 5088] umount2("./64", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... close resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] rmdir("./64" [pid 5085] umount2("./64/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./64/file0", [pid 5088] <... openat resumed>) = 3 [pid 5087] mkdir("./65", 0777 [pid 5085] newfstatat(AT_FDCWD, "./64/binderfs", [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] newfstatat(3, "", [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5085] unlink("./64/binderfs" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] getdents64(3, [pid 5085] <... unlink resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] <... openat resumed>) = 4 [pid 5087] <... openat resumed>) = 3 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] umount2("./64/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = 0 [pid 5089] getdents64(4, [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] newfstatat(AT_FDCWD, "./64/binderfs", [pid 5089] getdents64(4, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] newfstatat(AT_FDCWD, "./64/file0", [pid 5089] close(4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... close resumed>) = 0 [pid 5088] unlink("./64/binderfs" [pid 5089] rmdir("./64/file0" [pid 5085] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... rmdir resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5753] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] getdents64(3, [pid 5088] <... umount2 resumed>) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] close(3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(4, "", [pid 5089] <... close resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./64/file0", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] rmdir("./64" [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./64/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(4, [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... rmdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] getdents64(4, [pid 5089] mkdir("./65", 0777 [pid 5088] <... openat resumed>) = 4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 5088] newfstatat(4, "", [pid 5085] <... close resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] rmdir("./64/file0" [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5088] getdents64(4, [pid 5085] <... rmdir resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3 [pid 5088] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5088] rmdir("./64/file0" [pid 5085] rmdir("./64") = 0 [pid 5753] <... write resumed>) = 2097152 [pid 5088] <... rmdir resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5085] mkdir("./65", 0777 [pid 5088] rmdir("./64" [pid 5085] <... mkdir resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5088] mkdir("./65", 0777) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5753] munmap(0x7f1df2200000, 138412032 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5754 attached [pid 5754] set_robust_list(0x555580b0d6a0, 24 [pid 5753] <... munmap resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5754 [pid 5754] <... set_robust_list resumed>) = 0 [pid 5754] chdir("./65") = 0 [pid 5753] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] close(3 [pid 5754] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] <... close resumed>) = 0 [pid 5754] setpgid(0, 0 [pid 5753] <... openat resumed>) = 4 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5753] ioctl(4, LOOP_SET_FD, 3 [pid 5754] <... setpgid resumed>) = 0 [pid 5754] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5754] write(3, "1000", 4) = 4 [pid 5754] close(3) = 0 [pid 5754] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5754] write(1, "executing program\n", 18) = 18 [pid 5754] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5754] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5754] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5754] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5754] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5755 [pid 5754] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5754] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5755 attached => {parent_tid=[5756]}, 88) = 5756 [pid 5755] set_robust_list(0x555580b0d6a0, 24 [pid 5754] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5756 attached [pid 5755] <... set_robust_list resumed>) = 0 [pid 5754] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5756] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5755] chdir("./65" [pid 5754] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5756] <... rseq resumed>) = 0 [pid 5754] <... futex resumed>) = 0 [pid 5756] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5754] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5756] <... set_robust_list resumed>) = 0 [pid 5755] <... chdir resumed>) = 0 [pid 5756] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5756] memfd_create("syzkaller", 0 [pid 5755] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5753] <... ioctl resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5755] <... prctl resumed>) = 0 [pid 5753] close(3 [pid 5085] close(3 [pid 5755] setpgid(0, 0 [pid 5753] <... close resumed>) = 0 [pid 5088] close(3 [pid 5755] <... setpgid resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5756] <... memfd_create resumed>) = 3 [pid 5755] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5753] close(4 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5756] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5753] <... close resumed>) = 0 [pid 5755] <... openat resumed>) = 3 [ 131.457381][ T5753] loop1: detected capacity change from 0 to 4096 [pid 5753] mkdir("./file0", 0777 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5757 ./strace-static-x86_64: Process 5757 attached [pid 5756] <... mmap resumed>) = 0x7f1df2200000 [pid 5755] write(3, "1000", 4 [pid 5753] <... mkdir resumed>) = 0 [pid 5757] set_robust_list(0x555580b0d6a0, 24 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5758 ./strace-static-x86_64: Process 5758 attached [pid 5753] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5758] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5758] chdir("./65") = 0 [pid 5755] <... write resumed>) = 4 [pid 5757] <... set_robust_list resumed>) = 0 [pid 5755] close(3 [pid 5758] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5755] <... close resumed>) = 0 [pid 5758] <... prctl resumed>) = 0 [pid 5758] setpgid(0, 0 [pid 5757] chdir("./65" [pid 5755] symlink("/dev/binderfs", "./binderfs" [pid 5758] <... setpgid resumed>) = 0 [pid 5758] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5757] <... chdir resumed>) = 0 [pid 5755] <... symlink resumed>) = 0 executing program [pid 5758] <... openat resumed>) = 3 [pid 5755] write(1, "executing program\n", 18 [pid 5757] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5758] write(3, "1000", 4) = 4 [pid 5758] close(3) = 0 [pid 5757] <... prctl resumed>) = 0 [pid 5755] <... write resumed>) = 18 [pid 5758] symlink("/dev/binderfs", "./binderfs" [pid 5757] setpgid(0, 0 [pid 5755] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5758] <... symlink resumed>) = 0 [pid 5757] <... setpgid resumed>) = 0 [pid 5755] <... futex resumed>) = 0 executing program [pid 5758] write(1, "executing program\n", 18 [pid 5755] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5758] <... write resumed>) = 18 [pid 5757] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5755] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5758] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5757] <... openat resumed>) = 3 [pid 5755] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5758] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5757] write(3, "1000", 4 [pid 5755] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5758] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5757] <... write resumed>) = 4 [pid 5755] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5758] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5758] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5755] <... mmap resumed>) = 0x7f1dfa693000 [pid 5758] <... mmap resumed>) = 0x7f1dfa693000 [pid 5757] close(3 [pid 5755] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5758] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5757] <... close resumed>) = 0 [pid 5755] <... mprotect resumed>) = 0 [pid 5758] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5757] symlink("/dev/binderfs", "./binderfs" [pid 5755] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5758] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5757] <... symlink resumed>) = 0 [pid 5755] <... rt_sigprocmask resumed>[], 8) = 0 executing program [pid 5758] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5757] write(1, "executing program\n", 18 [pid 5755] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5760 attached ./strace-static-x86_64: Process 5759 attached [pid 5757] <... write resumed>) = 18 [pid 5757] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5755] <... clone3 resumed> => {parent_tid=[5760]}, 88) = 5760 [pid 5760] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5759] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5757] <... futex resumed>) = 0 [pid 5755] rt_sigprocmask(SIG_SETMASK, [], [pid 5760] <... rseq resumed>) = 0 [pid 5757] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5755] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5760] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5759] <... rseq resumed>) = 0 [ 131.507692][ T5753] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5758] <... clone3 resumed> => {parent_tid=[5759]}, 88) = 5759 [pid 5755] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5757] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5760] <... set_robust_list resumed>) = 0 [pid 5759] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5758] rt_sigprocmask(SIG_SETMASK, [], [pid 5757] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5755] <... futex resumed>) = 0 [pid 5760] rt_sigprocmask(SIG_SETMASK, [], [pid 5757] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5755] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5760] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5757] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5759] <... set_robust_list resumed>) = 0 [pid 5758] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5758] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5759] rt_sigprocmask(SIG_SETMASK, [], [pid 5758] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5760] memfd_create("syzkaller", 0 [pid 5759] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5757] <... mmap resumed>) = 0x7f1dfa693000 [pid 5760] <... memfd_create resumed>) = 3 [pid 5759] memfd_create("syzkaller", 0 [pid 5757] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5756] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5753] <... mount resumed>) = 0 [pid 5757] <... mprotect resumed>) = 0 [pid 5757] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5753] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5757] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5759] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 5761 attached [pid 5760] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5753] <... openat resumed>) = 3 [pid 5761] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5759] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5757] <... clone3 resumed> => {parent_tid=[5761]}, 88) = 5761 [pid 5756] <... write resumed>) = 2097152 [pid 5753] chdir("./file0" [pid 5761] <... rseq resumed>) = 0 [pid 5757] rt_sigprocmask(SIG_SETMASK, [], [pid 5756] munmap(0x7f1df2200000, 138412032 [pid 5753] <... chdir resumed>) = 0 [pid 5761] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5760] <... mmap resumed>) = 0x7f1df2200000 [pid 5759] <... mmap resumed>) = 0x7f1df2200000 [pid 5757] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5761] <... set_robust_list resumed>) = 0 [pid 5761] rt_sigprocmask(SIG_SETMASK, [], [pid 5757] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5761] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5757] <... futex resumed>) = 0 [pid 5753] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5757] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5753] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5753] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5752] <... futex resumed>) = 0 [pid 5753] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5752] exit_group(0 [pid 5756] <... munmap resumed>) = 0 [pid 5753] <... futex resumed>) = ? [pid 5752] <... exit_group resumed>) = ? [pid 5761] memfd_create("syzkaller", 0) = 3 [pid 5753] +++ exited with 0 +++ [pid 5752] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5752, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [ 131.568004][ T5753] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5761] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5756] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5761] <... mmap resumed>) = 0x7f1df2200000 [pid 5756] <... openat resumed>) = 4 [pid 5086] <... restart_syscall resumed>) = 0 [pid 5756] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5756] close(3) = 0 [pid 5086] umount2("./65", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5756] close(4 [pid 5086] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5756] <... close resumed>) = 0 [pid 5756] mkdir("./file0", 0777) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5756] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./65/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./65/binderfs", [pid 5761] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5760] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./65/binderfs") = 0 [pid 5086] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5759] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... umount2 resumed>) = 0 [pid 5086] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 131.626553][ T5756] loop2: detected capacity change from 0 to 4096 [ 131.653286][ T5756] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./65/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./65") = 0 [pid 5086] mkdir("./66", 0777) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5759] <... write resumed>) = 2097152 [pid 5759] munmap(0x7f1df2200000, 138412032 [pid 5761] <... write resumed>) = 2097152 [pid 5760] <... write resumed>) = 2097152 [pid 5761] munmap(0x7f1df2200000, 138412032 [pid 5760] munmap(0x7f1df2200000, 138412032 [pid 5759] <... munmap resumed>) = 0 [pid 5759] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5761] <... munmap resumed>) = 0 [pid 5760] <... munmap resumed>) = 0 [pid 5756] <... mount resumed>) = 0 [pid 5761] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5760] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5759] ioctl(4, LOOP_SET_FD, 3 [pid 5756] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5761] <... openat resumed>) = 4 [pid 5760] <... openat resumed>) = 4 [pid 5756] chdir("./file0" [pid 5761] ioctl(4, LOOP_SET_FD, 3 [pid 5760] ioctl(4, LOOP_SET_FD, 3 [pid 5756] <... chdir resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5759] <... ioctl resumed>) = 0 [pid 5756] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5756] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5759] close(3) = 0 ./strace-static-x86_64: Process 5762 attached [pid 5759] close(4 [pid 5762] set_robust_list(0x555580b0d6a0, 24 [pid 5760] <... ioctl resumed>) = 0 [pid 5759] <... close resumed>) = 0 [pid 5756] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5762 [pid 5761] <... ioctl resumed>) = 0 [pid 5762] <... set_robust_list resumed>) = 0 [pid 5760] close(3 [pid 5759] mkdir("./file0", 0777 [pid 5756] <... futex resumed>) = 1 [pid 5754] <... futex resumed>) = 0 [pid 5762] chdir("./66" [pid 5761] close(3 [pid 5760] <... close resumed>) = 0 [pid 5756] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5754] exit_group(0 [pid 5762] <... chdir resumed>) = 0 [pid 5761] <... close resumed>) = 0 [pid 5760] close(4 [pid 5759] <... mkdir resumed>) = 0 [pid 5756] <... futex resumed>) = ? [pid 5754] <... exit_group resumed>) = ? [pid 5762] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5761] close(4 [pid 5760] <... close resumed>) = 0 [pid 5761] <... close resumed>) = 0 [pid 5760] mkdir("./file0", 0777 [pid 5761] mkdir("./file0", 0777 [pid 5756] +++ exited with 0 +++ [pid 5760] <... mkdir resumed>) = 0 [pid 5761] <... mkdir resumed>) = 0 [ 131.769086][ T5756] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 131.783136][ T5759] loop3: detected capacity change from 0 to 4096 [ 131.802815][ T5760] loop4: detected capacity change from 0 to 4096 [ 131.809957][ T5761] loop0: detected capacity change from 0 to 4096 [pid 5761] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5760] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5762] <... prctl resumed>) = 0 [pid 5759] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5754] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5754, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5087] umount2("./65", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./65/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./65/binderfs") = 0 [pid 5087] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5762] setpgid(0, 0) = 0 [pid 5762] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5762] write(3, "1000", 4 [pid 5087] <... umount2 resumed>) = 0 [pid 5762] <... write resumed>) = 4 [pid 5762] close(3) = 0 [pid 5087] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./65/file0", [pid 5762] symlink("/dev/binderfs", "./binderfs" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5762] <... symlink resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 executing program [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, [pid 5762] write(1, "executing program\n", 18 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5762] <... write resumed>) = 18 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4 [pid 5762] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... close resumed>) = 0 [pid 5762] <... futex resumed>) = 0 [pid 5087] rmdir("./65/file0" [pid 5762] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... rmdir resumed>) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5762] <... rt_sigaction resumed>NULL, 8) = 0 [ 131.839219][ T5759] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 131.849291][ T5761] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 131.859255][ T5760] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5087] close(3 [pid 5762] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./65") = 0 [pid 5087] mkdir("./66", 0777) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5762] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5759] <... mount resumed>) = 0 [pid 5762] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5762] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5759] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5762] <... mprotect resumed>) = 0 [pid 5759] <... openat resumed>) = 3 [pid 5762] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5759] chdir("./file0" [pid 5762] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5759] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5763 attached [pid 5759] openat(AT_FDCWD, "/dev/loop3", O_RDWR [ 131.886573][ T5759] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5763] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5762] <... clone3 resumed> => {parent_tid=[5763]}, 88) = 5763 [pid 5759] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5763] <... rseq resumed>) = 0 [pid 5762] rt_sigprocmask(SIG_SETMASK, [], [pid 5759] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5762] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5759] <... futex resumed>) = 1 [pid 5758] <... futex resumed>) = 0 [pid 5762] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5759] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5758] exit_group(0 [pid 5763] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5762] <... futex resumed>) = 0 [pid 5759] <... futex resumed>) = ? [pid 5758] <... exit_group resumed>) = ? [pid 5763] <... set_robust_list resumed>) = 0 [pid 5762] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5759] +++ exited with 0 +++ [pid 5763] rt_sigprocmask(SIG_SETMASK, [], [pid 5758] +++ exited with 0 +++ [pid 5763] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5758, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5088] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5088] umount2("./65", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5763] memfd_create("syzkaller", 0 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5763] <... memfd_create resumed>) = 3 [pid 5088] getdents64(3, [pid 5763] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5763] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] umount2("./65/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./65/binderfs") = 0 [pid 5088] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... ioctl resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5760] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5764 attached [pid 5764] set_robust_list(0x555580b0d6a0, 24 [pid 5760] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5764 [pid 5764] <... set_robust_list resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5764] chdir("./66") = 0 [pid 5088] newfstatat(AT_FDCWD, "./65/file0", [pid 5764] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5760] <... openat resumed>) = 3 [pid 5764] <... prctl resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5764] setpgid(0, 0 [pid 5760] chdir("./file0" [pid 5088] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5764] <... setpgid resumed>) = 0 [pid 5761] <... mount resumed>) = 0 [pid 5764] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5763] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5761] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5760] <... chdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5761] <... openat resumed>) = 3 [pid 5760] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... openat resumed>) = 4 [pid 5764] <... openat resumed>) = 3 [pid 5764] write(3, "1000", 4 [pid 5761] chdir("./file0" [pid 5760] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] newfstatat(4, "", [pid 5764] <... write resumed>) = 4 [pid 5761] <... chdir resumed>) = 0 [pid 5760] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [ 131.976236][ T5760] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 131.989337][ T5761] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5764] close(3 [pid 5760] <... futex resumed>) = 1 [pid 5755] <... futex resumed>) = 0 [pid 5088] getdents64(4, [pid 5755] exit_group(0) = ? [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5764] <... close resumed>) = 0 [pid 5761] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5760] +++ exited with 0 +++ [pid 5755] +++ exited with 0 +++ [pid 5088] getdents64(4, [pid 5764] symlink("/dev/binderfs", "./binderfs" [pid 5761] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5761] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5755, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5088] close(4 [pid 5764] <... symlink resumed>) = 0 [pid 5761] <... futex resumed>) = 1 executing program [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5088] <... close resumed>) = 0 [pid 5764] write(1, "executing program\n", 18 [pid 5761] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5757] <... futex resumed>) = 0 [pid 5089] <... restart_syscall resumed>) = 0 [pid 5088] rmdir("./65/file0" [pid 5764] <... write resumed>) = 18 [pid 5764] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5757] exit_group(0 [pid 5089] umount2("./65", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... rmdir resumed>) = 0 [pid 5764] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5761] <... futex resumed>) = ? [pid 5757] <... exit_group resumed>) = ? [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] getdents64(3, [pid 5764] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5763] <... write resumed>) = 2097152 [pid 5761] +++ exited with 0 +++ [pid 5089] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5764] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5763] munmap(0x7f1df2200000, 138412032 [pid 5089] <... openat resumed>) = 3 [pid 5088] close(3 [pid 5764] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5757] +++ exited with 0 +++ [pid 5088] <... close resumed>) = 0 [pid 5764] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] newfstatat(3, "", [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5757, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5764] <... mmap resumed>) = 0x7f1dfa693000 [pid 5764] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] umount2("./65", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5764] <... mprotect resumed>) = 0 [pid 5089] getdents64(3, [pid 5088] rmdir("./65" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./65/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5764] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5764] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] umount2("./65/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... rmdir resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./65/binderfs", [pid 5764] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5765 attached [pid 5088] mkdir("./66", 0777 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5764] <... clone3 resumed> => {parent_tid=[5765]}, 88) = 5765 [pid 5085] unlink("./65/binderfs" [pid 5765] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5764] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5765] <... rseq resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./65/binderfs", [pid 5088] <... mkdir resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5765] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5764] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5763] <... munmap resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5765] <... set_robust_list resumed>) = 0 [pid 5764] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5763] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] unlink("./65/binderfs" [pid 5088] <... openat resumed>) = 3 [pid 5765] rt_sigprocmask(SIG_SETMASK, [], [pid 5764] <... futex resumed>) = 0 [pid 5763] <... openat resumed>) = 4 [pid 5765] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5764] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] <... unlink resumed>) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5763] ioctl(4, LOOP_SET_FD, 3 [pid 5765] memfd_create("syzkaller", 0 [pid 5089] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = 0 [pid 5765] <... memfd_create resumed>) = 3 [pid 5089] <... umount2 resumed>) = 0 [pid 5765] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5089] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5763] <... ioctl resumed>) = 0 [pid 5085] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./65/file0", [pid 5763] close(3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5763] <... close resumed>) = 0 [pid 5089] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(AT_FDCWD, "./65/file0", [pid 5763] close(4 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5765] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5763] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./65/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5763] mkdir("./file0", 0777 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(4, "", [pid 5763] <... mkdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] getdents64(4, [pid 5085] <... openat resumed>) = 4 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, [pid 5763] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] getdents64(4, [pid 5089] close(4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... close resumed>) = 0 [pid 5085] close(4 [pid 5089] rmdir("./65/file0" [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./65/file0" [pid 5089] <... rmdir resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./65") = 0 [pid 5085] mkdir("./66", 0777) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5089] getdents64(3, [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./65") = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5089] mkdir("./66", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 132.113946][ T5763] loop1: detected capacity change from 0 to 4096 [ 132.151505][ T5763] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5765] <... write resumed>) = 2097152 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] close(3 [pid 5765] munmap(0x7f1df2200000, 138412032 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... ioctl resumed>) = 0 [pid 5765] <... munmap resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5766 [pid 5765] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 5766 attached [pid 5085] close(3 [pid 5766] set_robust_list(0x555580b0d6a0, 24 [pid 5085] <... close resumed>) = 0 [pid 5765] <... openat resumed>) = 4 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5766] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5767 attached [pid 5767] set_robust_list(0x555580b0d6a0, 24 [pid 5766] chdir("./66" [pid 5767] <... set_robust_list resumed>) = 0 [pid 5765] ioctl(4, LOOP_SET_FD, 3 [pid 5767] chdir("./66" [pid 5766] <... chdir resumed>) = 0 [pid 5766] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5766] setpgid(0, 0) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5767 [pid 5766] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5767] <... chdir resumed>) = 0 [pid 5767] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5766] <... openat resumed>) = 3 [pid 5767] <... prctl resumed>) = 0 [pid 5766] write(3, "1000", 4 [pid 5767] setpgid(0, 0 [pid 5766] <... write resumed>) = 4 [pid 5767] <... setpgid resumed>) = 0 [pid 5766] close(3 [pid 5767] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5765] <... ioctl resumed>) = 0 [pid 5767] <... openat resumed>) = 3 [pid 5766] <... close resumed>) = 0 [pid 5766] symlink("/dev/binderfs", "./binderfs" [pid 5767] write(3, "1000", 4 [pid 5766] <... symlink resumed>) = 0 [pid 5765] close(3executing program [pid 5767] <... write resumed>) = 4 [pid 5766] write(1, "executing program\n", 18 [pid 5765] <... close resumed>) = 0 [pid 5767] close(3 [pid 5766] <... write resumed>) = 18 [pid 5765] close(4 [pid 5767] <... close resumed>) = 0 [pid 5766] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5765] <... close resumed>) = 0 [pid 5767] symlink("/dev/binderfs", "./binderfs" [pid 5766] <... futex resumed>) = 0 [pid 5765] mkdir("./file0", 0777 [pid 5767] <... symlink resumed>) = 0 [pid 5766] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5765] <... mkdir resumed>) = 0 [pid 5765] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5763] <... mount resumed>) = 0 [pid 5763] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5766] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5763] chdir("./file0") = 0 [pid 5763] openat(AT_FDCWD, "/dev/loop1", O_RDWRexecuting program [pid 5767] write(1, "executing program\n", 18 [pid 5766] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5763] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 132.244291][ T5765] loop2: detected capacity change from 0 to 4096 [ 132.279477][ T5763] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5767] <... write resumed>) = 18 [pid 5766] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5763] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5767] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5766] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5763] <... futex resumed>) = 1 [pid 5762] <... futex resumed>) = 0 [pid 5767] <... futex resumed>) = 0 [pid 5766] <... mmap resumed>) = 0x7f1dfa693000 [pid 5767] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5766] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5767] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5767] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5763] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5762] exit_group(0 [pid 5089] <... ioctl resumed>) = 0 [pid 5767] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5762] <... exit_group resumed>) = ? [pid 5089] close(3 [pid 5767] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5763] <... futex resumed>) = ? [pid 5089] <... close resumed>) = 0 [pid 5763] +++ exited with 0 +++ [pid 5767] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5762] +++ exited with 0 +++ [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5767] <... mprotect resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5762, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5767] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5766] <... mprotect resumed>) = 0 [pid 5767] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5769 attached [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5768 [pid 5086] umount2("./66", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5767] <... clone3 resumed> => {parent_tid=[5769]}, 88) = 5769 [pid 5769] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5767] rt_sigprocmask(SIG_SETMASK, [], [pid 5769] <... rseq resumed>) = 0 [pid 5767] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5769] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5767] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5766] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5769] <... set_robust_list resumed>) = 0 [pid 5767] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5768 attached [pid 5767] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5086] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5769] rt_sigprocmask(SIG_SETMASK, [], [pid 5768] set_robust_list(0x555580b0d6a0, 24 [pid 5769] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5768] <... set_robust_list resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5768] chdir("./66") = 0 [pid 5768] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5086] newfstatat(3, "", [pid 5768] <... prctl resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5768] setpgid(0, 0 [pid 5086] getdents64(3, [pid 5768] <... setpgid resumed>) = 0 [pid 5766] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5768] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5766] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5086] umount2("./66/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5770 attached [pid 5769] memfd_create("syzkaller", 0 [pid 5768] <... openat resumed>) = 3 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5770] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5769] <... memfd_create resumed>) = 3 [pid 5768] write(3, "1000", 4 [pid 5766] <... clone3 resumed> => {parent_tid=[5770]}, 88) = 5770 [pid 5086] newfstatat(AT_FDCWD, "./66/binderfs", [pid 5770] <... rseq resumed>) = 0 [pid 5769] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5768] <... write resumed>) = 4 [pid 5766] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 132.309573][ T5765] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5770] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5769] <... mmap resumed>) = 0x7f1df2200000 [pid 5768] close(3 [pid 5766] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] unlink("./66/binderfs" [pid 5770] <... set_robust_list resumed>) = 0 [pid 5770] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5086] <... unlink resumed>) = 0 [pid 5770] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5768] <... close resumed>) = 0 [pid 5768] symlink("/dev/binderfs", "./binderfs" [pid 5766] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5770] <... futex resumed>) = 0 [pid 5766] <... futex resumed>) = 1 [pid 5770] memfd_create("syzkaller", 0 [pid 5768] <... symlink resumed>) = 0 executing program [pid 5766] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5768] write(1, "executing program\n", 18 [pid 5770] <... memfd_create resumed>) = 3 [pid 5770] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5086] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5768] <... write resumed>) = 18 [pid 5770] <... mmap resumed>) = 0x7f1df2200000 [pid 5768] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5768] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5768] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5765] <... mount resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5768] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5768] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5086] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5765] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5768] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5765] chdir("./file0") = 0 [pid 5768] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5768] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5765] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] newfstatat(AT_FDCWD, "./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5765] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5765] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5765] <... futex resumed>) = 1 [pid 5764] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5771 attached [pid 5768] <... clone3 resumed> => {parent_tid=[5771]}, 88) = 5771 [pid 5765] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5764] exit_group(0 [pid 5771] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5769] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5768] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5771] <... rseq resumed>) = 0 [pid 5768] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5771] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5768] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5765] <... futex resumed>) = ? [pid 5086] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5771] <... set_robust_list resumed>) = 0 [pid 5765] +++ exited with 0 +++ [pid 5771] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] <... openat resumed>) = 4 [pid 5771] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5764] <... exit_group resumed>) = ? [pid 5086] newfstatat(4, "", [pid 5771] memfd_create("syzkaller", 0 [pid 5768] <... futex resumed>) = 0 [pid 5768] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5764] +++ exited with 0 +++ [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5771] <... memfd_create resumed>) = 3 [pid 5086] getdents64(4, [pid 5771] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5764, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5771] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] umount2("./66", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5770] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 132.384673][ T5765] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5087] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./66/file0") = 0 [pid 5087] <... openat resumed>) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] umount2("./66/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5769] <... write resumed>) = 2097152 [pid 5087] newfstatat(AT_FDCWD, "./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./66/binderfs" [pid 5086] rmdir("./66" [pid 5769] munmap(0x7f1df2200000, 138412032 [pid 5087] <... unlink resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5087] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] mkdir("./67", 0777) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5087] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... openat resumed>) = 3 [pid 5087] newfstatat(AT_FDCWD, "./66/file0", [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5770] <... write resumed>) = 2097152 [pid 5769] <... munmap resumed>) = 0 [pid 5087] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5770] munmap(0x7f1df2200000, 138412032 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5769] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5087] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5769] ioctl(4, LOOP_SET_FD, 3 [pid 5771] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] <... openat resumed>) = 4 [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, [pid 5769] <... ioctl resumed>) = 0 [pid 5770] <... munmap resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5770] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5769] close(3 [pid 5087] close(4 [pid 5770] <... openat resumed>) = 4 [pid 5769] <... close resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./66/file0" [pid 5770] ioctl(4, LOOP_SET_FD, 3 [pid 5769] close(4) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5769] mkdir("./file0", 0777 [pid 5771] <... write resumed>) = 2097152 [pid 5769] <... mkdir resumed>) = 0 [pid 5087] getdents64(3, [pid 5769] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5770] <... ioctl resumed>) = 0 [pid 5771] munmap(0x7f1df2200000, 138412032 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5770] close(3) = 0 [pid 5770] close(4) = 0 [pid 5770] mkdir("./file0", 0777 [pid 5771] <... munmap resumed>) = 0 [pid 5770] <... mkdir resumed>) = 0 [pid 5087] close(3 [pid 5086] close(3 [ 132.481670][ T5769] loop0: detected capacity change from 0 to 4096 [ 132.504920][ T5770] loop3: detected capacity change from 0 to 4096 [ 132.519813][ T5769] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5770] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... close resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5087] rmdir("./66" [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5772 attached [pid 5771] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... rmdir resumed>) = 0 [pid 5772] set_robust_list(0x555580b0d6a0, 24 [pid 5087] mkdir("./67", 0777 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5772 [pid 5772] <... set_robust_list resumed>) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5772] chdir("./67" [pid 5771] <... openat resumed>) = 4 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5772] <... chdir resumed>) = 0 [pid 5771] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... openat resumed>) = 3 [pid 5772] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5772] <... prctl resumed>) = 0 [pid 5772] setpgid(0, 0 [pid 5769] <... mount resumed>) = 0 [pid 5772] <... setpgid resumed>) = 0 [pid 5771] <... ioctl resumed>) = 0 [pid 5769] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5772] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5771] close(3 [pid 5769] <... openat resumed>) = 3 [pid 5771] <... close resumed>) = 0 [pid 5769] chdir("./file0" [pid 5772] write(3, "1000", 4 [pid 5771] close(4 [pid 5769] <... chdir resumed>) = 0 [pid 5771] <... close resumed>) = 0 [pid 5772] <... write resumed>) = 4 [pid 5769] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5772] close(3 [pid 5771] mkdir("./file0", 0777 [pid 5769] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5772] <... close resumed>) = 0 [pid 5771] <... mkdir resumed>) = 0 [pid 5769] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5772] symlink("/dev/binderfs", "./binderfs" [pid 5771] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5769] <... futex resumed>) = 1 [pid 5767] <... futex resumed>) = 0 [pid 5769] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5767] exit_group(0 [pid 5769] <... futex resumed>) = ? [pid 5767] <... exit_group resumed>) = ? [pid 5769] +++ exited with 0 +++ [pid 5767] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5767, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5772] <... symlink resumed>) = 0 [ 132.542592][ T5770] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 132.555807][ T5769] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 132.563837][ T5771] loop4: detected capacity change from 0 to 4096 [pid 5085] umount2("./66", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5772] write(1, "executing program\n", 18 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./66/binderfs", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 5772] <... write resumed>) = 18 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5772] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] newfstatat(AT_FDCWD, "./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./66/binderfs") = 0 [pid 5085] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5772] <... futex resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5772] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5772] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5772] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5772] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5085] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5772] <... mprotect resumed>) = 0 [pid 5772] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] newfstatat(AT_FDCWD, "./66/file0", [pid 5772] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5770] <... mount resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5772] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5770] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", ./strace-static-x86_64: Process 5773 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, [pid 5773] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5772] <... clone3 resumed> => {parent_tid=[5773]}, 88) = 5773 [pid 5770] <... openat resumed>) = 3 [pid 5087] close(3 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./66/file0") = 0 [pid 5773] <... rseq resumed>) = 0 [pid 5772] rt_sigprocmask(SIG_SETMASK, [], [pid 5770] chdir("./file0" [pid 5087] <... close resumed>) = 0 [pid 5773] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5772] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5770] <... chdir resumed>) = 0 [pid 5085] getdents64(3, [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5773] <... set_robust_list resumed>) = 0 [pid 5772] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5770] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5772] <... futex resumed>) = 0 [pid 5770] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 132.604674][ T5771] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 132.630704][ T5770] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5773] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] close(3./strace-static-x86_64: Process 5774 attached [pid 5773] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5772] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5770] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... close resumed>) = 0 [pid 5770] <... futex resumed>) = 1 [pid 5766] <... futex resumed>) = 0 [pid 5770] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5766] exit_group(0 [pid 5774] set_robust_list(0x555580b0d6a0, 24 [pid 5773] memfd_create("syzkaller", 0 [pid 5770] <... futex resumed>) = ? [pid 5766] <... exit_group resumed>) = ? [pid 5085] rmdir("./66" [pid 5774] <... set_robust_list resumed>) = 0 [pid 5770] +++ exited with 0 +++ [pid 5774] chdir("./67" [pid 5085] <... rmdir resumed>) = 0 [pid 5774] <... chdir resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5774 [pid 5085] mkdir("./67", 0777 [pid 5774] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5774] setpgid(0, 0 [pid 5773] <... memfd_create resumed>) = 3 [pid 5774] <... setpgid resumed>) = 0 [pid 5766] +++ exited with 0 +++ [pid 5773] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5774] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5773] <... mmap resumed>) = 0x7f1df2200000 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5766, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5088] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5088] umount2("./66", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5774] <... openat resumed>) = 3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... openat resumed>) = 3 [pid 5774] write(3, "1000", 4 [pid 5088] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5774] <... write resumed>) = 4 [pid 5088] newfstatat(3, "", [pid 5085] <... ioctl resumed>) = 0 [pid 5774] close(3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] close(3 [pid 5774] <... close resumed>) = 0 [pid 5771] <... mount resumed>) = 0 [pid 5088] getdents64(3, [pid 5085] <... close resumed>) = 0 [pid 5771] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5774] symlink("/dev/binderfs", "./binderfs" [pid 5771] <... openat resumed>) = 3 [pid 5774] <... symlink resumed>) = 0 [pid 5088] umount2("./66/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5771] chdir("./file0") = 0 [pid 5771] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5771] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5775 attached executing program [pid 5774] write(1, "executing program\n", 18 [pid 5771] <... futex resumed>) = 1 [ 132.703934][ T5771] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5768] <... futex resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5775 [pid 5775] set_robust_list(0x555580b0d6a0, 24 [pid 5774] <... write resumed>) = 18 [pid 5771] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5768] exit_group(0 [pid 5088] newfstatat(AT_FDCWD, "./66/binderfs", [pid 5775] <... set_robust_list resumed>) = 0 [pid 5774] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5771] <... futex resumed>) = ? [pid 5768] <... exit_group resumed>) = ? [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5775] chdir("./67" [pid 5774] <... futex resumed>) = 0 [pid 5088] unlink("./66/binderfs" [pid 5775] <... chdir resumed>) = 0 [pid 5774] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] <... unlink resumed>) = 0 [pid 5775] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5774] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5775] <... prctl resumed>) = 0 [pid 5774] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5771] +++ exited with 0 +++ [pid 5768] +++ exited with 0 +++ [pid 5775] setpgid(0, 0 [pid 5774] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5768, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5775] <... setpgid resumed>) = 0 [pid 5774] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5775] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5774] <... mmap resumed>) = 0x7f1dfa693000 [pid 5775] <... openat resumed>) = 3 [pid 5774] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5775] write(3, "1000", 4 [pid 5774] <... mprotect resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5775] <... write resumed>) = 4 [pid 5774] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5775] close(3 [pid 5774] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] umount2("./66", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5775] <... close resumed>) = 0 [pid 5774] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5773] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5776 attached [pid 5775] symlink("/dev/binderfs", "./binderfs" [pid 5089] openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5776] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5775] <... symlink resumed>) = 0 [pid 5774] <... clone3 resumed> => {parent_tid=[5776]}, 88) = 5776 [pid 5089] <... openat resumed>) = 3 [pid 5088] newfstatat(AT_FDCWD, "./66/file0", executing program [pid 5776] <... rseq resumed>) = 0 [pid 5775] write(1, "executing program\n", 18 [pid 5774] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] newfstatat(3, "", [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5776] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5775] <... write resumed>) = 18 [pid 5774] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5776] <... set_robust_list resumed>) = 0 [pid 5775] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5774] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] getdents64(3, [pid 5775] <... futex resumed>) = 0 [pid 5774] <... futex resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5775] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5774] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] umount2("./66/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5775] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5776] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5775] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] newfstatat(AT_FDCWD, "./66/binderfs", [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5775] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5775] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] unlink("./66/binderfs" [pid 5775] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] <... unlink resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5775] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5776] memfd_create("syzkaller", 0 [pid 5089] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5776] <... memfd_create resumed>) = 3 [pid 5775] <... mprotect resumed>) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5776] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] newfstatat(4, "", [pid 5775] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5776] <... mmap resumed>) = 0x7f1df2200000 [pid 5775] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5775] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] getdents64(4, ./strace-static-x86_64: Process 5777 attached [pid 5777] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5777] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5089] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5777] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5777] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5775] <... clone3 resumed> => {parent_tid=[5777]}, 88) = 5777 [pid 5089] newfstatat(AT_FDCWD, "./66/file0", [pid 5775] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5777] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5775] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] umount2("./66/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5777] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5775] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5777] memfd_create("syzkaller", 0 [pid 5775] <... futex resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5775] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, [pid 5777] <... memfd_create resumed>) = 3 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5777] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./66/file0" [pid 5777] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... rmdir resumed>) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5773] <... write resumed>) = 2097152 [pid 5089] <... close resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] rmdir("./66") = 0 [pid 5089] mkdir("./67", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./66/file0" [pid 5773] munmap(0x7f1df2200000, 138412032 [pid 5088] <... rmdir resumed>) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./66" [pid 5776] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... rmdir resumed>) = 0 [pid 5088] mkdir("./67", 0777) = 0 [pid 5777] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5773] <... munmap resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5773] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5773] <... openat resumed>) = 4 [pid 5773] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5777] <... write resumed>) = 2097152 [pid 5773] close(3) = 0 [pid 5773] close(4) = 0 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5773] mkdir("./file0", 0777./strace-static-x86_64: Process 5778 attached [pid 5776] <... write resumed>) = 2097152 [pid 5773] <... mkdir resumed>) = 0 [ 132.886471][ T5773] loop1: detected capacity change from 0 to 4096 [pid 5778] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5778 [pid 5778] <... set_robust_list resumed>) = 0 [pid 5773] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5777] munmap(0x7f1df2200000, 138412032 [pid 5778] chdir("./67") = 0 [pid 5777] <... munmap resumed>) = 0 [pid 5778] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5776] munmap(0x7f1df2200000, 138412032) = 0 [pid 5778] <... prctl resumed>) = 0 [pid 5778] setpgid(0, 0) = 0 [pid 5777] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5778] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5777] <... openat resumed>) = 4 [pid 5777] ioctl(4, LOOP_SET_FD, 3 [pid 5778] <... openat resumed>) = 3 [pid 5088] <... ioctl resumed>) = 0 [pid 5778] write(3, "1000", 4 [pid 5088] close(3 [pid 5778] <... write resumed>) = 4 [pid 5778] close(3 [pid 5776] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... close resumed>) = 0 [pid 5778] <... close resumed>) = 0 [pid 5776] <... openat resumed>) = 4 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5778] symlink("/dev/binderfs", "./binderfs" [pid 5776] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5779 attached [pid 5778] <... symlink resumed>) = 0 [pid 5779] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5778] write(1, "executing program\n", 18 [pid 5777] <... ioctl resumed>) = 0 [pid 5776] <... ioctl resumed>) = 0 executing program [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5779 [ 132.959386][ T5773] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 132.975958][ T5777] loop0: detected capacity change from 0 to 4096 [ 132.990144][ T5776] loop2: detected capacity change from 0 to 4096 [pid 5779] chdir("./67" [pid 5778] <... write resumed>) = 18 [pid 5777] close(3 [pid 5776] close(3 [pid 5777] <... close resumed>) = 0 [pid 5776] <... close resumed>) = 0 [pid 5777] close(4) = 0 [pid 5776] close(4 [pid 5777] mkdir("./file0", 0777) = 0 [pid 5776] <... close resumed>) = 0 [pid 5776] mkdir("./file0", 0777 [pid 5778] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5776] <... mkdir resumed>) = 0 [pid 5777] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5776] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5779] <... chdir resumed>) = 0 [pid 5778] <... futex resumed>) = 0 [pid 5779] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5778] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5779] <... prctl resumed>) = 0 [pid 5778] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5773] <... mount resumed>) = 0 [pid 5779] setpgid(0, 0 [pid 5778] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5773] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5778] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5779] <... setpgid resumed>) = 0 [pid 5778] <... mmap resumed>) = 0x7f1dfa693000 [pid 5773] <... openat resumed>) = 3 [pid 5778] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5773] chdir("./file0" [pid 5778] <... mprotect resumed>) = 0 [pid 5773] <... chdir resumed>) = 0 [pid 5773] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5773] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5772] <... futex resumed>) = 0 [pid 5779] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5773] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5772] exit_group(0 [pid 5778] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5779] <... openat resumed>) = 3 [pid 5778] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5773] <... futex resumed>) = ? [pid 5772] <... exit_group resumed>) = ? [pid 5778] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5779] write(3, "1000", 4 [pid 5773] +++ exited with 0 +++ [pid 5779] <... write resumed>) = 4 ./strace-static-x86_64: Process 5780 attached [pid 5779] close(3 [pid 5778] <... clone3 resumed> => {parent_tid=[5780]}, 88) = 5780 [pid 5772] +++ exited with 0 +++ [pid 5780] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5779] <... close resumed>) = 0 [pid 5778] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5772, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5780] <... rseq resumed>) = 0 [pid 5779] symlink("/dev/binderfs", "./binderfs" [pid 5778] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5780] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5778] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5780] <... set_robust_list resumed>) = 0 [pid 5779] <... symlink resumed>) = 0 [pid 5778] <... futex resumed>) = 0 [pid 5086] <... restart_syscall resumed>) = 0 [pid 5780] rt_sigprocmask(SIG_SETMASK, [], [pid 5778] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5780] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5779] write(1, "executing program\n", 18executing program [pid 5780] memfd_create("syzkaller", 0 [pid 5086] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5779] <... write resumed>) = 18 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 133.009394][ T5773] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 133.025262][ T5777] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 133.036130][ T5776] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5779] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5780] <... memfd_create resumed>) = 3 [pid 5779] <... futex resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5780] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5779] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5086] newfstatat(3, "", [pid 5780] <... mmap resumed>) = 0x7f1df2200000 [pid 5779] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5779] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5086] getdents64(3, [pid 5779] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./67/binderfs") = 0 [pid 5086] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5086] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5779] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5086] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5779] <... mmap resumed>) = 0x7f1dfa693000 [pid 5086] close(4) = 0 [pid 5086] rmdir("./67/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./67") = 0 [pid 5086] mkdir("./68", 0777) = 0 [pid 5779] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5779] <... mprotect resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5779] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5779] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5777] <... mount resumed>) = 0 [pid 5776] <... mount resumed>) = 0 [pid 5777] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5776] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 5781 attached [pid 5777] <... openat resumed>) = 3 [pid 5781] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5777] chdir("./file0" [pid 5776] <... openat resumed>) = 3 [pid 5781] <... rseq resumed>) = 0 [pid 5777] <... chdir resumed>) = 0 [pid 5776] chdir("./file0" [pid 5781] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5777] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5776] <... chdir resumed>) = 0 [pid 5781] <... set_robust_list resumed>) = 0 [pid 5776] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5781] rt_sigprocmask(SIG_SETMASK, [], [pid 5779] <... clone3 resumed> => {parent_tid=[5781]}, 88) = 5781 [pid 5776] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5781] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5779] rt_sigprocmask(SIG_SETMASK, [], [pid 5777] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5781] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5779] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5777] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5779] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5777] <... futex resumed>) = 1 [pid 5775] <... futex resumed>) = 0 [pid 5781] <... futex resumed>) = 0 [pid 5779] <... futex resumed>) = 1 [pid 5776] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5775] exit_group(0 [pid 5781] memfd_create("syzkaller", 0 [pid 5780] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5779] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5776] <... futex resumed>) = 1 [pid 5775] <... exit_group resumed>) = ? [pid 5774] <... futex resumed>) = 0 [pid 5781] <... memfd_create resumed>) = 3 [pid 5777] +++ exited with 0 +++ [pid 5781] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5776] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5774] exit_group(0 [pid 5776] <... futex resumed>) = ? [pid 5774] <... exit_group resumed>) = ? [pid 5776] +++ exited with 0 +++ [pid 5775] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5775, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5085] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 133.109704][ T5777] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 133.132811][ T5776] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5774] +++ exited with 0 +++ [pid 5086] <... ioctl resumed>) = 0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5774, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5085] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] getdents64(3, [pid 5087] <... openat resumed>) = 3 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] newfstatat(3, "", [pid 5085] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] getdents64(3, [pid 5085] newfstatat(AT_FDCWD, "./67/binderfs", [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] newfstatat(AT_FDCWD, "./67/binderfs", [pid 5085] unlink("./67/binderfs" [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./67/binderfs") = 0 [pid 5087] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5087] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5781] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5780] <... write resumed>) = 2097152 [pid 5086] close(3 [pid 5085] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5780] munmap(0x7f1df2200000, 138412032 [pid 5087] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5780] <... munmap resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5782 attached [pid 5087] close(4) = 0 [pid 5087] rmdir("./67/file0" [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5782 [pid 5087] <... rmdir resumed>) = 0 [pid 5087] getdents64(3, [pid 5782] set_robust_list(0x555580b0d6a0, 24 [pid 5780] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5782] <... set_robust_list resumed>) = 0 [pid 5782] chdir("./68" [pid 5780] <... openat resumed>) = 4 [pid 5087] close(3 [pid 5085] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5780] ioctl(4, LOOP_SET_FD, 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./67/file0", [pid 5087] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] rmdir("./67" [pid 5085] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... rmdir resumed>) = 0 [pid 5087] mkdir("./68", 0777) = 0 [pid 5782] <... chdir resumed>) = 0 [pid 5781] <... write resumed>) = 2097152 [pid 5780] <... ioctl resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5782] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5781] munmap(0x7f1df2200000, 138412032 [pid 5780] close(3 [pid 5087] <... openat resumed>) = 3 [pid 5782] <... prctl resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5085] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5782] setpgid(0, 0) = 0 [pid 5780] <... close resumed>) = 0 [pid 5780] close(4) = 0 [pid 5782] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] <... openat resumed>) = 4 [pid 5782] <... openat resumed>) = 3 [pid 5085] newfstatat(4, "", [pid 5782] write(3, "1000", 4 [pid 5780] mkdir("./file0", 0777 [pid 5782] <... write resumed>) = 4 [pid 5781] <... munmap resumed>) = 0 [pid 5780] <... mkdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5782] close(3 [pid 5781] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] getdents64(4, [pid 5782] <... close resumed>) = 0 [pid 5780] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5782] symlink("/dev/binderfs", "./binderfs" [pid 5781] <... openat resumed>) = 4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5782] <... symlink resumed>) = 0 [ 133.246680][ T5780] loop4: detected capacity change from 0 to 4096 [ 133.283631][ T5781] loop3: detected capacity change from 0 to 4096 [pid 5781] ioctl(4, LOOP_SET_FD, 3executing program [pid 5085] getdents64(4, [pid 5782] write(1, "executing program\n", 18) = 18 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5782] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] close(4 [pid 5782] <... futex resumed>) = 0 [pid 5782] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5085] <... close resumed>) = 0 [pid 5782] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5085] rmdir("./67/file0" [pid 5782] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5781] <... ioctl resumed>) = 0 [pid 5782] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5782] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5782] <... mmap resumed>) = 0x7f1dfa693000 [pid 5781] close(3 [pid 5085] close(3 [pid 5782] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5781] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [ 133.284072][ T5780] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5781] close(4 [pid 5085] rmdir("./67" [pid 5782] <... mprotect resumed>) = 0 [pid 5781] <... close resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5781] mkdir("./file0", 0777) = 0 [pid 5085] mkdir("./68", 0777 [pid 5781] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5782] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] <... mkdir resumed>) = 0 [pid 5782] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5782] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5780] <... mount resumed>) = 0 [pid 5780] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5782] <... clone3 resumed> => {parent_tid=[5783]}, 88) = 5783 [pid 5782] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5782] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5780] <... openat resumed>) = 3 [pid 5782] <... futex resumed>) = 0 [pid 5780] chdir("./file0" [pid 5782] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5780] <... chdir resumed>) = 0 [pid 5780] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 5783 attached [pid 5780] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] close(3 [pid 5783] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5780] <... futex resumed>) = 1 [pid 5778] <... futex resumed>) = 0 [pid 5783] <... rseq resumed>) = 0 [pid 5780] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5778] exit_group(0 [pid 5087] <... close resumed>) = 0 [pid 5783] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5778] <... exit_group resumed>) = ? [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5783] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5784 attached [pid 5783] rt_sigprocmask(SIG_SETMASK, [], [pid 5780] <... futex resumed>) = ? [pid 5784] set_robust_list(0x555580b0d6a0, 24 [pid 5783] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5780] +++ exited with 0 +++ [pid 5778] +++ exited with 0 +++ [pid 5784] <... set_robust_list resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5778, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5784] chdir("./68" [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5784 [pid 5784] <... chdir resumed>) = 0 [pid 5784] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5783] memfd_create("syzkaller", 0 [pid 5784] <... prctl resumed>) = 0 [pid 5784] setpgid(0, 0 [pid 5783] <... memfd_create resumed>) = 3 [pid 5783] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5783] <... mmap resumed>) = 0x7f1df2200000 [pid 5784] <... setpgid resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5784] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5784] <... openat resumed>) = 3 [pid 5089] <... openat resumed>) = 3 [pid 5784] write(3, "1000", 4 [pid 5089] newfstatat(3, "", [pid 5784] <... write resumed>) = 4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5784] close(3 [pid 5089] getdents64(3, [pid 5784] <... close resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5784] symlink("/dev/binderfs", "./binderfs" [pid 5089] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 133.334998][ T5781] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 133.350164][ T5780] ntfs3: loop4: Failed to initialize $Extend/$ObjId. executing program [pid 5784] <... symlink resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./67/binderfs", [pid 5784] write(1, "executing program\n", 18 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5784] <... write resumed>) = 18 [pid 5089] unlink("./67/binderfs" [pid 5784] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... unlink resumed>) = 0 [pid 5784] <... futex resumed>) = 0 [pid 5089] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5784] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5784] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5784] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5784] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5784] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5089] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5784] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5784] <... clone3 resumed> => {parent_tid=[5785]}, 88) = 5785 [pid 5089] <... openat resumed>) = 4 [pid 5784] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] newfstatat(4, "", [pid 5784] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5784] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] getdents64(4, [pid 5784] <... futex resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5784] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./67/file0") = 0 [pid 5085] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5785 attached [pid 5785] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5785] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5089] rmdir("./67" [pid 5785] <... set_robust_list resumed>) = 0 [pid 5783] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] close(3 [pid 5781] <... mount resumed>) = 0 [pid 5785] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5781] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... close resumed>) = 0 [pid 5785] memfd_create("syzkaller", 0) = 3 [pid 5781] <... openat resumed>) = 3 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5785] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5781] chdir("./file0" [pid 5785] <... mmap resumed>) = 0x7f1df2200000 [pid 5781] <... chdir resumed>) = 0 [pid 5781] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5786 attached ) = -1 EBUSY (Device or resource busy) [pid 5089] <... rmdir resumed>) = 0 [pid 5786] set_robust_list(0x555580b0d6a0, 24 [pid 5781] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] mkdir("./68", 0777 [pid 5786] <... set_robust_list resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5786] chdir("./68" [pid 5781] <... futex resumed>) = 1 [pid 5779] <... futex resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5786 [pid 5786] <... chdir resumed>) = 0 [pid 5781] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5779] exit_group(0 [pid 5089] <... openat resumed>) = 3 [pid 5786] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5781] <... futex resumed>) = ? [pid 5779] <... exit_group resumed>) = ? [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5781] +++ exited with 0 +++ [pid 5779] +++ exited with 0 +++ [pid 5786] <... prctl resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5779, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [ 133.427491][ T5781] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5786] setpgid(0, 0) = 0 [pid 5088] umount2("./67", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./67/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5786] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5786] write(3, "1000", 4) = 4 [pid 5786] close(3) = 0 [pid 5786] symlink("/dev/binderfs", "./binderfs" [pid 5088] newfstatat(AT_FDCWD, "./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./67/binderfs"executing program [pid 5786] <... symlink resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5786] write(1, "executing program\n", 18 [pid 5088] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5786] <... write resumed>) = 18 [pid 5786] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... umount2 resumed>) = 0 [pid 5088] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5786] <... futex resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5786] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] newfstatat(AT_FDCWD, "./67/file0", [pid 5786] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5786] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] umount2("./67/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5786] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5786] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5786] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... openat resumed>) = 4 [pid 5786] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] newfstatat(4, "", [pid 5786] <... mprotect resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, [pid 5786] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5786] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] getdents64(4, [pid 5786] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4./strace-static-x86_64: Process 5787 attached ) = 0 [pid 5787] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5088] rmdir("./67/file0" [pid 5786] <... clone3 resumed> => {parent_tid=[5787]}, 88) = 5787 [pid 5787] <... rseq resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5787] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5088] getdents64(3, [pid 5787] <... set_robust_list resumed>) = 0 [pid 5786] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5787] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] close(3 [pid 5787] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5786] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... close resumed>) = 0 [pid 5786] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] rmdir("./67" [pid 5786] <... futex resumed>) = 0 [pid 5786] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... rmdir resumed>) = 0 [pid 5088] mkdir("./68", 0777 [pid 5787] memfd_create("syzkaller", 0) = 3 [pid 5787] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5785] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5783] <... write resumed>) = 2097152 [pid 5088] <... mkdir resumed>) = 0 [pid 5787] <... mmap resumed>) = 0x7f1df2200000 [pid 5783] munmap(0x7f1df2200000, 138412032 [pid 5089] <... ioctl resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 5788 [pid 5783] <... munmap resumed>) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5788 attached [pid 5788] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5788] chdir("./68") = 0 [pid 5788] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5788] setpgid(0, 0) = 0 [pid 5788] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5788] write(3, "1000", 4) = 4 [pid 5788] close(3executing program ) = 0 [pid 5788] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5783] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5788] write(1, "executing program\n", 18 [pid 5783] <... openat resumed>) = 4 [pid 5788] <... write resumed>) = 18 [pid 5788] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5783] ioctl(4, LOOP_SET_FD, 3 [pid 5788] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5788] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5788] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5788] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5788] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5785] <... write resumed>) = 2097152 [pid 5783] <... ioctl resumed>) = 0 [pid 5788] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5788] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5789 attached => {parent_tid=[5789]}, 88) = 5789 [pid 5789] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5788] rt_sigprocmask(SIG_SETMASK, [], [pid 5789] <... rseq resumed>) = 0 [pid 5788] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5789] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5788] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5789] <... set_robust_list resumed>) = 0 [pid 5788] <... futex resumed>) = 0 [pid 5789] rt_sigprocmask(SIG_SETMASK, [], [pid 5788] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5789] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5785] munmap(0x7f1df2200000, 138412032 [pid 5789] memfd_create("syzkaller", 0 [pid 5787] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5789] <... memfd_create resumed>) = 3 [pid 5789] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5785] <... munmap resumed>) = 0 [pid 5789] <... mmap resumed>) = 0x7f1df2200000 [pid 5785] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 133.582103][ T5783] loop1: detected capacity change from 0 to 4096 [pid 5785] ioctl(4, LOOP_SET_FD, 3 [pid 5783] close(3) = 0 [pid 5783] close(4) = 0 [pid 5783] mkdir("./file0", 0777 [pid 5785] <... ioctl resumed>) = 0 [pid 5785] close(3 [pid 5783] <... mkdir resumed>) = 0 [pid 5785] <... close resumed>) = 0 [pid 5785] close(4 [pid 5783] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5785] <... close resumed>) = 0 [pid 5785] mkdir("./file0", 0777) = 0 [pid 5785] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... ioctl resumed>) = 0 [pid 5088] close(3) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 5790 ./strace-static-x86_64: Process 5790 attached [pid 5790] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5790] chdir("./68") = 0 [pid 5789] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5790] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5790] setpgid(0, 0) = 0 [pid 5790] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5790] write(3, "1000", 4) = 4 [pid 5790] close(3) = 0 [pid 5790] symlink("/dev/binderfs", "./binderfs") = 0 [ 133.625035][ T5785] loop2: detected capacity change from 0 to 4096 [ 133.649583][ T5783] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 133.658982][ T5785] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). executing program [pid 5790] write(1, "executing program\n", 18) = 18 [pid 5790] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5790] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5790] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5790] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5790] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5790] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5790] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5791]}, 88) = 5791 [pid 5790] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5791 attached NULL, 8) = 0 [pid 5791] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5790] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5791] <... rseq resumed>) = 0 [pid 5790] <... futex resumed>) = 0 [pid 5791] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5790] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5787] <... write resumed>) = 2097152 [pid 5791] <... set_robust_list resumed>) = 0 [pid 5789] <... write resumed>) = 2097152 [pid 5787] munmap(0x7f1df2200000, 138412032 [pid 5791] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5791] memfd_create("syzkaller", 0) = 3 [pid 5791] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5789] munmap(0x7f1df2200000, 138412032 [pid 5787] <... munmap resumed>) = 0 [pid 5787] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5789] <... munmap resumed>) = 0 [pid 5789] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5787] <... openat resumed>) = 4 [pid 5787] ioctl(4, LOOP_SET_FD, 3 [pid 5789] ioctl(4, LOOP_SET_FD, 3 [pid 5787] <... ioctl resumed>) = 0 [pid 5783] <... mount resumed>) = 0 [pid 5791] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5789] <... ioctl resumed>) = 0 [pid 5787] close(3 [pid 5783] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5789] close(3 [pid 5787] <... close resumed>) = 0 [pid 5783] <... openat resumed>) = 3 [pid 5789] <... close resumed>) = 0 [pid 5787] close(4 [pid 5783] chdir("./file0" [pid 5789] close(4 [pid 5783] <... chdir resumed>) = 0 [pid 5783] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5789] <... close resumed>) = 0 [pid 5787] <... close resumed>) = 0 [pid 5783] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5787] mkdir("./file0", 0777 [pid 5789] mkdir("./file0", 0777 [pid 5787] <... mkdir resumed>) = 0 [pid 5783] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5785] <... mount resumed>) = 0 [pid 5783] <... futex resumed>) = 1 [pid 5783] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5782] <... futex resumed>) = 0 [pid 5782] exit_group(0 [pid 5783] <... futex resumed>) = ? [pid 5782] <... exit_group resumed>) = ? [pid 5789] <... mkdir resumed>) = 0 [pid 5785] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5783] +++ exited with 0 +++ [pid 5782] +++ exited with 0 +++ [pid 5789] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5782, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5785] <... openat resumed>) = 3 [ 133.781919][ T5783] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 133.793051][ T5787] loop0: detected capacity change from 0 to 4096 [ 133.793254][ T5789] loop4: detected capacity change from 0 to 4096 [ 133.818304][ T5785] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5086] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5787] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5791] <... write resumed>) = 2097152 [pid 5785] chdir("./file0" [pid 5791] munmap(0x7f1df2200000, 138412032 [pid 5785] <... chdir resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5785] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5785] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] newfstatat(AT_FDCWD, "./68/binderfs", [pid 5785] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5784] <... futex resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5785] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5784] exit_group(0 [pid 5086] unlink("./68/binderfs" [pid 5791] <... munmap resumed>) = 0 [pid 5785] <... futex resumed>) = ? [pid 5784] <... exit_group resumed>) = ? [pid 5086] <... unlink resumed>) = 0 [pid 5785] +++ exited with 0 +++ [pid 5791] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5784] +++ exited with 0 +++ [pid 5086] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5791] <... openat resumed>) = 4 [pid 5791] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5784, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5791] close(3 [pid 5087] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = 0 [pid 5791] <... close resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 133.838474][ T5789] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 133.848390][ T5787] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 133.873005][ T5791] loop3: detected capacity change from 0 to 4096 [pid 5086] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5791] close(4 [pid 5087] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5791] <... close resumed>) = 0 [pid 5791] mkdir("./file0", 0777 [pid 5087] <... openat resumed>) = 3 [pid 5086] newfstatat(AT_FDCWD, "./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5791] <... mkdir resumed>) = 0 [pid 5086] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5791] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] newfstatat(3, "", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5086] newfstatat(4, "", [pid 5087] getdents64(3, [pid 5789] <... mount resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5789] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(4, [pid 5789] <... openat resumed>) = 3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5789] chdir("./file0" [pid 5087] newfstatat(AT_FDCWD, "./68/binderfs", [pid 5086] getdents64(4, [pid 5789] <... chdir resumed>) = 0 [pid 5789] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5789] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] close(4 [pid 5789] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] unlink("./68/binderfs" [pid 5789] <... futex resumed>) = 1 [pid 5086] <... close resumed>) = 0 [pid 5789] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5788] <... futex resumed>) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5086] rmdir("./68/file0" [pid 5788] exit_group(0) = ? [pid 5789] <... futex resumed>) = ? [pid 5087] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5789] +++ exited with 0 +++ [pid 5788] +++ exited with 0 +++ [ 133.893480][ T5789] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 133.907787][ T5791] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5086] close(3) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5788, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5086] rmdir("./68") = 0 [pid 5089] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] mkdir("./69", 0777) = 0 [pid 5089] newfstatat(3, "", [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... openat resumed>) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5089] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./68/binderfs") = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5089] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5787] <... mount resumed>) = 0 [pid 5791] <... mount resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5087] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5791] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5787] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5791] <... openat resumed>) = 3 [pid 5787] <... openat resumed>) = 3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5791] chdir("./file0" [pid 5089] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5791] <... chdir resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./68/file0", [pid 5791] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... openat resumed>) = 4 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5791] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5787] chdir("./file0" [pid 5089] newfstatat(4, "", [pid 5087] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 133.964237][ T5787] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 133.971445][ T5791] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5791] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5787] <... chdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5791] <... futex resumed>) = 1 [pid 5790] <... futex resumed>) = 0 [pid 5787] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] getdents64(4, [pid 5087] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5791] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5790] exit_group(0 [pid 5787] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... openat resumed>) = 4 [pid 5791] <... futex resumed>) = ? [pid 5790] <... exit_group resumed>) = ? [pid 5787] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] newfstatat(4, "", [pid 5791] +++ exited with 0 +++ [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, [pid 5089] getdents64(4, [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, [pid 5787] <... futex resumed>) = 1 [pid 5786] <... futex resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5790] +++ exited with 0 +++ [pid 5786] exit_group(0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5790, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./68/file0" [pid 5089] close(4) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5089] rmdir("./68/file0" [pid 5088] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(3, [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5786] <... exit_group resumed>) = ? [pid 5089] <... rmdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] getdents64(3, [pid 5088] <... openat resumed>) = 3 [pid 5087] close(3 [pid 5086] <... ioctl resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] newfstatat(3, "", [pid 5087] <... close resumed>) = 0 [pid 5089] close(3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] rmdir("./68" [pid 5089] <... close resumed>) = 0 [pid 5088] getdents64(3, [pid 5087] <... rmdir resumed>) = 0 [pid 5086] close(3 [pid 5089] rmdir("./68" [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] mkdir("./69", 0777 [pid 5787] +++ exited with 0 +++ [pid 5786] +++ exited with 0 +++ [pid 5089] <... rmdir resumed>) = 0 [pid 5088] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... mkdir resumed>) = 0 [pid 5089] mkdir("./69", 0777 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5786, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5085] umount2("./68", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... mkdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5085] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 5089] <... openat resumed>) = 3 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] newfstatat(AT_FDCWD, "./68/binderfs", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] unlink("./68/binderfs" [pid 5085] umount2("./68/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5792 attached [pid 5088] <... unlink resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5792 [pid 5792] set_robust_list(0x555580b0d6a0, 24 [pid 5088] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(AT_FDCWD, "./68/binderfs", [pid 5792] <... set_robust_list resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5792] chdir("./69" [pid 5087] <... openat resumed>) = 3 [pid 5085] unlink("./68/binderfs" [pid 5792] <... chdir resumed>) = 0 [pid 5792] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5085] <... unlink resumed>) = 0 [pid 5085] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5792] setpgid(0, 0 [pid 5088] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = 0 [pid 5792] <... setpgid resumed>) = 0 [pid 5792] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5792] <... openat resumed>) = 3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./68/file0", [pid 5792] write(3, "1000", 4 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./68/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5792] <... write resumed>) = 4 [pid 5088] <... openat resumed>) = 4 [pid 5792] close(3) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5792] symlink("/dev/binderfs", "./binderfs" [pid 5088] newfstatat(4, "", [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5792] <... symlink resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, [pid 5792] write(1, "executing program\n", 18 [pid 5088] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, [pid 5088] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 5088] close(4 [pid 5085] <... close resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5085] rmdir("./68/file0" [pid 5088] rmdir("./68/file0" [pid 5085] <... rmdir resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, [pid 5088] getdents64(3, [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5088] close(3 [pid 5085] rmdir("./68" [pid 5088] <... close resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5088] rmdir("./68"executing program ) = 0 [pid 5085] mkdir("./69", 0777 [pid 5088] mkdir("./69", 0777 [pid 5085] <... mkdir resumed>) = 0 [pid 5792] <... write resumed>) = 18 [pid 5088] <... mkdir resumed>) = 0 [pid 5792] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5792] <... futex resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5792] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5792] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5089] close(3 [pid 5792] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5088] <... openat resumed>) = 3 [pid 5792] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5793 attached [pid 5792] <... mprotect resumed>) = 0 [pid 5793] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5793] chdir("./69" [pid 5792] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5793 [pid 5793] <... chdir resumed>) = 0 [pid 5793] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5793] setpgid(0, 0) = 0 [pid 5793] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5792] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5793] <... openat resumed>) = 3 [pid 5793] write(3, "1000", 4) = 4 [pid 5793] close(3) = 0 [pid 5792] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5793] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5794 attached ) = 0 [pid 5087] close(3 [pid 5794] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5793] write(1, "executing program\n", 18 [pid 5792] <... clone3 resumed> => {parent_tid=[5794]}, 88) = 5794 [pid 5087] <... close resumed>) = 0 [pid 5794] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5792] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5794] <... set_robust_list resumed>) = 0 [pid 5794] rt_sigprocmask(SIG_SETMASK, [], [pid 5792] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5794] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5794] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5792] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5794] <... futex resumed>) = 0 [pid 5792] <... futex resumed>) = 1 [pid 5792] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5795 [pid 5794] memfd_create("syzkaller", 0executing program ./strace-static-x86_64: Process 5795 attached [pid 5793] <... write resumed>) = 18 [pid 5795] set_robust_list(0x555580b0d6a0, 24 [pid 5793] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5795] <... set_robust_list resumed>) = 0 [pid 5793] <... futex resumed>) = 0 [pid 5795] chdir("./69" [pid 5793] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5795] <... chdir resumed>) = 0 [pid 5793] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5795] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5794] <... memfd_create resumed>) = 3 [pid 5793] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5795] <... prctl resumed>) = 0 [pid 5794] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5793] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5795] setpgid(0, 0 [pid 5794] <... mmap resumed>) = 0x7f1df2200000 [pid 5795] <... setpgid resumed>) = 0 [pid 5793] <... mmap resumed>) = 0x7f1dfa693000 [pid 5795] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5793] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5795] <... openat resumed>) = 3 [pid 5795] write(3, "1000", 4 [pid 5793] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5795] <... write resumed>) = 4 [pid 5795] close(3) = 0 [pid 5795] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5793] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5793] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5795] write(1, "executing program\n", 18) = 18 [pid 5795] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5796 attached [pid 5796] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5796] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5795] <... futex resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5795] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5793] <... clone3 resumed> => {parent_tid=[5796]}, 88) = 5796 [pid 5795] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5793] rt_sigprocmask(SIG_SETMASK, [], [pid 5795] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] close(3 [pid 5085] close(3 [pid 5793] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5795] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5796] <... set_robust_list resumed>) = 0 [pid 5795] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5793] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5793] <... futex resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5795] <... mmap resumed>) = 0x7f1dfa693000 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5798 attached ./strace-static-x86_64: Process 5797 attached [pid 5795] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5793] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5797] set_robust_list(0x555580b0d6a0, 24 [pid 5795] <... mprotect resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5797 [pid 5797] <... set_robust_list resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5798 [pid 5797] chdir("./69" [pid 5796] rt_sigprocmask(SIG_SETMASK, [], [pid 5797] <... chdir resumed>) = 0 [pid 5797] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5798] set_robust_list(0x555580b0d6a0, 24 [pid 5797] setpgid(0, 0 [pid 5796] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5798] <... set_robust_list resumed>) = 0 [pid 5797] <... setpgid resumed>) = 0 [pid 5796] memfd_create("syzkaller", 0 [pid 5795] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5798] chdir("./69" [pid 5797] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5795] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5798] <... chdir resumed>) = 0 [pid 5797] <... openat resumed>) = 3 [pid 5796] <... memfd_create resumed>) = 3 [pid 5795] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5798] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5797] write(3, "1000", 4 [pid 5798] <... prctl resumed>) = 0 [pid 5798] setpgid(0, 0 [pid 5797] <... write resumed>) = 4 [pid 5796] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5798] <... setpgid resumed>) = 0 [pid 5797] close(3./strace-static-x86_64: Process 5799 attached [pid 5798] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5796] <... mmap resumed>) = 0x7f1df2200000 [pid 5799] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5797] <... close resumed>) = 0 [pid 5795] <... clone3 resumed> => {parent_tid=[5799]}, 88) = 5799 [pid 5799] <... rseq resumed>) = 0 [pid 5798] <... openat resumed>) = 3 [pid 5797] symlink("/dev/binderfs", "./binderfs" [pid 5795] rt_sigprocmask(SIG_SETMASK, [], [pid 5794] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5799] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5798] write(3, "1000", 4 [pid 5797] <... symlink resumed>) = 0 [pid 5795] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5799] <... set_robust_list resumed>) = 0 [pid 5799] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5799] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULLexecuting program [pid 5798] <... write resumed>) = 4 [pid 5797] write(1, "executing program\n", 18 [pid 5795] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5798] close(3) = 0 [pid 5797] <... write resumed>) = 18 [pid 5795] <... futex resumed>) = 1 [pid 5797] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5799] <... futex resumed>) = 0 [pid 5798] symlink("/dev/binderfs", "./binderfs" [pid 5797] <... futex resumed>) = 0 [pid 5795] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5799] memfd_create("syzkaller", 0 [pid 5798] <... symlink resumed>) = 0 [pid 5797] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, executing program [pid 5799] <... memfd_create resumed>) = 3 [pid 5798] write(1, "executing program\n", 18 [pid 5797] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5799] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5798] <... write resumed>) = 18 [pid 5797] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5799] <... mmap resumed>) = 0x7f1df2200000 [pid 5798] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5797] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5794] <... write resumed>) = 2097152 [pid 5798] <... futex resumed>) = 0 [pid 5797] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5798] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5797] <... mmap resumed>) = 0x7f1dfa693000 [pid 5797] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5794] munmap(0x7f1df2200000, 138412032 [pid 5798] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5797] <... mprotect resumed>) = 0 [pid 5798] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5797] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5798] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5798] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5797] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5794] <... munmap resumed>) = 0 [pid 5798] <... mprotect resumed>) = 0 [pid 5797] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5794] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5800 attached [pid 5800] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5799] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5798] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5797] <... clone3 resumed> => {parent_tid=[5800]}, 88) = 5800 [pid 5796] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5794] <... openat resumed>) = 4 [pid 5800] <... rseq resumed>) = 0 [pid 5798] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5797] rt_sigprocmask(SIG_SETMASK, [], [pid 5794] ioctl(4, LOOP_SET_FD, 3 [pid 5800] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5800] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5800] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5794] <... ioctl resumed>) = 0 [pid 5797] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5798] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5801]}, 88) = 5801 [pid 5797] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5801 attached [pid 5800] <... futex resumed>) = 0 [pid 5798] rt_sigprocmask(SIG_SETMASK, [], [pid 5797] <... futex resumed>) = 1 [pid 5794] close(3 [pid 5800] memfd_create("syzkaller", 0 [pid 5798] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5797] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5794] <... close resumed>) = 0 [pid 5800] <... memfd_create resumed>) = 3 [pid 5798] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5794] close(4 [pid 5801] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5800] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5798] <... futex resumed>) = 0 [pid 5794] <... close resumed>) = 0 [pid 5801] <... rseq resumed>) = 0 [pid 5800] <... mmap resumed>) = 0x7f1df2200000 [pid 5798] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5794] mkdir("./file0", 0777 [pid 5801] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5801] rt_sigprocmask(SIG_SETMASK, [], [pid 5799] <... write resumed>) = 2097152 [pid 5801] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5794] <... mkdir resumed>) = 0 [pid 5801] memfd_create("syzkaller", 0 [pid 5799] munmap(0x7f1df2200000, 138412032 [pid 5796] <... write resumed>) = 2097152 [pid 5794] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5799] <... munmap resumed>) = 0 [pid 5801] <... memfd_create resumed>) = 3 [pid 5801] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [ 134.352969][ T5794] loop1: detected capacity change from 0 to 4096 [pid 5796] munmap(0x7f1df2200000, 138412032 [pid 5799] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5799] ioctl(4, LOOP_SET_FD, 3 [pid 5796] <... munmap resumed>) = 0 [pid 5796] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5799] <... ioctl resumed>) = 0 [pid 5796] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5799] close(3) = 0 [pid 5799] close(4) = 0 [pid 5799] mkdir("./file0", 0777 [pid 5796] close(3) = 0 [pid 5796] close(4 [pid 5799] <... mkdir resumed>) = 0 [pid 5796] <... close resumed>) = 0 [pid 5799] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 134.401340][ T5794] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 134.420107][ T5799] loop2: detected capacity change from 0 to 4096 [ 134.432065][ T5796] loop4: detected capacity change from 0 to 4096 [pid 5796] mkdir("./file0", 0777 [pid 5801] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5796] <... mkdir resumed>) = 0 [pid 5796] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5800] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5794] <... mount resumed>) = 0 [ 134.461250][ T5799] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 134.485180][ T5796] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 134.491432][ T5794] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5794] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5794] chdir("./file0") = 0 [pid 5794] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5801] <... write resumed>) = 2097152 [pid 5794] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5801] munmap(0x7f1df2200000, 138412032 [pid 5794] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5801] <... munmap resumed>) = 0 [pid 5800] <... write resumed>) = 2097152 [pid 5794] <... futex resumed>) = 1 [pid 5792] <... futex resumed>) = 0 [pid 5794] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5801] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5800] munmap(0x7f1df2200000, 138412032 [pid 5792] exit_group(0 [pid 5801] <... openat resumed>) = 4 [pid 5800] <... munmap resumed>) = 0 [pid 5794] <... futex resumed>) = ? [pid 5792] <... exit_group resumed>) = ? [pid 5801] ioctl(4, LOOP_SET_FD, 3 [pid 5800] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5796] <... mount resumed>) = 0 [pid 5794] +++ exited with 0 +++ [pid 5792] +++ exited with 0 +++ [pid 5796] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5792, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5796] chdir("./file0") = 0 [pid 5086] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5796] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5800] <... openat resumed>) = 4 [pid 5086] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5800] ioctl(4, LOOP_SET_FD, 3 [pid 5796] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... openat resumed>) = 3 [pid 5801] <... ioctl resumed>) = 0 [pid 5800] <... ioctl resumed>) = 0 [pid 5799] <... mount resumed>) = 0 [pid 5796] <... futex resumed>) = 1 [pid 5793] <... futex resumed>) = 0 [pid 5086] newfstatat(3, "", [pid 5801] close(3 [pid 5799] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5796] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5793] exit_group(0 [pid 5800] close(3 [pid 5801] <... close resumed>) = 0 [pid 5799] <... openat resumed>) = 3 [pid 5796] <... futex resumed>) = ? [pid 5793] <... exit_group resumed>) = ? [pid 5800] <... close resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5801] close(4 [pid 5799] chdir("./file0" [pid 5800] close(4 [pid 5801] <... close resumed>) = 0 [pid 5799] <... chdir resumed>) = 0 [pid 5796] +++ exited with 0 +++ [pid 5793] +++ exited with 0 +++ [pid 5086] getdents64(3, [pid 5799] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5793, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5801] mkdir("./file0", 0777 [pid 5800] <... close resumed>) = 0 [pid 5799] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5801] <... mkdir resumed>) = 0 [pid 5800] mkdir("./file0", 0777 [pid 5799] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5801] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5800] <... mkdir resumed>) = 0 [pid 5799] <... futex resumed>) = 1 [pid 5795] <... futex resumed>) = 0 [pid 5089] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(AT_FDCWD, "./69/binderfs", [pid 5799] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5795] exit_group(0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5799] <... futex resumed>) = ? [pid 5795] <... exit_group resumed>) = ? [ 134.571883][ T5796] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 134.585229][ T5801] loop0: detected capacity change from 0 to 4096 [ 134.599049][ T5799] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 134.608343][ T5800] loop3: detected capacity change from 0 to 4096 [pid 5089] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5800] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5799] +++ exited with 0 +++ [pid 5795] +++ exited with 0 +++ [pid 5089] <... openat resumed>) = 3 [pid 5086] unlink("./69/binderfs" [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... unlink resumed>) = 0 [pid 5089] getdents64(3, [pid 5086] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5795, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5089] newfstatat(AT_FDCWD, "./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... restart_syscall resumed>) = 0 [pid 5089] unlink("./69/binderfs" [pid 5087] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... unlink resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] <... umount2 resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./69/binderfs" [pid 5086] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] <... unlink resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./69/file0", [pid 5089] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 134.640612][ T5801] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 134.653588][ T5800] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", [pid 5089] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] getdents64(4, [pid 5089] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... openat resumed>) = 4 [pid 5086] getdents64(4, [pid 5089] newfstatat(4, "", [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... close resumed>) = 0 [pid 5089] getdents64(4, [pid 5087] <... umount2 resumed>) = 0 [pid 5086] rmdir("./69/file0" [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... rmdir resumed>) = 0 [pid 5089] getdents64(4, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] getdents64(3, [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5801] <... mount resumed>) = 0 [pid 5086] close(3 [pid 5801] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] close(4 [pid 5087] newfstatat(AT_FDCWD, "./69/file0", [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./69" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... close resumed>) = 0 [pid 5801] <... openat resumed>) = 3 [pid 5089] rmdir("./69/file0" [pid 5087] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... rmdir resumed>) = 0 [pid 5801] chdir("./file0" [pid 5089] <... rmdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] mkdir("./70", 0777 [pid 5801] <... chdir resumed>) = 0 [pid 5089] getdents64(3, [pid 5087] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... mkdir resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5801] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] close(3 [pid 5087] <... openat resumed>) = 4 [pid 5801] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... close resumed>) = 0 [pid 5087] newfstatat(4, "", [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5801] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] rmdir("./69" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5801] <... futex resumed>) = 1 [pid 5798] <... futex resumed>) = 0 [pid 5801] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5798] exit_group(0 [pid 5087] getdents64(4, [pid 5801] <... futex resumed>) = ? [pid 5798] <... exit_group resumed>) = ? [pid 5086] <... openat resumed>) = 3 [pid 5801] +++ exited with 0 +++ [pid 5798] +++ exited with 0 +++ [pid 5089] <... rmdir resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5089] mkdir("./70", 0777 [pid 5087] getdents64(4, [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5798, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5085] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... mkdir resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] close(4 [pid 5085] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... close resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] rmdir("./69/file0" [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5087] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] close(3 [pid 5085] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./69" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 134.713710][ T5801] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5085] unlink("./69/binderfs" [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5087] mkdir("./70", 0777) = 0 [pid 5085] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5800] <... mount resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5800] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... openat resumed>) = 3 [pid 5086] <... ioctl resumed>) = 0 [pid 5085] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5800] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5800] chdir("./file0" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./69/file0", [pid 5800] <... chdir resumed>) = 0 [pid 5086] close(3 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5800] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... close resumed>) = 0 [pid 5085] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5800] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5802 [pid 5085] getdents64(4, [pid 5800] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5800] <... futex resumed>) = 1 ./strace-static-x86_64: Process 5802 attached [ 134.757247][ T5800] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5800] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5797] <... futex resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5085] getdents64(4, [pid 5802] set_robust_list(0x555580b0d6a0, 24 [pid 5797] exit_group(0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 5800] <... futex resumed>) = ? [pid 5085] <... close resumed>) = 0 [pid 5802] <... set_robust_list resumed>) = 0 [pid 5800] +++ exited with 0 +++ [pid 5797] <... exit_group resumed>) = ? [pid 5089] close(3 [pid 5085] rmdir("./69/file0" [pid 5802] chdir("./70" [pid 5089] <... close resumed>) = 0 [pid 5802] <... chdir resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5802] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] <... rmdir resumed>) = 0 [pid 5802] <... prctl resumed>) = 0 [pid 5802] setpgid(0, 0 [pid 5085] getdents64(3, [pid 5802] <... setpgid resumed>) = 0 [pid 5797] +++ exited with 0 +++ ./strace-static-x86_64: Process 5803 attached [pid 5802] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5803 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5803] set_robust_list(0x555580b0d6a0, 24 [pid 5802] <... openat resumed>) = 3 [pid 5085] close(3 [pid 5803] <... set_robust_list resumed>) = 0 [pid 5802] write(3, "1000", 4 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5797, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5803] chdir("./70" [pid 5802] <... write resumed>) = 4 [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5085] <... close resumed>) = 0 [pid 5803] <... chdir resumed>) = 0 [pid 5802] close(3 [pid 5088] <... restart_syscall resumed>) = 0 [pid 5085] rmdir("./69" [pid 5803] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5802] <... close resumed>) = 0 [pid 5802] symlink("/dev/binderfs", "./binderfs" [pid 5803] <... prctl resumed>) = 0 [pid 5802] <... symlink resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 executing program [pid 5802] write(1, "executing program\n", 18) = 18 [pid 5802] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5802] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5802] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5802] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5802] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5802] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5802] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5804 attached [pid 5803] setpgid(0, 0 [pid 5085] mkdir("./70", 0777 [pid 5804] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5803] <... setpgid resumed>) = 0 [pid 5802] <... clone3 resumed> => {parent_tid=[5804]}, 88) = 5804 [pid 5802] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5804] <... rseq resumed>) = 0 [pid 5803] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5802] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] umount2("./69", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5804] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5803] <... openat resumed>) = 3 [pid 5802] <... futex resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5804] <... set_robust_list resumed>) = 0 [pid 5803] write(3, "1000", 4 [pid 5802] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5803] <... write resumed>) = 4 [pid 5804] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5803] close(3 [pid 5088] <... openat resumed>) = 3 [pid 5085] <... openat resumed>) = 3 [pid 5087] close(3 [pid 5804] memfd_create("syzkaller", 0 [pid 5803] <... close resumed>) = 0 [pid 5088] newfstatat(3, "", [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5803] symlink("/dev/binderfs", "./binderfs" [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5803] <... symlink resumed>) = 0 [pid 5088] getdents64(3, executing program [pid 5087] <... close resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5803] write(1, "executing program\n", 18 [pid 5088] umount2("./69/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5803] <... write resumed>) = 18 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5803] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] newfstatat(AT_FDCWD, "./69/binderfs", [pid 5804] <... memfd_create resumed>) = 3 [pid 5803] <... futex resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5804] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5803] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] unlink("./69/binderfs" [pid 5804] <... mmap resumed>) = 0x7f1df2200000 [pid 5803] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5803] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5805 attached [pid 5803] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5803] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5803] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5803] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5805] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5805 [pid 5088] <... umount2 resumed>) = 0 [pid 5805] chdir("./70" [pid 5803] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5805] <... chdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5806 attached [pid 5805] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5803] <... clone3 resumed> => {parent_tid=[5806]}, 88) = 5806 [pid 5803] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5803] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5806] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5803] <... futex resumed>) = 0 [pid 5805] <... prctl resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./69/file0", [pid 5806] <... rseq resumed>) = 0 [pid 5805] setpgid(0, 0 [pid 5803] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5806] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5805] <... setpgid resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5806] <... set_robust_list resumed>) = 0 [pid 5806] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] umount2("./69/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5806] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5805] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5806] memfd_create("syzkaller", 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5806] <... memfd_create resumed>) = 3 [pid 5805] <... openat resumed>) = 3 [pid 5088] <... openat resumed>) = 4 [pid 5805] write(3, "1000", 4 [pid 5088] newfstatat(4, "", [pid 5805] <... write resumed>) = 4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5805] close(3 [pid 5806] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5805] <... close resumed>) = 0 [pid 5806] <... mmap resumed>) = 0x7f1df2200000 [pid 5805] symlink("/dev/binderfs", "./binderfs" [pid 5804] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./69/file0" [pid 5805] <... symlink resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 executing program [pid 5805] write(1, "executing program\n", 18 [pid 5088] getdents64(3, [pid 5805] <... write resumed>) = 18 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3 [pid 5805] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... close resumed>) = 0 [pid 5805] <... futex resumed>) = 0 [pid 5805] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] rmdir("./69" [pid 5805] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5805] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5805] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5805] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5805] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5805] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5807]}, 88) = 5807 ./strace-static-x86_64: Process 5807 attached [pid 5805] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5807] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5805] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5807] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5805] <... futex resumed>) = 0 [pid 5807] <... set_robust_list resumed>) = 0 [pid 5805] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5807] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5807] memfd_create("syzkaller", 0 [pid 5085] close(3 [pid 5807] <... memfd_create resumed>) = 3 [pid 5085] <... close resumed>) = 0 [pid 5807] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5807] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5808 attached [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5808 [pid 5808] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5808] chdir("./70") = 0 [pid 5806] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5808] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] mkdir("./70", 0777 [pid 5808] <... prctl resumed>) = 0 [pid 5808] setpgid(0, 0 [pid 5804] <... write resumed>) = 2097152 [pid 5808] <... setpgid resumed>) = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 5808] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5804] munmap(0x7f1df2200000, 138412032 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5808] <... openat resumed>) = 3 [pid 5088] <... openat resumed>) = 3 [pid 5808] write(3, "1000", 4 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5808] <... write resumed>) = 4 [pid 5808] close(3) = 0 [pid 5808] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5804] <... munmap resumed>) = 0 [pid 5808] write(1, "executing program\n", 18executing program [pid 5804] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5808] <... write resumed>) = 18 [pid 5808] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5808] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5808] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5808] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5804] <... openat resumed>) = 4 [pid 5808] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5804] ioctl(4, LOOP_SET_FD, 3 [pid 5808] <... mprotect resumed>) = 0 [pid 5808] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5808] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5809]}, 88) = 5809 [pid 5808] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5808] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5808] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5809 attached [pid 5809] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5809] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5809] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5809] memfd_create("syzkaller", 0 [pid 5807] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5806] <... write resumed>) = 2097152 [pid 5804] <... ioctl resumed>) = 0 [pid 5804] close(3 [pid 5809] <... memfd_create resumed>) = 3 [pid 5088] <... ioctl resumed>) = 0 [pid 5809] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5804] <... close resumed>) = 0 [pid 5809] <... mmap resumed>) = 0x7f1df2200000 [pid 5806] munmap(0x7f1df2200000, 138412032 [pid 5804] close(4 [pid 5806] <... munmap resumed>) = 0 [pid 5804] <... close resumed>) = 0 [pid 5088] close(3 [pid 5806] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5804] mkdir("./file0", 0777) = 0 [pid 5806] <... openat resumed>) = 4 [pid 5088] <... close resumed>) = 0 [ 135.056079][ T5804] loop1: detected capacity change from 0 to 4096 [pid 5806] ioctl(4, LOOP_SET_FD, 3 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5804] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, ""./strace-static-x86_64: Process 5810 attached [pid 5807] <... write resumed>) = 2097152 [pid 5806] <... ioctl resumed>) = 0 [pid 5806] close(3) = 0 [pid 5807] munmap(0x7f1df2200000, 138412032 [pid 5806] close(4 [pid 5810] set_robust_list(0x555580b0d6a0, 24 [pid 5807] <... munmap resumed>) = 0 [pid 5806] <... close resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5810 [pid 5810] <... set_robust_list resumed>) = 0 [pid 5806] mkdir("./file0", 0777) = 0 [pid 5810] chdir("./70" [pid 5806] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5807] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5810] <... chdir resumed>) = 0 [pid 5810] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5809] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5810] setpgid(0, 0) = 0 [pid 5807] <... openat resumed>) = 4 [ 135.113922][ T5806] loop4: detected capacity change from 0 to 4096 [ 135.122489][ T5804] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 135.152208][ T5806] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5810] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5807] ioctl(4, LOOP_SET_FD, 3 [pid 5810] <... openat resumed>) = 3 [pid 5810] write(3, "1000", 4) = 4 [pid 5810] close(3) = 0 [pid 5807] <... ioctl resumed>) = 0 [pid 5810] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5807] close(3executing program [pid 5810] write(1, "executing program\n", 18 [pid 5807] <... close resumed>) = 0 [pid 5810] <... write resumed>) = 18 [pid 5807] close(4 [pid 5810] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5807] <... close resumed>) = 0 [pid 5810] <... futex resumed>) = 0 [pid 5807] mkdir("./file0", 0777 [pid 5810] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5807] <... mkdir resumed>) = 0 [pid 5810] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5807] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 135.166638][ T5807] loop2: detected capacity change from 0 to 4096 [pid 5810] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5810] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5810] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5810] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5810] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5811 attached [ 135.220806][ T5807] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 135.235056][ T5804] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5811] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5810] <... clone3 resumed> => {parent_tid=[5811]}, 88) = 5811 [pid 5809] <... write resumed>) = 2097152 [pid 5804] <... mount resumed>) = 0 [pid 5811] <... rseq resumed>) = 0 [pid 5810] rt_sigprocmask(SIG_SETMASK, [], [pid 5804] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5811] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5810] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5809] munmap(0x7f1df2200000, 138412032 [pid 5804] <... openat resumed>) = 3 [pid 5811] <... set_robust_list resumed>) = 0 [pid 5810] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5811] rt_sigprocmask(SIG_SETMASK, [], [pid 5810] <... futex resumed>) = 0 [pid 5804] chdir("./file0" [pid 5811] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5806] <... mount resumed>) = 0 [pid 5804] <... chdir resumed>) = 0 [pid 5806] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5806] chdir("./file0" [pid 5811] memfd_create("syzkaller", 0) = 3 [pid 5810] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5809] <... munmap resumed>) = 0 [pid 5806] <... chdir resumed>) = 0 [pid 5804] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5811] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5809] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5806] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5804] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5811] <... mmap resumed>) = 0x7f1df2200000 [pid 5809] <... openat resumed>) = 4 [pid 5806] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5804] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5809] ioctl(4, LOOP_SET_FD, 3 [pid 5806] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5804] <... futex resumed>) = 1 [pid 5802] <... futex resumed>) = 0 [pid 5802] exit_group(0 [pid 5806] <... futex resumed>) = 1 [pid 5803] <... futex resumed>) = 0 [pid 5803] exit_group(0) = ? [pid 5806] +++ exited with 0 +++ [pid 5803] +++ exited with 0 +++ [pid 5802] <... exit_group resumed>) = ? [pid 5804] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5803, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=11 /* 0.11 s */} --- [pid 5089] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5802] +++ exited with 0 +++ [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5802, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5809] <... ioctl resumed>) = 0 [pid 5089] getdents64(3, [pid 5809] close(3 [pid 5807] <... mount resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5809] <... close resumed>) = 0 [pid 5089] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5809] close(4 [pid 5807] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5809] <... close resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./70/binderfs", [pid 5086] <... openat resumed>) = 3 [pid 5809] mkdir("./file0", 0777 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] newfstatat(3, "", [pid 5809] <... mkdir resumed>) = 0 [pid 5807] <... openat resumed>) = 3 [pid 5089] unlink("./70/binderfs" [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5811] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5809] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5807] chdir("./file0" [pid 5089] <... unlink resumed>) = 0 [pid 5086] getdents64(3, [pid 5807] <... chdir resumed>) = 0 [pid 5089] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5807] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5807] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 135.264285][ T5806] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 135.295155][ T5807] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 135.305524][ T5809] loop0: detected capacity change from 0 to 4096 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5807] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] newfstatat(AT_FDCWD, "./70/binderfs", [pid 5807] <... futex resumed>) = 1 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./70/binderfs" [pid 5807] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] <... unlink resumed>) = 0 [pid 5086] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5805] <... futex resumed>) = 0 [pid 5805] exit_group(0 [pid 5089] <... umount2 resumed>) = 0 [pid 5807] <... futex resumed>) = ? [pid 5805] <... exit_group resumed>) = ? [pid 5807] +++ exited with 0 +++ [pid 5089] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5805] +++ exited with 0 +++ [pid 5089] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5805, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5086] newfstatat(AT_FDCWD, "./70/file0", [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] getdents64(4, [pid 5087] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] getdents64(4, [pid 5087] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] close(4 [pid 5086] <... openat resumed>) = 4 [pid 5089] <... close resumed>) = 0 [pid 5087] newfstatat(3, "", [pid 5089] rmdir("./70/file0" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] newfstatat(4, "", [pid 5089] <... rmdir resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] getdents64(3, [pid 5087] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(4, [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] close(3 [pid 5087] newfstatat(AT_FDCWD, "./70/binderfs", [pid 5086] getdents64(4, [pid 5089] <... close resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] rmdir("./70" [pid 5087] unlink("./70/binderfs" [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5086] close(4) = 0 [pid 5087] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] rmdir("./70/file0") = 0 [ 135.341514][ T5809] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5089] mkdir("./71", 0777) = 0 [pid 5811] <... write resumed>) = 2097152 [pid 5087] <... umount2 resumed>) = 0 [pid 5086] getdents64(3, [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5087] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(3) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5811] munmap(0x7f1df2200000, 138412032 [pid 5087] newfstatat(AT_FDCWD, "./70/file0", [pid 5086] rmdir("./70" [pid 5809] <... mount resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... rmdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5809] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] newfstatat(4, "", [pid 5086] mkdir("./71", 0777 [pid 5811] <... munmap resumed>) = 0 [pid 5809] <... openat resumed>) = 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5809] chdir("./file0" [pid 5087] getdents64(4, [pid 5086] <... mkdir resumed>) = 0 [pid 5809] <... chdir resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5809] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] getdents64(4, [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5811] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5809] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5811] <... openat resumed>) = 4 [pid 5809] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] close(4 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5811] ioctl(4, LOOP_SET_FD, 3 [pid 5809] <... futex resumed>) = 1 [pid 5808] <... futex resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5809] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5808] exit_group(0 [pid 5809] <... futex resumed>) = ? [pid 5808] <... exit_group resumed>) = ? [pid 5087] rmdir("./70/file0" [pid 5809] +++ exited with 0 +++ [pid 5808] +++ exited with 0 +++ [pid 5087] <... rmdir resumed>) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5808, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5085] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] getdents64(3, [pid 5085] <... openat resumed>) = 3 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3 [pid 5085] newfstatat(3, "", [pid 5087] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] rmdir("./70" [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] <... rmdir resumed>) = 0 [pid 5085] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5811] <... ioctl resumed>) = 0 [pid 5087] mkdir("./71", 0777) = 0 [pid 5085] unlink("./70/binderfs" [pid 5811] close(3 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] <... unlink resumed>) = 0 [pid 5811] <... close resumed>) = 0 [pid 5811] close(4 [pid 5087] <... openat resumed>) = 3 [pid 5085] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5811] <... close resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5811] mkdir("./file0", 0777) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5811] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... umount2 resumed>) = 0 [ 135.404953][ T5809] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 135.427060][ T5811] loop3: detected capacity change from 0 to 4096 [pid 5085] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] close(3 [pid 5085] newfstatat(AT_FDCWD, "./70/file0", [pid 5089] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", ./strace-static-x86_64: Process 5812 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5812] set_robust_list(0x555580b0d6a0, 24 [pid 5085] getdents64(4, [pid 5812] <... set_robust_list resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5812] chdir("./71" [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5812 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5812] <... chdir resumed>) = 0 [pid 5085] close(4 [pid 5812] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] <... close resumed>) = 0 [pid 5812] <... prctl resumed>) = 0 [pid 5085] rmdir("./70/file0" [pid 5086] <... ioctl resumed>) = 0 [pid 5812] setpgid(0, 0) = 0 [pid 5812] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5085] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, [pid 5812] write(3, "1000", 4 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5812] <... write resumed>) = 4 [pid 5085] close(3 [pid 5812] close(3 [pid 5085] <... close resumed>) = 0 [pid 5812] <... close resumed>) = 0 [pid 5085] rmdir("./70" [pid 5812] symlink("/dev/binderfs", "./binderfs" [pid 5085] <... rmdir resumed>) = 0 [pid 5812] <... symlink resumed>) = 0 executing program [pid 5812] write(1, "executing program\n", 18 [pid 5085] mkdir("./71", 0777) = 0 [pid 5812] <... write resumed>) = 18 [pid 5086] close(3 [pid 5812] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... close resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5812] <... futex resumed>) = 0 [pid 5812] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... openat resumed>) = 3 [pid 5812] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5812] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5812] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5813 [pid 5812] <... mmap resumed>) = 0x7f1dfa693000 ./strace-static-x86_64: Process 5813 attached [ 135.476201][ T5811] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5812] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5813] set_robust_list(0x555580b0d6a0, 24 [pid 5812] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... ioctl resumed>) = 0 [pid 5813] <... set_robust_list resumed>) = 0 [pid 5812] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5813] chdir("./71" [pid 5812] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5813] <... chdir resumed>) = 0 [pid 5813] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5812] <... clone3 resumed> => {parent_tid=[5814]}, 88) = 5814 [pid 5812] rt_sigprocmask(SIG_SETMASK, [], [pid 5813] <... prctl resumed>) = 0 [pid 5812] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5814 attached [pid 5813] setpgid(0, 0 [pid 5812] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5814] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5813] <... setpgid resumed>) = 0 [pid 5812] <... futex resumed>) = 0 [pid 5814] <... rseq resumed>) = 0 [pid 5813] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5812] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5814] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5813] <... openat resumed>) = 3 [pid 5814] <... set_robust_list resumed>) = 0 [pid 5813] write(3, "1000", 4 [pid 5814] rt_sigprocmask(SIG_SETMASK, [], [pid 5813] <... write resumed>) = 4 [pid 5813] close(3) = 0 [pid 5813] symlink("/dev/binderfs", "./binderfs"executing program [pid 5814] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5813] <... symlink resumed>) = 0 [pid 5087] close(3 [pid 5814] memfd_create("syzkaller", 0 [pid 5813] write(1, "executing program\n", 18 [pid 5087] <... close resumed>) = 0 [pid 5813] <... write resumed>) = 18 [pid 5813] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5813] <... futex resumed>) = 0 [pid 5813] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5813] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5815 ./strace-static-x86_64: Process 5815 attached [pid 5814] <... memfd_create resumed>) = 3 [pid 5813] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5813] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5815] set_robust_list(0x555580b0d6a0, 24 [pid 5814] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5815] <... set_robust_list resumed>) = 0 [pid 5814] <... mmap resumed>) = 0x7f1df2200000 [pid 5815] chdir("./71" [pid 5813] <... mmap resumed>) = 0x7f1dfa693000 [pid 5815] <... chdir resumed>) = 0 [pid 5815] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5815] setpgid(0, 0) = 0 [pid 5815] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5813] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5815] write(3, "1000", 4 [pid 5813] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5811] <... mount resumed>) = 0 [pid 5813] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5811] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5813] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5816 attached [pid 5811] <... openat resumed>) = 3 [pid 5816] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5813] <... clone3 resumed> => {parent_tid=[5816]}, 88) = 5816 [pid 5811] chdir("./file0" [pid 5816] <... rseq resumed>) = 0 [pid 5813] rt_sigprocmask(SIG_SETMASK, [], [pid 5816] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5813] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5816] <... set_robust_list resumed>) = 0 [pid 5813] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5816] rt_sigprocmask(SIG_SETMASK, [], [pid 5815] <... write resumed>) = 4 [pid 5813] <... futex resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5816] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5815] close(3 [pid 5813] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5815] <... close resumed>) = 0 [pid 5815] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5816] memfd_create("syzkaller", 0 [pid 5815] write(1, "executing program\n", 18 [pid 5811] <... chdir resumed>) = 0 [pid 5811] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5816] <... memfd_create resumed>) = 3 [pid 5815] <... write resumed>) = 18 [pid 5811] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5816] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5815] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5811] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5816] <... mmap resumed>) = 0x7f1df2200000 [pid 5815] <... futex resumed>) = 0 [pid 5811] <... futex resumed>) = 1 [pid 5810] <... futex resumed>) = 0 [pid 5815] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5810] exit_group(0 [pid 5815] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5811] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL) = ? [pid 5810] <... exit_group resumed>) = ? [pid 5815] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5815] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5815] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [ 135.574850][ T5811] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5815] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5811] +++ exited with 0 +++ [pid 5810] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5810, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5815] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] umount2("./70", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5815] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5817 attached [pid 5815] <... clone3 resumed> => {parent_tid=[5817]}, 88) = 5817 [pid 5814] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... openat resumed>) = 3 [pid 5817] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5815] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] newfstatat(3, "", [pid 5085] close(3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./70/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./70/binderfs", [pid 5815] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./70/binderfs" [pid 5817] <... rseq resumed>) = 0 [pid 5815] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5817] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5815] <... futex resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5815] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5816] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5817] <... set_robust_list resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5818 [pid 5817] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 5818 attached [pid 5817] memfd_create("syzkaller", 0 [pid 5088] <... unlink resumed>) = 0 [pid 5818] set_robust_list(0x555580b0d6a0, 24 [pid 5088] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5818] <... set_robust_list resumed>) = 0 [pid 5818] chdir("./71") = 0 [pid 5817] <... memfd_create resumed>) = 3 [pid 5818] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5817] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5818] setpgid(0, 0 [pid 5817] <... mmap resumed>) = 0x7f1df2200000 [pid 5818] <... setpgid resumed>) = 0 [pid 5818] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... umount2 resumed>) = 0 [pid 5818] <... openat resumed>) = 3 [pid 5818] write(3, "1000", 4) = 4 [pid 5088] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5818] close(3) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 5818] symlink("/dev/binderfs", "./binderfs" [pid 5088] newfstatat(AT_FDCWD, "./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5818] <... symlink resumed>) = 0 [pid 5818] write(1, "executing program\n", 18) = 18 [pid 5088] umount2("./70/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5818] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5816] <... write resumed>) = 2097152 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5818] <... futex resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5818] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5818] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5818] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5818] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5088] newfstatat(4, "", [pid 5818] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5816] munmap(0x7f1df2200000, 138412032 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./70/file0") = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5818] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./70") = 0 [pid 5088] mkdir("./71", 0777) = 0 [pid 5818] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5817] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5816] <... munmap resumed>) = 0 [pid 5814] <... write resumed>) = 2097152 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5819 attached [pid 5814] munmap(0x7f1df2200000, 138412032 [pid 5819] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5818] <... clone3 resumed> => {parent_tid=[5819]}, 88) = 5819 [pid 5088] <... openat resumed>) = 3 [pid 5816] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5819] <... rseq resumed>) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5816] <... openat resumed>) = 4 [pid 5819] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5818] rt_sigprocmask(SIG_SETMASK, [], [pid 5816] ioctl(4, LOOP_SET_FD, 3 [pid 5819] <... set_robust_list resumed>) = 0 [pid 5818] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5814] <... munmap resumed>) = 0 [pid 5819] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5818] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5814] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5818] <... futex resumed>) = 0 [pid 5818] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5816] <... ioctl resumed>) = 0 [pid 5819] memfd_create("syzkaller", 0 [pid 5814] <... openat resumed>) = 4 [pid 5814] ioctl(4, LOOP_SET_FD, 3 [pid 5819] <... memfd_create resumed>) = 3 [pid 5816] close(3 [pid 5819] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5816] <... close resumed>) = 0 [pid 5816] close(4) = 0 [pid 5814] <... ioctl resumed>) = 0 [pid 5816] mkdir("./file0", 0777 [pid 5814] close(3 [pid 5816] <... mkdir resumed>) = 0 [pid 5814] <... close resumed>) = 0 [pid 5814] close(4 [pid 5816] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5814] <... close resumed>) = 0 [pid 5814] mkdir("./file0", 0777) = 0 [pid 5817] <... write resumed>) = 2097152 [pid 5814] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 135.746805][ T5816] loop1: detected capacity change from 0 to 4096 [ 135.768087][ T5814] loop4: detected capacity change from 0 to 4096 [ 135.783102][ T5816] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5817] munmap(0x7f1df2200000, 138412032) = 0 [pid 5817] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... ioctl resumed>) = 0 [pid 5819] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5817] <... openat resumed>) = 4 [pid 5817] ioctl(4, LOOP_SET_FD, 3 [pid 5088] close(3) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5817] <... ioctl resumed>) = 0 [pid 5817] close(3) = 0 [pid 5817] close(4) = 0 [pid 5817] mkdir("./file0", 0777) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5820 [pid 5817] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, ""./strace-static-x86_64: Process 5820 attached [pid 5820] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5820] chdir("./71") = 0 [ 135.802079][ T5814] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 135.837454][ T5817] loop2: detected capacity change from 0 to 4096 [pid 5820] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5820] setpgid(0, 0) = 0 [pid 5820] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5820] write(3, "1000", 4) = 4 [pid 5820] close(3) = 0 [ 135.871280][ T5817] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 135.886750][ T5816] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5820] symlink("/dev/binderfs", "./binderfs" [pid 5819] <... write resumed>) = 2097152 [pid 5816] <... mount resumed>) = 0 [pid 5820] <... symlink resumed>) = 0 [pid 5819] munmap(0x7f1df2200000, 138412032 [pid 5816] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5816] chdir("./file0" [pid 5820] write(1, "executing program\n", 18 [pid 5816] <... chdir resumed>) = 0 executing program [pid 5820] <... write resumed>) = 18 [pid 5816] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5820] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5816] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5820] <... futex resumed>) = 0 [pid 5820] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5814] <... mount resumed>) = 0 [pid 5820] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5816] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5820] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5816] <... futex resumed>) = 1 [pid 5813] <... futex resumed>) = 0 [pid 5820] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5816] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5814] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 135.911570][ T5814] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5813] exit_group(0 [pid 5820] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5819] <... munmap resumed>) = 0 [pid 5816] <... futex resumed>) = ? [pid 5814] <... openat resumed>) = 3 [pid 5813] <... exit_group resumed>) = ? [pid 5820] <... mmap resumed>) = 0x7f1dfa693000 [pid 5814] chdir("./file0" [pid 5820] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5814] <... chdir resumed>) = 0 [pid 5820] <... mprotect resumed>) = 0 [pid 5819] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5817] <... mount resumed>) = 0 [pid 5816] +++ exited with 0 +++ [pid 5813] +++ exited with 0 +++ [pid 5820] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5819] <... openat resumed>) = 4 [pid 5814] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5813, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5814] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5820] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5819] ioctl(4, LOOP_SET_FD, 3 [pid 5820] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5814] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5814] <... futex resumed>) = 1 [pid 5086] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5814] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5812] <... futex resumed>) = 0 [pid 5086] getdents64(3, [pid 5820] <... clone3 resumed> => {parent_tid=[5821]}, 88) = 5821 [pid 5812] exit_group(0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5820] rt_sigprocmask(SIG_SETMASK, [], [pid 5814] <... futex resumed>) = ? [pid 5812] <... exit_group resumed>) = ? [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5814] +++ exited with 0 +++ [pid 5086] newfstatat(AT_FDCWD, "./71/binderfs", [pid 5820] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5820] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] unlink("./71/binderfs" [pid 5820] <... futex resumed>) = 0 [pid 5820] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5086] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5821 attached [pid 5812] +++ exited with 0 +++ [pid 5086] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5821] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5812, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5821] <... rseq resumed>) = 0 [pid 5821] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5089] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5821] <... set_robust_list resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5821] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5821] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5821] memfd_create("syzkaller", 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./71/binderfs" [pid 5819] <... ioctl resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5819] close(3 [pid 5817] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5819] <... close resumed>) = 0 [pid 5817] <... openat resumed>) = 3 [pid 5819] close(4) = 0 [pid 5817] chdir("./file0" [pid 5819] mkdir("./file0", 0777 [pid 5817] <... chdir resumed>) = 0 [pid 5817] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5819] <... mkdir resumed>) = 0 [pid 5817] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5817] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5815] <... futex resumed>) = 0 [pid 5815] exit_group(0) = ? [pid 5817] <... futex resumed>) = ? [pid 5821] <... memfd_create resumed>) = 3 [pid 5819] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... umount2 resumed>) = 0 [pid 5086] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5821] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 135.953393][ T5817] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 135.967683][ T5819] loop0: detected capacity change from 0 to 4096 [pid 5086] newfstatat(AT_FDCWD, "./71/file0", [pid 5821] <... mmap resumed>) = 0x7f1df2200000 [pid 5817] +++ exited with 0 +++ [pid 5815] +++ exited with 0 +++ [pid 5089] newfstatat(AT_FDCWD, "./71/file0", [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5815, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5087] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] <... openat resumed>) = 3 [pid 5086] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5089] <... openat resumed>) = 4 [pid 5087] getdents64(3, [pid 5089] newfstatat(4, "", [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] newfstatat(4, "", [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] getdents64(4, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] newfstatat(AT_FDCWD, "./71/binderfs", [pid 5086] getdents64(4, [pid 5089] getdents64(4, [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] unlink("./71/binderfs" [pid 5086] getdents64(4, [pid 5089] close(4 [pid 5087] <... unlink resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... close resumed>) = 0 [pid 5087] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(4 [pid 5089] rmdir("./71/file0" [pid 5086] <... close resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5086] rmdir("./71/file0") = 0 [pid 5086] getdents64(3, [pid 5089] getdents64(3, [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5086] <... close resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5086] rmdir("./71") = 0 [pid 5089] rmdir("./71" [pid 5086] mkdir("./72", 0777 [pid 5089] <... rmdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [ 136.015993][ T5819] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5087] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5821] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] mkdir("./72", 0777 [pid 5086] <... mkdir resumed>) = 0 [pid 5819] <... mount resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5819] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... mkdir resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./71/file0", [pid 5819] <... openat resumed>) = 3 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] <... openat resumed>) = 3 [pid 5819] chdir("./file0" [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5087] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5819] <... chdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... openat resumed>) = 3 [pid 5819] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5819] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... openat resumed>) = 4 [pid 5819] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5818] <... futex resumed>) = 0 [pid 5087] newfstatat(4, "", [pid 5819] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5818] exit_group(0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5821] <... write resumed>) = 2097152 [pid 5819] <... futex resumed>) = ? [pid 5818] <... exit_group resumed>) = ? [pid 5819] +++ exited with 0 +++ [pid 5087] getdents64(4, [pid 5821] munmap(0x7f1df2200000, 138412032 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5821] <... munmap resumed>) = 0 [pid 5818] +++ exited with 0 +++ [pid 5821] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] rmdir("./71/file0" [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5818, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5821] <... openat resumed>) = 4 [pid 5087] <... rmdir resumed>) = 0 [pid 5821] ioctl(4, LOOP_SET_FD, 3 [pid 5087] getdents64(3, [ 136.075057][ T5819] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5085] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] close(3 [pid 5085] <... openat resumed>) = 3 [pid 5087] <... close resumed>) = 0 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5821] <... ioctl resumed>) = 0 [pid 5085] getdents64(3, [pid 5821] close(3) = 0 [pid 5087] rmdir("./71" [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5821] close(4 [pid 5085] unlink("./71/binderfs" [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5085] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5821] <... close resumed>) = 0 [pid 5087] mkdir("./72", 0777 [pid 5821] mkdir("./file0", 0777 [pid 5087] <... mkdir resumed>) = 0 [pid 5821] <... mkdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5821] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] <... ioctl resumed>) = 0 [pid 5085] rmdir("./71/file0" [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5085] <... rmdir resumed>) = 0 [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./71"./strace-static-x86_64: Process 5822 attached [pid 5089] <... ioctl resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5822] set_robust_list(0x555580b0d6a0, 24 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5822 [pid 5822] <... set_robust_list resumed>) = 0 [pid 5822] chdir("./72") = 0 [pid 5085] mkdir("./72", 0777 [ 136.119010][ T5821] loop3: detected capacity change from 0 to 4096 [ 136.158561][ T5821] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5089] close(3 [pid 5822] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... close resumed>) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5822] <... prctl resumed>) = 0 [pid 5822] setpgid(0, 0) = 0 [pid 5822] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5822] write(3, "1000", 4 [pid 5085] <... openat resumed>) = 3 [pid 5822] <... write resumed>) = 4 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5822] close(3executing program ./strace-static-x86_64: Process 5823 attached ) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5823 [pid 5822] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5822] write(1, "executing program\n", 18) = 18 [pid 5823] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5822] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5823] chdir("./72" [pid 5822] <... futex resumed>) = 0 [pid 5822] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5822] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5822] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5822] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5822] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5823] <... chdir resumed>) = 0 [pid 5822] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5822] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5824 attached [pid 5824] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5822] <... clone3 resumed> => {parent_tid=[5824]}, 88) = 5824 [pid 5824] <... rseq resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5823] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5824] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5823] <... prctl resumed>) = 0 [pid 5824] <... set_robust_list resumed>) = 0 [pid 5822] rt_sigprocmask(SIG_SETMASK, [], [pid 5821] <... mount resumed>) = 0 [pid 5087] close(3 [pid 5824] rt_sigprocmask(SIG_SETMASK, [], [pid 5823] setpgid(0, 0 [pid 5087] <... close resumed>) = 0 [pid 5824] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5823] <... setpgid resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5822] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5822] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5822] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5825 attached [pid 5824] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5823] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5821] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... ioctl resumed>) = 0 [pid 5824] memfd_create("syzkaller", 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5825 [pid 5823] <... openat resumed>) = 3 [pid 5825] set_robust_list(0x555580b0d6a0, 24 [pid 5824] <... memfd_create resumed>) = 3 [pid 5823] write(3, "1000", 4 [pid 5821] <... openat resumed>) = 3 [pid 5085] close(3 [pid 5824] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5823] <... write resumed>) = 4 [pid 5085] <... close resumed>) = 0 [pid 5824] <... mmap resumed>) = 0x7f1df2200000 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5823] close(3) = 0 [pid 5823] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5821] chdir("./file0" [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5826 [pid 5825] <... set_robust_list resumed>) = 0 [pid 5823] write(1, "executing program\n", 18 [pid 5821] <... chdir resumed>) = 0 [pid 5821] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] chdir("./72"./strace-static-x86_64: Process 5826 attached ) = 0 [pid 5823] <... write resumed>) = 18 [pid 5821] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] set_robust_list(0x555580b0d6a0, 24 [pid 5825] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5823] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5821] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5826] <... set_robust_list resumed>) = 0 [pid 5825] <... prctl resumed>) = 0 [pid 5823] <... futex resumed>) = 0 [pid 5821] <... futex resumed>) = 1 [pid 5820] <... futex resumed>) = 0 [pid 5826] chdir("./72" [pid 5825] setpgid(0, 0 [pid 5823] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5821] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5820] exit_group(0 [pid 5826] <... chdir resumed>) = 0 [pid 5825] <... setpgid resumed>) = 0 [pid 5823] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5821] <... futex resumed>) = ? [pid 5820] <... exit_group resumed>) = ? [pid 5826] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5823] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5826] <... prctl resumed>) = 0 [pid 5823] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5826] setpgid(0, 0 [pid 5825] <... openat resumed>) = 3 [ 136.246852][ T5821] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5823] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5826] <... setpgid resumed>) = 0 [pid 5825] write(3, "1000", 4 [pid 5823] <... mmap resumed>) = 0x7f1dfa693000 [pid 5821] +++ exited with 0 +++ [pid 5820] +++ exited with 0 +++ [pid 5826] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] <... write resumed>) = 4 [pid 5823] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5820, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5826] <... openat resumed>) = 3 [pid 5823] <... mprotect resumed>) = 0 [pid 5825] close(3) = 0 [pid 5826] write(3, "1000", 4 [pid 5825] symlink("/dev/binderfs", "./binderfs" [pid 5823] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] umount2("./71", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... write resumed>) = 4 [pid 5825] <... symlink resumed>) = 0 [pid 5823] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program executing program [pid 5826] close(3 [pid 5825] write(1, "executing program\n", 18 [pid 5823] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... write resumed>) = 18 [pid 5826] <... close resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5825] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5826] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5825] <... futex resumed>) = 0 [pid 5824] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] newfstatat(3, "", ./strace-static-x86_64: Process 5827 attached [pid 5825] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5827] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5825] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5823] <... clone3 resumed> => {parent_tid=[5827]}, 88) = 5827 [pid 5088] getdents64(3, [pid 5827] <... rseq resumed>) = 0 [pid 5826] write(1, "executing program\n", 18 [pid 5825] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5823] rt_sigprocmask(SIG_SETMASK, [], [pid 5827] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5826] <... write resumed>) = 18 [pid 5825] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5826] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5827] <... set_robust_list resumed>) = 0 [pid 5826] <... futex resumed>) = 0 [pid 5825] <... mmap resumed>) = 0x7f1dfa693000 [pid 5823] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] umount2("./71/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] rt_sigprocmask(SIG_SETMASK, [], [pid 5826] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5825] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5823] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5826] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5823] <... futex resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./71/binderfs", [pid 5826] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5825] <... mprotect resumed>) = 0 [pid 5826] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5827] memfd_create("syzkaller", 0 [pid 5826] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5825] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5823] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./71/binderfs" [pid 5826] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... unlink resumed>) = 0 [pid 5826] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5825] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... memfd_create resumed>) = 3 [pid 5826] <... mprotect resumed>) = 0 [pid 5825] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5827] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] <... write resumed>) = 2097152 [pid 5827] <... mmap resumed>) = 0x7f1df2200000 [pid 5826] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5828 attached [pid 5826] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5824] munmap(0x7f1df2200000, 138412032 [pid 5088] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5826] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5825] <... clone3 resumed> => {parent_tid=[5828]}, 88) = 5828 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... rseq resumed>) = 0 [pid 5824] <... munmap resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./71/file0", [pid 5828] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5826] <... clone3 resumed> => {parent_tid=[5829]}, 88) = 5829 [pid 5828] <... set_robust_list resumed>) = 0 [pid 5826] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5829 attached [pid 5828] rt_sigprocmask(SIG_SETMASK, [], [pid 5826] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5825] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5829] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5826] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5825] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] umount2("./71/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... rseq resumed>) = 0 [pid 5825] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5829] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5828] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5826] <... futex resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5829] <... set_robust_list resumed>) = 0 [pid 5828] memfd_create("syzkaller", 0 [pid 5826] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5825] <... futex resumed>) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5829] rt_sigprocmask(SIG_SETMASK, [], [pid 5828] <... memfd_create resumed>) = 3 [pid 5825] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5824] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] newfstatat(4, "", [pid 5829] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5828] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] <... openat resumed>) = 4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, [pid 5828] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5824] ioctl(4, LOOP_SET_FD, 3 [pid 5088] getdents64(4, [pid 5829] memfd_create("syzkaller", 0 [pid 5827] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5829] <... memfd_create resumed>) = 3 [pid 5829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./71/file0") = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./71") = 0 [pid 5824] <... ioctl resumed>) = 0 [pid 5824] close(3) = 0 [pid 5824] close(4) = 0 [pid 5088] mkdir("./72", 0777) = 0 [pid 5824] mkdir("./file0", 0777 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5824] <... mkdir resumed>) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [ 136.389883][ T5824] loop1: detected capacity change from 0 to 4096 [pid 5824] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5828] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] <... write resumed>) = 2097152 [pid 5827] munmap(0x7f1df2200000, 138412032 [pid 5829] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] <... munmap resumed>) = 0 [ 136.436710][ T5824] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5827] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5827] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... ioctl resumed>) = 0 [pid 5088] close(3) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 5830 ./strace-static-x86_64: Process 5830 attached [pid 5830] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5829] <... write resumed>) = 2097152 [pid 5828] <... write resumed>) = 2097152 [pid 5827] <... ioctl resumed>) = 0 [pid 5830] chdir("./72" [pid 5829] munmap(0x7f1df2200000, 138412032 [pid 5830] <... chdir resumed>) = 0 [pid 5828] munmap(0x7f1df2200000, 138412032 [pid 5827] close(3) = 0 [pid 5830] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] close(4 [pid 5830] <... prctl resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5830] setpgid(0, 0 [pid 5827] mkdir("./file0", 0777 [pid 5830] <... setpgid resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5830] <... openat resumed>) = 3 [pid 5830] write(3, "1000", 4) = 4 [ 136.506294][ T5827] loop4: detected capacity change from 0 to 4096 [pid 5830] close(3) = 0 [pid 5830] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... munmap resumed>) = 0 [pid 5829] <... munmap resumed>) = 0 [pid 5830] <... symlink resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5829] ioctl(4, LOOP_SET_FD, 3 [pid 5828] openat(AT_FDCWD, "/dev/loop2", O_RDWRexecuting program [pid 5830] write(1, "executing program\n", 18 [pid 5828] <... openat resumed>) = 4 [pid 5828] ioctl(4, LOOP_SET_FD, 3 [pid 5830] <... write resumed>) = 18 [pid 5830] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5830] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5830] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5830] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5830] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5830] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5830] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5829] <... ioctl resumed>) = 0 [pid 5830] <... clone3 resumed> => {parent_tid=[5831]}, 88) = 5831 [pid 5830] rt_sigprocmask(SIG_SETMASK, [], [pid 5829] close(3 [pid 5830] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5829] <... close resumed>) = 0 ./strace-static-x86_64: Process 5831 attached [pid 5830] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] close(4 [pid 5831] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5830] <... futex resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5831] <... rseq resumed>) = 0 [pid 5830] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5829] mkdir("./file0", 0777 [pid 5824] <... mount resumed>) = 0 [pid 5831] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5829] <... mkdir resumed>) = 0 [pid 5831] <... set_robust_list resumed>) = 0 [pid 5824] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5831] rt_sigprocmask(SIG_SETMASK, [], [pid 5824] <... openat resumed>) = 3 [pid 5831] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5829] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 136.562692][ T5827] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 136.580291][ T5829] loop0: detected capacity change from 0 to 4096 [ 136.587381][ T5824] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 136.597820][ T5828] loop2: detected capacity change from 0 to 4096 [pid 5824] chdir("./file0" [pid 5828] <... ioctl resumed>) = 0 [pid 5824] <... chdir resumed>) = 0 [pid 5828] close(3) = 0 [pid 5831] memfd_create("syzkaller", 0) = 3 [pid 5824] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] close(4) = 0 [pid 5828] mkdir("./file0", 0777 [pid 5831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5831] <... mmap resumed>) = 0x7f1df2200000 [pid 5828] <... mkdir resumed>) = 0 [pid 5824] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5822] <... futex resumed>) = 0 [pid 5828] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5824] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5822] exit_group(0 [pid 5824] <... futex resumed>) = ? [pid 5822] <... exit_group resumed>) = ? [pid 5824] +++ exited with 0 +++ [pid 5822] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5822, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5086] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 136.623838][ T5829] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 136.654919][ T5828] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5086] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5829] <... mount resumed>) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5827] <... mount resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5086] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] chdir("./file0" [pid 5086] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5827] <... chdir resumed>) = 0 [pid 5831] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./72/binderfs" [pid 5827] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5823] <... futex resumed>) = 0 [pid 5827] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] <... unlink resumed>) = 0 [pid 5823] exit_group(0 [pid 5827] <... futex resumed>) = ? [pid 5823] <... exit_group resumed>) = ? [pid 5827] +++ exited with 0 +++ [pid 5829] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5829] chdir("./file0") = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5829] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5826] <... futex resumed>) = 0 [pid 5826] exit_group(0 [pid 5086] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... exit_group resumed>) = ? [pid 5829] +++ exited with 0 +++ [pid 5826] +++ exited with 0 +++ [ 136.694693][ T5827] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 136.712591][ T5829] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5823] +++ exited with 0 +++ [pid 5086] <... umount2 resumed>) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5826, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5823, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5085] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... openat resumed>) = 3 [pid 5089] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] newfstatat(3, "", [pid 5089] <... openat resumed>) = 3 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] newfstatat(3, "", [pid 5085] getdents64(3, [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] getdents64(3, [pid 5085] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5086] newfstatat(AT_FDCWD, "./72/file0", [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./72/binderfs" [pid 5089] unlink("./72/binderfs" [pid 5086] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] <... unlink resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... openat resumed>) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./72/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5828] <... mount resumed>) = 0 [pid 5086] close(3) = 0 [pid 5831] <... write resumed>) = 2097152 [pid 5828] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... umount2 resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5831] munmap(0x7f1df2200000, 138412032 [pid 5828] <... openat resumed>) = 3 [pid 5089] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] rmdir("./72" [pid 5085] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] chdir("./file0" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] getdents64(4, [pid 5089] newfstatat(AT_FDCWD, "./72/file0", [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5828] <... chdir resumed>) = 0 [pid 5085] getdents64(4, [pid 5828] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 5089] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] mkdir("./73", 0777 [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./72/file0" [pid 5828] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... rmdir resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./72") = 0 [pid 5085] mkdir("./73", 0777 [pid 5831] <... munmap resumed>) = 0 [pid 5828] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5831] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5828] <... futex resumed>) = 1 [pid 5825] <... futex resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [pid 5085] <... mkdir resumed>) = 0 [ 136.781161][ T5828] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5825] exit_group(0 [pid 5089] newfstatat(4, "", [pid 5828] ???( [pid 5831] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... openat resumed>) = 3 [pid 5825] <... exit_group resumed>) = ? [pid 5828] <... ??? resumed>) = ? [pid 5828] +++ exited with 0 +++ [pid 5825] +++ exited with 0 +++ [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] getdents64(4, [pid 5085] <... openat resumed>) = 3 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./72/file0") = 0 [pid 5089] getdents64(3, [pid 5831] <... ioctl resumed>) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5825, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5831] close(3 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5831] <... close resumed>) = 0 [pid 5089] close(3 [pid 5831] close(4 [pid 5089] <... close resumed>) = 0 [pid 5087] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5831] <... close resumed>) = 0 [pid 5089] rmdir("./72" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5831] mkdir("./file0", 0777 [pid 5089] <... rmdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5831] <... mkdir resumed>) = 0 [pid 5089] mkdir("./73", 0777 [pid 5087] <... openat resumed>) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5831] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5089] <... openat resumed>) = 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5087] unlink("./72/binderfs") = 0 [pid 5087] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5087] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5087] rmdir("./72/file0") = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./72") = 0 [pid 5087] mkdir("./73", 0777) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 136.822944][ T5831] loop3: detected capacity change from 0 to 4096 [ 136.855734][ T5831] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] <... ioctl resumed>) = 0 [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... ioctl resumed>) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5832 ./strace-static-x86_64: Process 5832 attached [pid 5832] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5832] chdir("./73") = 0 [pid 5085] close(3 [pid 5832] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] <... prctl resumed>) = 0 [pid 5832] setpgid(0, 0) = 0 [pid 5832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5831] <... mount resumed>) = 0 [pid 5831] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 5833 attached [pid 5832] <... openat resumed>) = 3 [pid 5831] <... openat resumed>) = 3 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5833 [pid 5833] set_robust_list(0x555580b0d6a0, 24 [pid 5832] write(3, "1000", 4 [pid 5831] chdir("./file0" [pid 5089] <... ioctl resumed>) = 0 [pid 5833] <... set_robust_list resumed>) = 0 [pid 5832] <... write resumed>) = 4 [pid 5833] chdir("./73" [pid 5832] close(3 [pid 5831] <... chdir resumed>) = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5832] <... close resumed>) = 0 [pid 5831] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5833] <... chdir resumed>) = 0 [pid 5832] symlink("/dev/binderfs", "./binderfs" [ 136.916291][ T5831] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5831] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000executing program executing program [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5832] <... symlink resumed>) = 0 [pid 5831] <... futex resumed>) = 1 [pid 5830] <... futex resumed>) = 0 [pid 5833] <... prctl resumed>) = 0 [pid 5832] write(1, "executing program\n", 18 [pid 5833] setpgid(0, 0 [pid 5832] <... write resumed>) = 18 [pid 5833] <... setpgid resumed>) = 0 [pid 5832] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5832] <... futex resumed>) = 0 [pid 5831] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5830] exit_group(0 [pid 5832] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5831] <... futex resumed>) = ? [pid 5830] <... exit_group resumed>) = ? [pid 5833] <... openat resumed>) = 3 [pid 5832] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5831] +++ exited with 0 +++ [pid 5833] write(3, "1000", 4 [pid 5832] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5833] <... write resumed>) = 4 [pid 5832] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] close(3 [pid 5833] close(3 [pid 5832] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5833] <... close resumed>) = 0 [pid 5832] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] <... close resumed>) = 0 [pid 5833] symlink("/dev/binderfs", "./binderfs" [pid 5832] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5833] <... symlink resumed>) = 0 [pid 5832] <... mprotect resumed>) = 0 [pid 5830] +++ exited with 0 +++ [pid 5832] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5830, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=11 /* 0.11 s */} --- [pid 5832] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] umount2("./72", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5832] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5833] write(1, "executing program\n", 18 [pid 5088] openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5835 attached [pid 5833] <... write resumed>) = 18 [pid 5832] <... clone3 resumed> => {parent_tid=[5835]}, 88) = 5835 [pid 5088] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5834 attached [pid 5835] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5833] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5832] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] newfstatat(3, "", [pid 5834] set_robust_list(0x555580b0d6a0, 24 [pid 5835] <... rseq resumed>) = 0 [pid 5833] <... futex resumed>) = 0 [pid 5832] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5834 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5834] <... set_robust_list resumed>) = 0 [pid 5835] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5833] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5832] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] getdents64(3, [pid 5834] chdir("./73" [pid 5835] <... set_robust_list resumed>) = 0 [pid 5833] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5832] <... futex resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5834] <... chdir resumed>) = 0 [pid 5835] rt_sigprocmask(SIG_SETMASK, [], [pid 5833] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5832] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] umount2("./72/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5834] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5835] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5833] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5834] <... prctl resumed>) = 0 [pid 5835] memfd_create("syzkaller", 0 [pid 5833] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] newfstatat(AT_FDCWD, "./72/binderfs", [pid 5834] setpgid(0, 0 [pid 5833] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5833] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5834] <... setpgid resumed>) = 0 [pid 5833] <... mprotect resumed>) = 0 [pid 5088] unlink("./72/binderfs" [pid 5834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... unlink resumed>) = 0 [pid 5833] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5834] <... openat resumed>) = 3 [pid 5835] <... memfd_create resumed>) = 3 [pid 5833] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5834] write(3, "1000", 4 [pid 5833] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5836 attached [pid 5834] <... write resumed>) = 4 [pid 5835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5833] <... clone3 resumed> => {parent_tid=[5836]}, 88) = 5836 [pid 5087] <... ioctl resumed>) = 0 [pid 5836] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5834] close(3 [pid 5835] <... mmap resumed>) = 0x7f1df2200000 [pid 5833] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] close(3 [pid 5836] <... rseq resumed>) = 0 [pid 5834] <... close resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5833] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5836] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5834] symlink("/dev/binderfs", "./binderfs" [pid 5833] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] <... set_robust_list resumed>) = 0 [pid 5834] <... symlink resumed>) = 0 [pid 5833] <... futex resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5836] rt_sigprocmask(SIG_SETMASK, [], [pid 5833] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5836] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5837 attached [pid 5834] write(1, "executing program\n", 18 executing program [pid 5088] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5837] set_robust_list(0x555580b0d6a0, 24 [pid 5834] <... write resumed>) = 18 [pid 5837] <... set_robust_list resumed>) = 0 [pid 5834] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5837 [pid 5837] chdir("./73" [pid 5836] <... memfd_create resumed>) = 3 [pid 5834] <... futex resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./72/file0", [pid 5837] <... chdir resumed>) = 0 [pid 5836] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5834] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5836] <... mmap resumed>) = 0x7f1df2200000 [pid 5834] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] umount2("./72/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5837] <... prctl resumed>) = 0 [pid 5834] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5837] setpgid(0, 0 [pid 5088] openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5837] <... setpgid resumed>) = 0 [pid 5834] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5834] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] newfstatat(4, "", [pid 5837] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, [pid 5837] write(3, "1000", 4 [pid 5834] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5837] <... write resumed>) = 4 [pid 5088] getdents64(4, [pid 5837] close(3 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5837] <... close resumed>) = 0 [pid 5834] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] close(4 [pid 5837] symlink("/dev/binderfs", "./binderfs" [pid 5088] <... close resumed>) = 0 [pid 5834] <... mprotect resumed>) = 0 executing program [pid 5837] <... symlink resumed>) = 0 [pid 5834] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] rmdir("./72/file0" [pid 5837] write(1, "executing program\n", 18 [pid 5088] <... rmdir resumed>) = 0 [pid 5837] <... write resumed>) = 18 [pid 5837] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5834] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5837] <... futex resumed>) = 0 [pid 5834] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5837] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] getdents64(3, ./strace-static-x86_64: Process 5838 attached [pid 5837] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5834] <... clone3 resumed> => {parent_tid=[5838]}, 88) = 5838 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5838] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5837] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5838] <... rseq resumed>) = 0 [pid 5837] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] close(3 [pid 5838] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5838] <... set_robust_list resumed>) = 0 [pid 5837] <... mmap resumed>) = 0x7f1dfa693000 [pid 5834] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... close resumed>) = 0 [pid 5838] rt_sigprocmask(SIG_SETMASK, [], [pid 5834] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5838] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5837] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5834] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] rmdir("./72" [pid 5838] memfd_create("syzkaller", 0 [pid 5837] <... mprotect resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5834] <... futex resumed>) = 0 [pid 5837] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5834] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] mkdir("./73", 0777 [pid 5837] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5838] <... memfd_create resumed>) = 3 [pid 5837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... mkdir resumed>) = 0 [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 5839 attached [pid 5839] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5839] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5838] <... mmap resumed>) = 0x7f1df2200000 [pid 5837] <... clone3 resumed> => {parent_tid=[5839]}, 88) = 5839 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5839] <... set_robust_list resumed>) = 0 [pid 5837] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... openat resumed>) = 3 [pid 5837] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5837] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5837] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5835] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5839] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5839] memfd_create("syzkaller", 0) = 3 [pid 5839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5836] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5839] <... mmap resumed>) = 0x7f1df2200000 [pid 5838] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5835] <... write resumed>) = 2097152 [pid 5838] munmap(0x7f1df2200000, 138412032) = 0 [pid 5835] munmap(0x7f1df2200000, 138412032 [pid 5839] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5836] <... write resumed>) = 2097152 [pid 5836] munmap(0x7f1df2200000, 138412032) = 0 [pid 5835] <... munmap resumed>) = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5838] ioctl(4, LOOP_SET_FD, 3 [pid 5835] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5836] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5835] ioctl(4, LOOP_SET_FD, 3 [pid 5836] <... openat resumed>) = 4 [pid 5836] ioctl(4, LOOP_SET_FD, 3 [pid 5838] <... ioctl resumed>) = 0 [pid 5838] close(3) = 0 [pid 5838] close(4) = 0 [pid 5838] mkdir("./file0", 0777) = 0 [pid 5839] <... write resumed>) = 2097152 [pid 5838] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5836] <... ioctl resumed>) = 0 [pid 5835] <... ioctl resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5839] munmap(0x7f1df2200000, 138412032 [pid 5835] close(3 [pid 5836] close(3) = 0 [ 137.167027][ T5838] loop4: detected capacity change from 0 to 4096 [ 137.176878][ T5835] loop1: detected capacity change from 0 to 4096 [ 137.177547][ T5836] loop0: detected capacity change from 0 to 4096 [ 137.204999][ T5838] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5088] close(3 [pid 5836] close(4) = 0 [pid 5836] mkdir("./file0", 0777) = 0 [pid 5835] <... close resumed>) = 0 [pid 5836] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5835] close(4) = 0 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5835] mkdir("./file0", 0777) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5840 [pid 5835] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, ""./strace-static-x86_64: Process 5840 attached [pid 5840] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5840] chdir("./73" [pid 5839] <... munmap resumed>) = 0 [pid 5839] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5839] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5840] <... chdir resumed>) = 0 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5839] close(3) = 0 [pid 5840] setpgid(0, 0 [pid 5839] close(4 [pid 5840] <... setpgid resumed>) = 0 [pid 5839] <... close resumed>) = 0 [ 137.218681][ T5836] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 137.238441][ T5835] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 137.252950][ T5839] loop2: detected capacity change from 0 to 4096 [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5839] mkdir("./file0", 0777 [pid 5840] <... openat resumed>) = 3 [pid 5839] <... mkdir resumed>) = 0 [pid 5840] write(3, "1000", 4) = 4 [pid 5839] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5840] close(3) = 0 [pid 5840] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5840] write(1, "executing program\n", 18executing program ) = 18 [pid 5840] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5840] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5840] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5840] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5835] <... mount resumed>) = 0 [pid 5840] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5835] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5840] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5835] <... openat resumed>) = 3 [pid 5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5835] chdir("./file0" [pid 5838] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5841 attached [pid 5838] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5835] <... chdir resumed>) = 0 [pid 5841] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5840] <... clone3 resumed> => {parent_tid=[5841]}, 88) = 5841 [pid 5838] <... openat resumed>) = 3 [pid 5835] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5841] <... rseq resumed>) = 0 [ 137.324696][ T5839] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 137.347203][ T5838] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 137.347819][ T5835] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5840] rt_sigprocmask(SIG_SETMASK, [], [pid 5838] chdir("./file0" [pid 5835] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5841] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5838] <... chdir resumed>) = 0 [pid 5841] <... set_robust_list resumed>) = 0 [pid 5840] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5838] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5835] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] <... futex resumed>) = 0 [pid 5838] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5835] <... futex resumed>) = 1 [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5838] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5832] <... futex resumed>) = 0 [pid 5841] memfd_create("syzkaller", 0 [pid 5838] <... futex resumed>) = 1 [pid 5834] <... futex resumed>) = 0 [pid 5832] exit_group(0 [pid 5838] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5834] exit_group(0 [pid 5835] <... futex resumed>) = ? [pid 5832] <... exit_group resumed>) = ? [pid 5841] <... memfd_create resumed>) = 3 [pid 5838] <... futex resumed>) = ? [pid 5836] <... mount resumed>) = 0 [pid 5834] <... exit_group resumed>) = ? [pid 5835] +++ exited with 0 +++ [pid 5832] +++ exited with 0 +++ [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5839] <... mount resumed>) = 0 [pid 5838] +++ exited with 0 +++ [pid 5836] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5834] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5832, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5841] <... mmap resumed>) = 0x7f1df2200000 [pid 5839] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5836] <... openat resumed>) = 3 [pid 5839] <... openat resumed>) = 3 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5834, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5086] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5839] chdir("./file0" [pid 5836] chdir("./file0" [pid 5089] <... restart_syscall resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5839] <... chdir resumed>) = 0 [pid 5836] <... chdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5839] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... openat resumed>) = 3 [pid 5839] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(3, "", [pid 5839] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] getdents64(3, [pid 5839] <... futex resumed>) = 1 [pid 5837] <... futex resumed>) = 0 [pid 5836] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... openat resumed>) = 3 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5839] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] exit_group(0 [pid 5836] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] newfstatat(3, "", [pid 5086] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5839] <... futex resumed>) = ? [pid 5837] <... exit_group resumed>) = ? [pid 5836] <... futex resumed>) = 1 [pid 5833] <... futex resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5836] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5833] exit_group(0 [pid 5089] getdents64(3, [pid 5086] newfstatat(AT_FDCWD, "./73/binderfs", [pid 5839] +++ exited with 0 +++ [pid 5836] <... futex resumed>) = ? [pid 5833] <... exit_group resumed>) = ? [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5837] +++ exited with 0 +++ [pid 5836] +++ exited with 0 +++ [pid 5833] +++ exited with 0 +++ [pid 5089] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] unlink("./73/binderfs" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... unlink resumed>) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5833, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5089] newfstatat(AT_FDCWD, "./73/binderfs", [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5837, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5086] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] unlink("./73/binderfs" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... unlink resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5089] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = 0 [pid 5085] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 137.388470][ T5836] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 137.398432][ T5839] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5087] newfstatat(AT_FDCWD, "./73/binderfs", [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./73/binderfs") = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... openat resumed>) = 3 [pid 5089] newfstatat(AT_FDCWD, "./73/file0", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(3, "", [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] newfstatat(AT_FDCWD, "./73/file0", [pid 5089] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] getdents64(3, [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... openat resumed>) = 4 [pid 5086] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5085] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] getdents64(4, [pid 5086] newfstatat(4, "", [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] newfstatat(AT_FDCWD, "./73/binderfs", [pid 5089] getdents64(4, [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] getdents64(4, [pid 5089] close(4 [pid 5085] unlink("./73/binderfs" [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... close resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5086] getdents64(4, [pid 5089] rmdir("./73/file0" [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... rmdir resumed>) = 0 [pid 5087] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(4 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5089] close(3 [pid 5087] newfstatat(AT_FDCWD, "./73/file0", [pid 5086] rmdir("./73/file0" [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./73" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, [pid 5089] mkdir("./74", 0777 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... mkdir resumed>) = 0 [pid 5086] close(3 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... openat resumed>) = 3 [pid 5087] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... close resumed>) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5086] rmdir("./73" [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, [pid 5086] <... rmdir resumed>) = 0 [pid 5086] mkdir("./74", 0777 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... umount2 resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5085] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... openat resumed>) = 3 [pid 5085] newfstatat(AT_FDCWD, "./73/file0", [pid 5087] getdents64(4, [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5841] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] close(4) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] rmdir("./73/file0" [pid 5085] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5087] getdents64(3, [pid 5085] newfstatat(4, "", [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./73" [pid 5841] <... write resumed>) = 2097152 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5841] munmap(0x7f1df2200000, 138412032 [pid 5087] <... rmdir resumed>) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5841] <... munmap resumed>) = 0 [pid 5085] getdents64(4, [pid 5841] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5841] ioctl(4, LOOP_SET_FD, 3 [pid 5087] mkdir("./74", 0777 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5085] close(4) = 0 [pid 5841] <... ioctl resumed>) = 0 [pid 5085] rmdir("./73/file0" [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] <... rmdir resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./73") = 0 [pid 5085] mkdir("./74", 0777 [pid 5841] close(3 [pid 5085] <... mkdir resumed>) = 0 [pid 5841] <... close resumed>) = 0 [pid 5841] close(4) = 0 [pid 5841] mkdir("./file0", 0777 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5841] <... mkdir resumed>) = 0 [pid 5841] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] <... ioctl resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5089] close(3 [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5842 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5843 ./strace-static-x86_64: Process 5842 attached [pid 5842] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5842] chdir("./74") = 0 [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5842] setpgid(0, 0) = 0 [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5843 attached [ 137.533112][ T5841] loop3: detected capacity change from 0 to 4096 [ 137.560219][ T5841] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5843] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5842] <... openat resumed>) = 3 [pid 5087] <... ioctl resumed>) = 0 [pid 5843] chdir("./74") = 0 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5842] write(3, "1000", 4 [pid 5843] setpgid(0, 0 [pid 5842] <... write resumed>) = 4 [pid 5843] <... setpgid resumed>) = 0 [pid 5842] close(3 [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5842] <... close resumed>) = 0 [pid 5842] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5842] write(1, "executing program\n", 18) = 18 [pid 5087] close(3 [pid 5842] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... close resumed>) = 0 [pid 5842] <... futex resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5842] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5842] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5843] <... openat resumed>) = 3 [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5844 attached [pid 5843] write(3, "1000", 4 [pid 5842] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5844] set_robust_list(0x555580b0d6a0, 24 [pid 5843] <... write resumed>) = 4 [pid 5842] <... mmap resumed>) = 0x7f1dfa693000 [pid 5844] <... set_robust_list resumed>) = 0 [pid 5843] close(3 [pid 5842] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5844 [pid 5844] chdir("./74" [pid 5843] <... close resumed>) = 0 [pid 5842] <... mprotect resumed>) = 0 [pid 5843] symlink("/dev/binderfs", "./binderfs" [pid 5842] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5844] <... chdir resumed>) = 0 [pid 5843] <... symlink resumed>) = 0 [pid 5842] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5842] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5844] setpgid(0, 0executing program [pid 5843] write(1, "executing program\n", 18./strace-static-x86_64: Process 5845 attached [pid 5844] <... setpgid resumed>) = 0 [pid 5845] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5843] <... write resumed>) = 18 [pid 5845] <... rseq resumed>) = 0 [pid 5842] <... clone3 resumed> => {parent_tid=[5845]}, 88) = 5845 [pid 5845] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5844] <... openat resumed>) = 3 [pid 5843] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] <... set_robust_list resumed>) = 0 [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] write(3, "1000", 4 [pid 5843] <... futex resumed>) = 0 [pid 5842] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5844] <... write resumed>) = 4 [pid 5843] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5842] <... futex resumed>) = 0 [pid 5845] memfd_create("syzkaller", 0 [pid 5844] close(3 [pid 5843] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5842] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5844] <... close resumed>) = 0 [pid 5843] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5844] symlink("/dev/binderfs", "./binderfs" [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5844] <... symlink resumed>) = 0 [pid 5843] <... mmap resumed>) = 0x7f1dfa693000 [pid 5845] <... memfd_create resumed>) = 3 [pid 5843] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITEexecuting program [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5844] write(1, "executing program\n", 18 [pid 5843] <... mprotect resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5845] <... mmap resumed>) = 0x7f1df2200000 [pid 5844] <... write resumed>) = 18 [pid 5844] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5843] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5841] <... mount resumed>) = 0 [pid 5085] close(3 [pid 5841] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5844] <... futex resumed>) = 0 [pid 5843] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5841] <... openat resumed>) = 3 [pid 5085] <... close resumed>) = 0 [pid 5844] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5843] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5844] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5843] <... clone3 resumed> => {parent_tid=[5846]}, 88) = 5846 [pid 5841] chdir("./file0" [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5846 attached [pid 5843] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5847 attached [pid 5846] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5844] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5846] <... rseq resumed>) = 0 [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5844] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5843] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] <... mmap resumed>) = 0x7f1dfa693000 [pid 5843] <... futex resumed>) = 0 [pid 5844] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5843] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5844] <... mprotect resumed>) = 0 [pid 5844] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5844] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5846] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5847 [pid 5846] rt_sigprocmask(SIG_SETMASK, [], [pid 5844] <... clone3 resumed> => {parent_tid=[5848]}, 88) = 5848 [pid 5841] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5846] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5844] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 137.630258][ T5841] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5847] set_robust_list(0x555580b0d6a0, 24 [pid 5846] memfd_create("syzkaller", 0 [pid 5844] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5841] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5848 attached [pid 5844] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5848] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5844] <... futex resumed>) = 0 [pid 5848] <... rseq resumed>) = 0 [pid 5844] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5848] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5847] <... set_robust_list resumed>) = 0 [pid 5841] <... futex resumed>) = 1 [pid 5840] <... futex resumed>) = 0 [pid 5848] <... set_robust_list resumed>) = 0 [pid 5847] chdir("./74" [pid 5841] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5840] exit_group(0 [pid 5848] rt_sigprocmask(SIG_SETMASK, [], [pid 5847] <... chdir resumed>) = 0 [pid 5846] <... memfd_create resumed>) = 3 [pid 5841] <... futex resumed>) = ? [pid 5840] <... exit_group resumed>) = ? [pid 5848] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5847] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5846] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5841] +++ exited with 0 +++ [pid 5848] memfd_create("syzkaller", 0 [pid 5840] +++ exited with 0 +++ [pid 5848] <... memfd_create resumed>) = 3 [pid 5847] <... prctl resumed>) = 0 [pid 5846] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5840, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5847] setpgid(0, 0 [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5848] <... mmap resumed>) = 0x7f1df2200000 [pid 5847] <... setpgid resumed>) = 0 [pid 5088] <... restart_syscall resumed>) = 0 [pid 5847] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5845] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5847] <... openat resumed>) = 3 [pid 5847] write(3, "1000", 4 [pid 5088] umount2("./73", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5847] <... write resumed>) = 4 [pid 5847] close(3 [pid 5088] openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5847] <... close resumed>) = 0 [pid 5847] symlink("/dev/binderfs", "./binderfs" [pid 5088] <... openat resumed>) = 3 [pid 5088] newfstatat(3, "", [pid 5847] <... symlink resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5847] write(1, "executing program\n", 18executing program [pid 5088] umount2("./73/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5847] <... write resumed>) = 18 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5847] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] unlink("./73/binderfs" [pid 5847] <... futex resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5847] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5847] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5847] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5847] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5847] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5847] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5847] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5847] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5847] <... clone3 resumed> => {parent_tid=[5849]}, 88) = 5849 [pid 5088] newfstatat(AT_FDCWD, "./73/file0", [pid 5847] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5849 attached [pid 5847] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] umount2("./73/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./73/file0") = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5849] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5847] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] <... rseq resumed>) = 0 [pid 5847] <... futex resumed>) = 0 [pid 5849] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5847] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5849] <... set_robust_list resumed>) = 0 [pid 5849] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./73" [pid 5849] memfd_create("syzkaller", 0) = 3 [pid 5846] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... rmdir resumed>) = 0 [pid 5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5848] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5849] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] mkdir("./74", 0777 [pid 5845] <... write resumed>) = 2097152 [pid 5088] <... mkdir resumed>) = 0 [pid 5845] munmap(0x7f1df2200000, 138412032) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5845] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5845] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5848] <... write resumed>) = 2097152 [pid 5849] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5846] <... write resumed>) = 2097152 [pid 5845] close(3 [pid 5846] munmap(0x7f1df2200000, 138412032 [pid 5848] munmap(0x7f1df2200000, 138412032 [pid 5846] <... munmap resumed>) = 0 [pid 5845] <... close resumed>) = 0 [pid 5845] close(4) = 0 [ 137.802770][ T5845] loop1: detected capacity change from 0 to 4096 [pid 5845] mkdir("./file0", 0777 [pid 5846] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5845] <... mkdir resumed>) = 0 [pid 5846] <... openat resumed>) = 4 [pid 5846] ioctl(4, LOOP_SET_FD, 3 [pid 5845] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5846] <... ioctl resumed>) = 0 [pid 5846] close(3) = 0 [pid 5846] close(4) = 0 [pid 5848] <... munmap resumed>) = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5848] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5848] close(3) = 0 [pid 5848] close(4) = 0 [pid 5848] mkdir("./file0", 0777 [pid 5846] mkdir("./file0", 0777 [pid 5848] <... mkdir resumed>) = 0 [pid 5848] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5846] <... mkdir resumed>) = 0 [ 137.852303][ T5846] loop4: detected capacity change from 0 to 4096 [ 137.854285][ T5845] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 137.872894][ T5848] loop2: detected capacity change from 0 to 4096 [ 137.891953][ T5848] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5846] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... ioctl resumed>) = 0 [pid 5088] close(3) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5849] <... write resumed>) = 2097152 [pid 5849] munmap(0x7f1df2200000, 138412032 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5850 [pid 5849] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5850 attached [ 137.892927][ T5846] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5850] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5849] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5850] chdir("./74" [pid 5849] <... openat resumed>) = 4 [pid 5850] <... chdir resumed>) = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5849] ioctl(4, LOOP_SET_FD, 3 [pid 5850] <... prctl resumed>) = 0 [pid 5850] setpgid(0, 0) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5848] <... mount resumed>) = 0 [pid 5848] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5845] <... mount resumed>) = 0 [pid 5850] write(3, "1000", 4 [pid 5848] chdir("./file0" [pid 5845] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5850] <... write resumed>) = 4 [pid 5845] <... openat resumed>) = 3 [pid 5850] close(3 [pid 5848] <... chdir resumed>) = 0 [pid 5845] chdir("./file0" [pid 5850] <... close resumed>) = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5845] <... chdir resumed>) = 0 [pid 5850] symlink("/dev/binderfs", "./binderfs" [pid 5848] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5845] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5850] <... symlink resumed>) = 0 [pid 5848] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... openat resumed>) = -1 EBUSY (Device or resource busy) executing program [pid 5850] write(1, "executing program\n", 18 [pid 5848] <... futex resumed>) = 1 [pid 5845] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] <... futex resumed>) = 0 [pid 5850] <... write resumed>) = 18 [pid 5848] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5845] <... futex resumed>) = 1 [pid 5844] exit_group(0 [pid 5842] <... futex resumed>) = 0 [pid 5848] <... futex resumed>) = ? [pid 5845] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5844] <... exit_group resumed>) = ? [pid 5842] exit_group(0 [pid 5850] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5848] +++ exited with 0 +++ [pid 5845] <... futex resumed>) = ? [pid 5844] +++ exited with 0 +++ [pid 5842] <... exit_group resumed>) = ? [pid 5850] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5845] +++ exited with 0 +++ [pid 5842] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5844, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5850] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5849] <... ioctl resumed>) = 0 [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5842, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5850] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5849] close(3 [pid 5087] <... restart_syscall resumed>) = 0 [ 137.957393][ T5845] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 137.957875][ T5849] loop0: detected capacity change from 0 to 4096 [ 137.966452][ T5848] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5849] <... close resumed>) = 0 [pid 5850] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5849] close(4 [pid 5850] <... mmap resumed>) = 0x7f1dfa693000 [pid 5849] <... close resumed>) = 0 [pid 5086] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5850] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5849] mkdir("./file0", 0777 [pid 5087] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... openat resumed>) = 3 [pid 5849] <... mkdir resumed>) = 0 [pid 5850] <... mprotect resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", [pid 5087] newfstatat(3, "", [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5850] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5850] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5849] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] getdents64(3, [pid 5086] getdents64(3, [pid 5850] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5087] unlink("./74/binderfs" [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5086] unlink("./74/binderfs"./strace-static-x86_64: Process 5851 attached ) = 0 [pid 5851] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5087] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5851] <... rseq resumed>) = 0 [pid 5851] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5851] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5851] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5850] <... clone3 resumed> => {parent_tid=[5851]}, 88) = 5851 [pid 5850] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5850] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] <... futex resumed>) = 0 [pid 5850] <... futex resumed>) = 1 [pid 5087] <... umount2 resumed>) = 0 [pid 5851] memfd_create("syzkaller", 0 [pid 5850] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./74/file0", [pid 5851] <... memfd_create resumed>) = 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5851] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./74/file0", [pid 5087] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5086] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(4, "", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] getdents64(4, [pid 5086] <... openat resumed>) = 4 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, [pid 5086] newfstatat(4, "", [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] close(4 [pid 5086] getdents64(4, [pid 5087] <... close resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] rmdir("./74/file0") = 0 [pid 5086] getdents64(4, [pid 5846] <... mount resumed>) = 0 [pid 5846] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5846] <... openat resumed>) = 3 [pid 5846] chdir("./file0") = 0 [pid 5086] close(4) = 0 [pid 5087] getdents64(3, [pid 5086] rmdir("./74/file0" [pid 5846] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5846] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] close(3 [pid 5846] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5843] <... futex resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5846] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5843] exit_group(0 [pid 5087] rmdir("./74" [pid 5846] <... futex resumed>) = ? [pid 5843] <... exit_group resumed>) = ? [pid 5086] getdents64(3, [pid 5846] +++ exited with 0 +++ [pid 5843] +++ exited with 0 +++ [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [ 138.027961][ T5849] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 138.064110][ T5846] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5851] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] close(3 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5843, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5087] mkdir("./75", 0777 [pid 5089] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5089] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] rmdir("./74" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... rmdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... openat resumed>) = 3 [pid 5089] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] mkdir("./75", 0777 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5089] unlink("./74/binderfs") = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5089] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5089] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5851] <... write resumed>) = 2097152 [pid 5849] <... mount resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5849] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5849] <... openat resumed>) = 3 [pid 5851] munmap(0x7f1df2200000, 138412032) = 0 [pid 5849] chdir("./file0" [pid 5089] <... openat resumed>) = 4 [pid 5849] <... chdir resumed>) = 0 [pid 5849] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5851] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5849] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5851] <... openat resumed>) = 4 [pid 5849] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] ioctl(4, LOOP_SET_FD, 3 [pid 5849] <... futex resumed>) = 1 [pid 5847] <... futex resumed>) = 0 [pid 5849] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5847] exit_group(0 [pid 5089] newfstatat(4, "", [pid 5849] <... futex resumed>) = ? [pid 5847] <... exit_group resumed>) = ? [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5849] +++ exited with 0 +++ [pid 5847] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5847, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 5085] restart_syscall(<... resuming interrupted clone ...> [pid 5089] getdents64(4, [pid 5085] <... restart_syscall resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] close(4 [pid 5085] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./74/binderfs", [pid 5851] <... ioctl resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./74/binderfs") = 0 [pid 5085] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... ioctl resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5851] close(3) = 0 [pid 5851] close(4) = 0 [pid 5851] mkdir("./file0", 0777 [pid 5089] rmdir("./74/file0" [pid 5851] <... mkdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5087] close(3 [pid 5086] <... ioctl resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5086] close(3 [pid 5089] rmdir("./74" [pid 5087] <... close resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5851] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... rmdir resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... umount2 resumed>) = 0 [pid 5085] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] mkdir("./75", 0777 [pid 5085] newfstatat(4, "", ./strace-static-x86_64: Process 5852 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 5852] set_robust_list(0x555580b0d6a0, 24 [pid 5085] <... close resumed>) = 0 [pid 5852] <... set_robust_list resumed>) = 0 [pid 5085] rmdir("./74/file0" [pid 5852] chdir("./75" [pid 5085] <... rmdir resumed>) = 0 [ 138.145239][ T5849] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 138.166098][ T5851] loop3: detected capacity change from 0 to 4096 [pid 5852] <... chdir resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5852] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] close(3 [pid 5852] <... prctl resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5852] setpgid(0, 0 [pid 5085] rmdir("./74" [pid 5852] <... setpgid resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] mkdir("./75", 0777executing program executing program [pid 5852] <... openat resumed>) = 3 [pid 5089] <... mkdir resumed>) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5852 [pid 5085] <... mkdir resumed>) = 0 [pid 5852] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 5853 attached [pid 5852] close(3 [pid 5853] set_robust_list(0x555580b0d6a0, 24 [pid 5852] <... close resumed>) = 0 [pid 5853] <... set_robust_list resumed>) = 0 [pid 5852] symlink("/dev/binderfs", "./binderfs" [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5853] chdir("./75" [pid 5852] <... symlink resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5853] <... chdir resumed>) = 0 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5853] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5852] write(1, "executing program\n", 18 [pid 5853] setpgid(0, 0 [pid 5852] <... write resumed>) = 18 [pid 5853] <... setpgid resumed>) = 0 [pid 5852] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5852] <... futex resumed>) = 0 [pid 5852] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5852] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5852] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5853] <... openat resumed>) = 3 [pid 5852] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5852] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5853] write(3, "1000", 4) = 4 [pid 5853] close(3) = 0 [pid 5853] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5852] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5852] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5854]}, 88) = 5854 [pid 5853] write(1, "executing program\n", 18 [pid 5852] rt_sigprocmask(SIG_SETMASK, [], [pid 5853] <... write resumed>) = 18 [pid 5852] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5852] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] <... futex resumed>) = 0 [pid 5852] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5853] <... futex resumed>) = 0 [pid 5853] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5853] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5853] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5853] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5853] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5853 ./strace-static-x86_64: Process 5854 attached [pid 5854] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5853] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5854] <... rseq resumed>) = 0 [pid 5854] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5853] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5854] <... set_robust_list resumed>) = 0 [pid 5854] rt_sigprocmask(SIG_SETMASK, [], [pid 5853] <... clone3 resumed> => {parent_tid=[5855]}, 88) = 5855 ./strace-static-x86_64: Process 5855 attached [pid 5854] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5853] rt_sigprocmask(SIG_SETMASK, [], [pid 5854] memfd_create("syzkaller", 0 [pid 5853] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5855] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5853] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5855] <... rseq resumed>) = 0 [pid 5853] <... futex resumed>) = 0 [pid 5855] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5853] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5855] <... set_robust_list resumed>) = 0 [pid 5855] rt_sigprocmask(SIG_SETMASK, [], [pid 5854] <... memfd_create resumed>) = 3 [pid 5855] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5855] memfd_create("syzkaller", 0 [pid 5854] <... mmap resumed>) = 0x7f1df2200000 [pid 5855] <... memfd_create resumed>) = 3 [pid 5855] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [ 138.221148][ T5851] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5085] <... ioctl resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5085] close(3 [pid 5089] close(3 [pid 5085] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5857 attached ./strace-static-x86_64: Process 5856 attached [pid 5855] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5857] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5857 [pid 5856] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5857] <... set_robust_list resumed>) = 0 [pid 5856] chdir("./75" [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5856 [pid 5857] chdir("./75" [pid 5856] <... chdir resumed>) = 0 [pid 5856] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5856] setpgid(0, 0) = 0 [pid 5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5857] <... chdir resumed>) = 0 [pid 5857] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5856] <... openat resumed>) = 3 [pid 5857] <... prctl resumed>) = 0 [pid 5856] write(3, "1000", 4 [pid 5857] setpgid(0, 0 [pid 5856] <... write resumed>) = 4 [pid 5854] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152executing program [pid 5857] <... setpgid resumed>) = 0 [pid 5856] close(3) = 0 [pid 5856] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5856] write(1, "executing program\n", 18) = 18 [pid 5856] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5857] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5856] <... futex resumed>) = 0 [pid 5856] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5857] <... openat resumed>) = 3 [pid 5856] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5856] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5856] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5856] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5857] write(3, "1000", 4) = 4 [pid 5856] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5857] close(3 [pid 5856] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5857] <... close resumed>) = 0 ./strace-static-x86_64: Process 5858 attached [pid 5857] symlink("/dev/binderfs", "./binderfs" [pid 5856] <... clone3 resumed> => {parent_tid=[5858]}, 88) = 5858 [pid 5858] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5856] rt_sigprocmask(SIG_SETMASK, [], [pid 5858] <... rseq resumed>) = 0 [pid 5857] <... symlink resumed>) = 0 [pid 5856] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5858] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5856] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5858] <... set_robust_list resumed>) = 0 [pid 5856] <... futex resumed>) = 0 [pid 5858] rt_sigprocmask(SIG_SETMASK, [], [pid 5857] write(1, "executing program\n", 18 [pid 5856] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5858] <... rt_sigprocmask resumed>NULL, 8) = 0 executing program [pid 5858] memfd_create("syzkaller", 0 [pid 5857] <... write resumed>) = 18 [pid 5857] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5855] <... write resumed>) = 2097152 [pid 5857] <... futex resumed>) = 0 [pid 5857] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5858] <... memfd_create resumed>) = 3 [pid 5857] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5857] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5855] munmap(0x7f1df2200000, 138412032 [pid 5854] <... write resumed>) = 2097152 [pid 5851] <... mount resumed>) = 0 [pid 5858] <... mmap resumed>) = 0x7f1df2200000 [pid 5857] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5854] munmap(0x7f1df2200000, 138412032 [pid 5851] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5857] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5851] <... openat resumed>) = 3 [pid 5857] <... mmap resumed>) = 0x7f1dfa693000 [pid 5857] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5851] chdir("./file0" [pid 5857] <... mprotect resumed>) = 0 [pid 5851] <... chdir resumed>) = 0 [pid 5857] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5855] <... munmap resumed>) = 0 [pid 5851] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5857] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5851] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5857] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5855] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5851] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5855] <... openat resumed>) = 4 [pid 5851] <... futex resumed>) = 1 [pid 5850] <... futex resumed>) = 0 [pid 5857] <... clone3 resumed> => {parent_tid=[5859]}, 88) = 5859 [pid 5855] ioctl(4, LOOP_SET_FD, 3 [pid 5851] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5850] exit_group(0./strace-static-x86_64: Process 5859 attached ) = ? [pid 5859] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5857] rt_sigprocmask(SIG_SETMASK, [], [pid 5854] <... munmap resumed>) = 0 [pid 5859] <... rseq resumed>) = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5859] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5857] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5854] <... openat resumed>) = 4 [pid 5851] <... futex resumed>) = ? [pid 5859] rt_sigprocmask(SIG_SETMASK, [], [pid 5854] ioctl(4, LOOP_SET_FD, 3 [pid 5859] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5859] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5857] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] +++ exited with 0 +++ [pid 5850] +++ exited with 0 +++ [pid 5857] <... futex resumed>) = 1 [pid 5857] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5088] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5859] <... futex resumed>) = 0 [pid 5088] umount2("./74", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5859] memfd_create("syzkaller", 0 [pid 5088] openat(AT_FDCWD, "./74", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, [pid 5859] <... memfd_create resumed>) = 3 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5854] <... ioctl resumed>) = 0 [pid 5088] umount2("./74/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5859] <... mmap resumed>) = 0x7f1df2200000 [pid 5855] <... ioctl resumed>) = 0 [pid 5854] close(3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5855] close(3 [pid 5088] newfstatat(AT_FDCWD, "./74/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5855] <... close resumed>) = 0 [pid 5854] <... close resumed>) = 0 [pid 5088] unlink("./74/binderfs" [pid 5855] close(4 [pid 5854] close(4 [pid 5088] <... unlink resumed>) = 0 [pid 5854] <... close resumed>) = 0 [pid 5858] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5855] <... close resumed>) = 0 [pid 5854] mkdir("./file0", 0777 [pid 5088] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5854] <... mkdir resumed>) = 0 [pid 5854] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... umount2 resumed>) = 0 [ 138.418845][ T5851] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 138.450324][ T5855] loop2: detected capacity change from 0 to 4096 [ 138.460803][ T5854] loop1: detected capacity change from 0 to 4096 [pid 5855] mkdir("./file0", 0777) = 0 [pid 5855] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./74/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./74/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./74/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./74/file0") = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./74") = 0 [pid 5088] mkdir("./75", 0777) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5859] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... openat resumed>) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5858] <... write resumed>) = 2097152 [pid 5858] munmap(0x7f1df2200000, 138412032) = 0 [ 138.499035][ T5854] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 138.517565][ T5855] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5858] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5859] <... write resumed>) = 2097152 [pid 5858] <... openat resumed>) = 4 [pid 5859] munmap(0x7f1df2200000, 138412032 [pid 5858] ioctl(4, LOOP_SET_FD, 3 [pid 5854] <... mount resumed>) = 0 [pid 5859] <... munmap resumed>) = 0 [pid 5854] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5859] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5854] <... openat resumed>) = 3 [pid 5859] <... openat resumed>) = 4 [pid 5854] chdir("./file0") = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5859] ioctl(4, LOOP_SET_FD, 3 [pid 5854] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5854] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5855] <... mount resumed>) = 0 [pid 5854] <... futex resumed>) = 1 [pid 5852] <... futex resumed>) = 0 [pid 5854] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5852] exit_group(0 [pid 5858] <... ioctl resumed>) = 0 [pid 5855] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5854] <... futex resumed>) = ? [pid 5852] <... exit_group resumed>) = ? [pid 5854] +++ exited with 0 +++ [pid 5855] <... openat resumed>) = 3 [pid 5858] close(3) = 0 [pid 5855] chdir("./file0" [pid 5858] close(4 [pid 5855] <... chdir resumed>) = 0 [pid 5855] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5858] <... close resumed>) = 0 [pid 5859] <... ioctl resumed>) = 0 [pid 5855] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5852] +++ exited with 0 +++ [pid 5855] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5859] close(3 [pid 5855] <... futex resumed>) = 1 [pid 5853] <... futex resumed>) = 0 [pid 5859] <... close resumed>) = 0 [pid 5858] mkdir("./file0", 0777 [pid 5855] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5853] exit_group(0 [pid 5859] close(4 [pid 5858] <... mkdir resumed>) = 0 [pid 5855] <... futex resumed>) = ? [pid 5853] <... exit_group resumed>) = ? [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5852, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5859] <... close resumed>) = 0 [pid 5858] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 138.588760][ T5854] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 138.600149][ T5858] loop0: detected capacity change from 0 to 4096 [ 138.610484][ T5855] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 138.624621][ T5859] loop4: detected capacity change from 0 to 4096 [pid 5859] mkdir("./file0", 0777 [pid 5855] +++ exited with 0 +++ [pid 5853] +++ exited with 0 +++ [pid 5088] <... ioctl resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5853, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5087] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(3, "", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] close(3) = 0 [pid 5087] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] getdents64(3, [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] newfstatat(3, "", [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./75/binderfs", [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5859] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5860 attached [pid 5087] getdents64(3, [pid 5086] unlink("./75/binderfs") = 0 [pid 5860] set_robust_list(0x555580b0d6a0, 24 [pid 5859] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5860 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5860] <... set_robust_list resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 138.665551][ T5858] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5860] chdir("./75" [pid 5087] newfstatat(AT_FDCWD, "./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5860] <... chdir resumed>) = 0 [pid 5087] unlink("./75/binderfs" [pid 5086] <... umount2 resumed>) = 0 [pid 5860] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5087] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5860] setpgid(0, 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5860] <... setpgid resumed>) = 0 [pid 5086] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5860] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] newfstatat(AT_FDCWD, "./75/file0", [pid 5860] <... openat resumed>) = 3 [pid 5087] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5860] write(3, "1000", 4 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(AT_FDCWD, "./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5860] <... write resumed>) = 4 [pid 5087] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] getdents64(4, [pid 5860] close(3 [pid 5087] <... openat resumed>) = 4 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [ 138.707792][ T5859] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). executing program [pid 5860] <... close resumed>) = 0 [pid 5087] newfstatat(4, "", [pid 5086] getdents64(4, [pid 5860] symlink("/dev/binderfs", "./binderfs" [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./75/file0" [pid 5860] <... symlink resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5860] write(1, "executing program\n", 18 [pid 5087] getdents64(4, [pid 5860] <... write resumed>) = 18 [pid 5086] getdents64(3, [pid 5860] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5860] <... futex resumed>) = 0 [pid 5087] getdents64(4, [pid 5860] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5860] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] close(4 [pid 5860] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5858] <... mount resumed>) = 0 [pid 5860] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] <... close resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5860] <... mmap resumed>) = 0x7f1dfa693000 [pid 5858] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] rmdir("./75/file0" [pid 5086] close(3 [pid 5860] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./75" [pid 5860] <... mprotect resumed>) = 0 [pid 5858] <... openat resumed>) = 3 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5860] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5858] chdir("./file0") = 0 [pid 5087] getdents64(3, [pid 5860] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5858] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5860] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5859] <... mount resumed>) = 0 [pid 5858] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] close(3 [pid 5086] mkdir("./76", 0777./strace-static-x86_64: Process 5861 attached [pid 5859] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5861] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5087] <... close resumed>) = 0 [pid 5861] <... rseq resumed>) = 0 [pid 5087] rmdir("./75" [pid 5861] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5860] <... clone3 resumed> => {parent_tid=[5861]}, 88) = 5861 [pid 5858] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5861] <... set_robust_list resumed>) = 0 [pid 5860] rt_sigprocmask(SIG_SETMASK, [], [pid 5858] <... futex resumed>) = 1 [pid 5856] <... futex resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5861] rt_sigprocmask(SIG_SETMASK, [], [pid 5860] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5859] <... openat resumed>) = 3 [pid 5858] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5856] exit_group(0 [pid 5086] <... mkdir resumed>) = 0 [pid 5861] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5860] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5859] chdir("./file0" [pid 5858] <... futex resumed>) = ? [pid 5856] <... exit_group resumed>) = ? [pid 5087] mkdir("./76", 0777 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5860] <... futex resumed>) = 0 [pid 5860] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5858] +++ exited with 0 +++ [pid 5861] memfd_create("syzkaller", 0 [pid 5856] +++ exited with 0 +++ [pid 5859] <... chdir resumed>) = 0 [pid 5861] <... memfd_create resumed>) = 3 [pid 5859] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... mkdir resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5856, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5861] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5859] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... openat resumed>) = 3 [pid 5085] restart_syscall(<... resuming interrupted clone ...> [pid 5861] <... mmap resumed>) = 0x7f1df2200000 [pid 5859] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... restart_syscall resumed>) = 0 [pid 5859] <... futex resumed>) = 1 [pid 5857] <... futex resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5857] exit_group(0) = ? [pid 5859] +++ exited with 0 +++ [pid 5857] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5857, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5085] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(3, "", [pid 5089] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [ 138.754098][ T5858] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 138.782333][ T5859] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 5085] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(AT_FDCWD, "./75/binderfs", [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] newfstatat(AT_FDCWD, "./75/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5861] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] unlink("./75/binderfs" [pid 5089] unlink("./75/binderfs" [pid 5085] <... unlink resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5085] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = 0 [pid 5085] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = 0 [pid 5089] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./75/file0", [pid 5089] newfstatat(AT_FDCWD, "./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... openat resumed>) = 4 [pid 5085] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", [pid 5085] newfstatat(4, "", [pid 5861] <... write resumed>) = 2097152 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5861] munmap(0x7f1df2200000, 138412032 [pid 5085] getdents64(4, [pid 5089] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, [pid 5089] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 5089] close(4 [pid 5085] <... close resumed>) = 0 [pid 5861] <... munmap resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5085] rmdir("./75/file0" [pid 5089] rmdir("./75/file0" [pid 5086] <... ioctl resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, [pid 5086] close(3 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] <... close resumed>) = 0 [pid 5085] close(3 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./75") = 0 [pid 5089] getdents64(3, [pid 5085] mkdir("./76", 0777 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5085] <... mkdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./75" [pid 5861] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5862 attached [pid 5861] <... openat resumed>) = 4 [pid 5087] <... ioctl resumed>) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5862 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5861] ioctl(4, LOOP_SET_FD, 3 [pid 5089] mkdir("./76", 0777 [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5861] <... ioctl resumed>) = 0 [pid 5862] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5087] close(3 [pid 5862] chdir("./76" [pid 5861] close(3 [pid 5862] <... chdir resumed>) = 0 [pid 5862] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5862] setpgid(0, 0) = 0 [pid 5861] <... close resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5861] close(4) = 0 [pid 5861] mkdir("./file0", 0777 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5861] <... mkdir resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5863 ./strace-static-x86_64: Process 5863 attached [pid 5863] set_robust_list(0x555580b0d6a0, 24 [pid 5862] <... openat resumed>) = 3 [pid 5861] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5863] <... set_robust_list resumed>) = 0 [ 138.923570][ T5861] loop3: detected capacity change from 0 to 4096 [pid 5862] write(3, "1000", 4 [pid 5863] chdir("./76") = 0 [pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5862] <... write resumed>) = 4 [pid 5863] setpgid(0, 0) = 0 [pid 5863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5863] write(3, "1000", 4) = 4 executing program [pid 5863] close(3) = 0 [pid 5863] symlink("/dev/binderfs", "./binderfs" [pid 5862] close(3 [pid 5863] <... symlink resumed>) = 0 [pid 5863] write(1, "executing program\n", 18 [pid 5862] <... close resumed>) = 0 [pid 5863] <... write resumed>) = 18 [pid 5863] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5862] symlink("/dev/binderfs", "./binderfs" [pid 5863] <... futex resumed>) = 0 executing program [pid 5863] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5862] <... symlink resumed>) = 0 [pid 5863] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5862] write(1, "executing program\n", 18 [pid 5863] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5862] <... write resumed>) = 18 [pid 5863] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5863] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5862] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5863] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5862] <... futex resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5863] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5863] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5862] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, ./strace-static-x86_64: Process 5864 attached [pid 5863] <... clone3 resumed> => {parent_tid=[5864]}, 88) = 5864 [pid 5864] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5863] rt_sigprocmask(SIG_SETMASK, [], [pid 5864] <... rseq resumed>) = 0 [pid 5864] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5863] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5864] <... set_robust_list resumed>) = 0 [pid 5863] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5864] rt_sigprocmask(SIG_SETMASK, [], [pid 5863] <... futex resumed>) = 0 [pid 5864] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5863] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5862] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5085] close(3 [pid 5862] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5864] memfd_create("syzkaller", 0 [pid 5085] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5864] <... memfd_create resumed>) = 3 [pid 5862] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... ioctl resumed>) = 0 [ 138.968649][ T5861] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5864] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5862] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5865 [pid 5862] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 5865 attached ) = 0 [pid 5089] close(3 [pid 5865] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5865] chdir("./76" [pid 5862] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... close resumed>) = 0 [pid 5865] <... chdir resumed>) = 0 [pid 5865] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] setpgid(0, 0) = 0 [pid 5865] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5862] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5862] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5867]}, 88) = 5867 [pid 5862] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5866 [pid 5862] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5862] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5866 attached [pid 5866] set_robust_list(0x555580b0d6a0, 24 [pid 5865] <... openat resumed>) = 3 [pid 5865] write(3, "1000", 4./strace-static-x86_64: Process 5867 attached ) = 4 [pid 5867] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5865] close(3 [pid 5867] <... rseq resumed>) = 0 [pid 5865] <... close resumed>) = 0 executing program [pid 5867] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5866] <... set_robust_list resumed>) = 0 [pid 5865] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... set_robust_list resumed>) = 0 [pid 5866] chdir("./76" [pid 5865] <... symlink resumed>) = 0 [pid 5867] rt_sigprocmask(SIG_SETMASK, [], [pid 5866] <... chdir resumed>) = 0 [pid 5865] write(1, "executing program\n", 18 [pid 5867] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5866] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5865] <... write resumed>) = 18 [pid 5867] memfd_create("syzkaller", 0 [pid 5866] <... prctl resumed>) = 0 [pid 5865] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5866] setpgid(0, 0 [pid 5865] <... futex resumed>) = 0 [pid 5866] <... setpgid resumed>) = 0 [pid 5865] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5865] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5866] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5865] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5866] <... openat resumed>) = 3 [pid 5865] <... mprotect resumed>) = 0 [pid 5867] <... memfd_create resumed>) = 3 [pid 5865] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5867] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5865] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5867] <... mmap resumed>) = 0x7f1df2200000 [pid 5865] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5866] write(3, "1000", 4./strace-static-x86_64: Process 5868 attached [pid 5865] <... clone3 resumed> => {parent_tid=[5868]}, 88) = 5868 [pid 5868] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5868] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5868] rt_sigprocmask(SIG_SETMASK, [], [pid 5866] <... write resumed>) = 4 [pid 5868] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5866] close(3 [pid 5868] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5866] <... close resumed>) = 0 [pid 5865] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5865] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5868] <... futex resumed>) = 0 [pid 5865] <... futex resumed>) = 1 [pid 5868] memfd_create("syzkaller", 0 [pid 5866] symlink("/dev/binderfs", "./binderfs" [pid 5865] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5868] <... memfd_create resumed>) = 3 [pid 5866] <... symlink resumed>) = 0 [pid 5861] <... mount resumed>) = 0 [pid 5868] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0executing program [pid 5866] write(1, "executing program\n", 18 [pid 5861] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5868] <... mmap resumed>) = 0x7f1df2200000 [pid 5866] <... write resumed>) = 18 [pid 5866] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5864] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5861] <... openat resumed>) = 3 [pid 5866] <... futex resumed>) = 0 [pid 5861] chdir("./file0" [pid 5866] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5861] <... chdir resumed>) = 0 [pid 5867] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5866] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [ 139.093360][ T5861] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5861] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5861] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5861] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5866] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5860] <... futex resumed>) = 0 [pid 5866] <... mmap resumed>) = 0x7f1dfa693000 [pid 5860] exit_group(0 [pid 5866] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5861] <... futex resumed>) = ? [pid 5860] <... exit_group resumed>) = ? [pid 5866] <... mprotect resumed>) = 0 [pid 5861] +++ exited with 0 +++ [pid 5866] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5866] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5864] <... write resumed>) = 2097152 [pid 5866] <... clone3 resumed> => {parent_tid=[5869]}, 88) = 5869 [pid 5860] +++ exited with 0 +++ ./strace-static-x86_64: Process 5869 attached [pid 5869] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5866] rt_sigprocmask(SIG_SETMASK, [], [pid 5864] munmap(0x7f1df2200000, 138412032 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5860, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5869] <... rseq resumed>) = 0 [pid 5868] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5866] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5864] <... munmap resumed>) = 0 [pid 5088] umount2("./75", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5869] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5866] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5869] <... set_robust_list resumed>) = 0 [pid 5866] <... futex resumed>) = 0 [pid 5869] rt_sigprocmask(SIG_SETMASK, [], [pid 5866] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5869] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5869] memfd_create("syzkaller", 0 [pid 5864] <... openat resumed>) = 4 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./75", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... openat resumed>) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5869] <... memfd_create resumed>) = 3 [pid 5088] umount2("./75/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5869] <... mmap resumed>) = 0x7f1df2200000 [pid 5867] <... write resumed>) = 2097152 [pid 5864] <... ioctl resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./75/binderfs", [pid 5867] munmap(0x7f1df2200000, 138412032 [pid 5864] close(3) = 0 [pid 5867] <... munmap resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] close(4 [pid 5088] unlink("./75/binderfs" [pid 5867] <... openat resumed>) = 4 [pid 5864] <... close resumed>) = 0 [pid 5867] ioctl(4, LOOP_SET_FD, 3 [pid 5864] mkdir("./file0", 0777 [pid 5088] <... unlink resumed>) = 0 [pid 5088] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... mkdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [ 139.186881][ T5864] loop2: detected capacity change from 0 to 4096 [ 139.222391][ T5867] loop1: detected capacity change from 0 to 4096 [pid 5864] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5868] <... write resumed>) = 2097152 [pid 5867] <... ioctl resumed>) = 0 [pid 5088] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5869] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5868] munmap(0x7f1df2200000, 138412032 [pid 5867] close(3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./75/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./75/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./75/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", [pid 5868] <... munmap resumed>) = 0 [pid 5867] <... close resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5867] close(4 [pid 5868] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] getdents64(4, [pid 5867] <... close resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4 [pid 5868] <... openat resumed>) = 4 [pid 5867] mkdir("./file0", 0777) = 0 [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./75/file0") = 0 [ 139.236507][ T5864] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5867] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] getdents64(3, [pid 5868] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./75") = 0 [pid 5088] mkdir("./76", 0777) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5864] <... mount resumed>) = 0 [pid 5869] <... write resumed>) = 2097152 [pid 5868] <... ioctl resumed>) = 0 [pid 5864] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5868] close(3 [pid 5864] chdir("./file0" [pid 5868] <... close resumed>) = 0 [pid 5864] <... chdir resumed>) = 0 [pid 5868] close(4) = 0 [ 139.287978][ T5864] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 139.291772][ T5868] loop0: detected capacity change from 0 to 4096 [ 139.301677][ T5867] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5869] munmap(0x7f1df2200000, 138412032 [pid 5868] mkdir("./file0", 0777 [pid 5864] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5868] <... mkdir resumed>) = 0 [pid 5867] <... mount resumed>) = 0 [pid 5864] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5869] <... munmap resumed>) = 0 [pid 5868] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5864] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5869] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5864] <... futex resumed>) = 1 [pid 5863] <... futex resumed>) = 0 [pid 5863] exit_group(0 [pid 5867] <... openat resumed>) = 3 [pid 5867] chdir("./file0") = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5867] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5862] <... futex resumed>) = 0 [pid 5862] exit_group(0) = ? [pid 5867] +++ exited with 0 +++ [pid 5862] +++ exited with 0 +++ [pid 5869] <... openat resumed>) = 4 [pid 5864] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5869] ioctl(4, LOOP_SET_FD, 3 [pid 5864] <... futex resumed>) = ? [pid 5863] <... exit_group resumed>) = ? [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5862, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5869] <... ioctl resumed>) = 0 [pid 5864] +++ exited with 0 +++ [pid 5863] +++ exited with 0 +++ [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5869] close(3) = 0 [pid 5086] <... restart_syscall resumed>) = 0 [pid 5086] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5869] close(4 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5863, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5869] <... close resumed>) = 0 [pid 5087] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5869] mkdir("./file0", 0777 [pid 5086] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... openat resumed>) = 3 [pid 5087] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", [pid 5087] newfstatat(3, "", [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] getdents64(3, [pid 5869] <... mkdir resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5869] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 139.341254][ T5867] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 139.370939][ T5868] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 139.382909][ T5869] loop4: detected capacity change from 0 to 4096 [pid 5087] unlink("./76/binderfs" [pid 5086] unlink("./76/binderfs") = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5086] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5088] close(3) = 0 [pid 5087] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./76/file0", [pid 5087] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5087] newfstatat(4, "", [pid 5086] getdents64(4, [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./76/file0") = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5870 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./76" [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [ 139.420976][ T5869] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5870 attached [pid 5087] close(4 [pid 5086] <... rmdir resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./76/file0" [pid 5870] set_robust_list(0x555580b0d6a0, 24 [pid 5086] mkdir("./77", 0777 [pid 5870] <... set_robust_list resumed>) = 0 [pid 5870] chdir("./76" [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5870] <... chdir resumed>) = 0 [pid 5087] getdents64(3, [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5870] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5870] <... prctl resumed>) = 0 executing program [pid 5087] close(3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5870] setpgid(0, 0 [pid 5087] <... close resumed>) = 0 [pid 5870] <... setpgid resumed>) = 0 [pid 5870] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5870] write(3, "1000", 4) = 4 [pid 5870] close(3) = 0 [pid 5870] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5870] write(1, "executing program\n", 18) = 18 [pid 5870] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5870] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5870] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5870] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5870] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5087] rmdir("./76" [pid 5870] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5868] <... mount resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5087] mkdir("./77", 0777 [pid 5870] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5870] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5871]}, 88) = 5871 [pid 5870] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... mkdir resumed>) = 0 [pid 5870] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5870] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5870] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5871 attached [pid 5871] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5869] <... mount resumed>) = 0 [pid 5868] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5871] <... rseq resumed>) = 0 [pid 5869] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5869] chdir("./file0" [pid 5871] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5869] <... chdir resumed>) = 0 [pid 5871] <... set_robust_list resumed>) = 0 [pid 5869] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5871] rt_sigprocmask(SIG_SETMASK, [], [pid 5869] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5868] <... openat resumed>) = 3 [pid 5087] <... openat resumed>) = 3 [pid 5871] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5869] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5868] chdir("./file0" [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5871] memfd_create("syzkaller", 0 [pid 5869] <... futex resumed>) = 1 [pid 5868] <... chdir resumed>) = 0 [pid 5866] <... futex resumed>) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5866] exit_group(0 [pid 5868] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] <... exit_group resumed>) = ? [pid 5869] +++ exited with 0 +++ [pid 5866] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5866, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5871] <... memfd_create resumed>) = 3 [pid 5868] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [ 139.492452][ T5868] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 139.510093][ T5869] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5868] <... futex resumed>) = 1 [pid 5865] <... futex resumed>) = 0 [pid 5871] <... mmap resumed>) = 0x7f1df2200000 [pid 5868] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5865] exit_group(0) = ? [pid 5089] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5868] <... futex resumed>) = ? [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5868] +++ exited with 0 +++ [pid 5865] +++ exited with 0 +++ [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5865, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5085] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5871] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] getdents64(3, [pid 5086] <... close resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... openat resumed>) = 3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5872 attached [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5872 [pid 5085] newfstatat(3, "", [pid 5089] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] getdents64(3, [pid 5089] unlink("./76/binderfs" [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] <... unlink resumed>) = 0 [pid 5089] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5872] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... umount2 resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5872] <... set_robust_list resumed>) = 0 [pid 5089] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] unlink("./76/binderfs" [pid 5872] chdir("./77" [pid 5871] <... write resumed>) = 2097152 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... unlink resumed>) = 0 [pid 5872] <... chdir resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./76/file0", [pid 5085] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5872] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5871] munmap(0x7f1df2200000, 138412032 [pid 5872] setpgid(0, 0 [pid 5871] <... munmap resumed>) = 0 [pid 5872] <... setpgid resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5089] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5872] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5871] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5872] <... openat resumed>) = 3 [pid 5087] <... ioctl resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5872] write(3, "1000", 4 [pid 5089] <... openat resumed>) = 4 [pid 5085] newfstatat(AT_FDCWD, "./76/file0", [pid 5872] <... write resumed>) = 4 [pid 5871] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", [pid 5087] close(3 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5872] close(3 [pid 5871] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... close resumed>) = 0 [pid 5085] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5872] <... close resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5873 attached [pid 5872] symlink("/dev/binderfs", "./binderfs" [pid 5871] <... ioctl resumed>) = 0 [pid 5089] getdents64(4, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5873] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5873 [pid 5873] <... set_robust_list resumed>) = 0 [pid 5872] <... symlink resumed>) = 0 [pid 5871] close(3 [pid 5089] getdents64(4, [pid 5085] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5873] chdir("./77"executing program [pid 5872] write(1, "executing program\n", 18 [pid 5871] <... close resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5871] close(4 [pid 5089] close(4 [pid 5872] <... write resumed>) = 18 [pid 5085] newfstatat(4, "", [pid 5871] <... close resumed>) = 0 [pid 5873] <... chdir resumed>) = 0 [pid 5873] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5873] setpgid(0, 0 [pid 5872] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5871] mkdir("./file0", 0777 [pid 5085] getdents64(4, [pid 5873] <... setpgid resumed>) = 0 [pid 5873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5872] <... futex resumed>) = 0 [pid 5871] <... mkdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5872] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5085] getdents64(4, [pid 5872] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5872] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] close(4) = 0 [pid 5872] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5873] <... openat resumed>) = 3 [pid 5872] <... mmap resumed>) = 0x7f1dfa693000 [pid 5085] rmdir("./76/file0" [pid 5872] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] rmdir("./76/file0" [pid 5085] <... rmdir resumed>) = 0 [pid 5872] <... mprotect resumed>) = 0 [pid 5085] getdents64(3, [pid 5873] write(3, "1000", 4 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5873] <... write resumed>) = 4 [pid 5872] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] close(3 [pid 5873] close(3 [pid 5871] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, ""executing program [pid 5873] <... close resumed>) = 0 [pid 5872] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5085] <... close resumed>) = 0 [pid 5873] symlink("/dev/binderfs", "./binderfs" [pid 5085] rmdir("./76" [pid 5873] <... symlink resumed>) = 0 [pid 5872] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5873] write(1, "executing program\n", 18) = 18 [pid 5085] <... rmdir resumed>) = 0 [ 139.649648][ T5871] loop3: detected capacity change from 0 to 4096 [pid 5873] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5872] <... clone3 resumed> => {parent_tid=[5874]}, 88) = 5874 [pid 5089] getdents64(3, [pid 5085] mkdir("./77", 0777 [pid 5873] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, ./strace-static-x86_64: Process 5874 attached NULL, 8) = 0 [pid 5874] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5873] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5874] <... rseq resumed>) = 0 [pid 5873] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5874] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5873] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5874] <... set_robust_list resumed>) = 0 [pid 5873] <... mmap resumed>) = 0x7f1dfa693000 [pid 5874] rt_sigprocmask(SIG_SETMASK, [], [pid 5873] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5874] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5873] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5874] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5873] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5872] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5872] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5873] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5872] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] close(3 [pid 5085] <... openat resumed>) = 3 [pid 5874] <... futex resumed>) = 0 [pid 5873] <... clone3 resumed> => {parent_tid=[5875]}, 88) = 5875 [pid 5872] <... futex resumed>) = 1 [pid 5089] <... close resumed>) = 0 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5874] memfd_create("syzkaller", 0 [pid 5873] rt_sigprocmask(SIG_SETMASK, [], [pid 5872] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] rmdir("./76"./strace-static-x86_64: Process 5875 attached [pid 5873] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5875] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5874] <... memfd_create resumed>) = 3 [pid 5873] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] mkdir("./77", 0777 [pid 5875] <... rseq resumed>) = 0 [pid 5873] <... futex resumed>) = 0 [pid 5874] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5873] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5875] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5874] <... mmap resumed>) = 0x7f1df2200000 [pid 5875] <... set_robust_list resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5875] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5875] memfd_create("syzkaller", 0 [pid 5871] <... mount resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5875] <... memfd_create resumed>) = 3 [pid 5875] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5089] <... openat resumed>) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5871] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 139.691944][ T5871] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 139.730038][ T5871] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5871] chdir("./file0") = 0 [pid 5871] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5871] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5871] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5870] <... futex resumed>) = 0 [pid 5870] exit_group(0) = ? [pid 5871] <... futex resumed>) = ? [pid 5871] +++ exited with 0 +++ [pid 5870] +++ exited with 0 +++ [pid 5085] <... ioctl resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5870, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5874] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] close(3) = 0 [pid 5088] umount2("./76", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./76", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5876 attached [pid 5876] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5876] chdir("./77") = 0 [pid 5876] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] <... openat resumed>) = 3 [pid 5876] <... prctl resumed>) = 0 [pid 5088] newfstatat(3, "", [pid 5876] setpgid(0, 0) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program ) = 3 [pid 5875] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] getdents64(3, [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5876 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./76/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5876] write(3, "1000", 4 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./76/binderfs", [pid 5876] <... write resumed>) = 4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5876] close(3 [pid 5088] unlink("./76/binderfs" [pid 5876] <... close resumed>) = 0 [pid 5876] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5876] write(1, "executing program\n", 18) = 18 [pid 5876] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5876] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5876] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5876] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5876] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5876] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5876] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5877 attached [pid 5877] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5877] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5877] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5877] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5876] <... clone3 resumed> => {parent_tid=[5877]}, 88) = 5877 [pid 5876] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5876] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5877] <... futex resumed>) = 0 [pid 5876] <... futex resumed>) = 1 [pid 5877] memfd_create("syzkaller", 0 [pid 5876] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5875] <... write resumed>) = 2097152 [pid 5877] <... memfd_create resumed>) = 3 [pid 5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5088] <... umount2 resumed>) = 0 [pid 5875] munmap(0x7f1df2200000, 138412032) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5089] close(3 [pid 5088] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./76/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5878 attached [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5878 [pid 5878] set_robust_list(0x555580b0d6a0, 24 [pid 5088] umount2("./76/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5878] <... set_robust_list resumed>) = 0 [pid 5875] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5878] chdir("./77" [pid 5875] <... openat resumed>) = 4 [pid 5088] openat(AT_FDCWD, "./76/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5875] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... openat resumed>) = 4 [pid 5878] <... chdir resumed>) = 0 [pid 5878] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5874] <... write resumed>) = 2097152 [pid 5088] newfstatat(4, "", [pid 5878] <... prctl resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5878] setpgid(0, 0) = 0 [pid 5874] munmap(0x7f1df2200000, 138412032 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./76/file0") = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./76") = 0 [pid 5874] <... munmap resumed>) = 0 [pid 5878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5875] <... ioctl resumed>) = 0 [pid 5088] mkdir("./77", 0777 [pid 5875] close(3 [pid 5878] <... openat resumed>) = 3 [pid 5875] <... close resumed>) = 0 [pid 5875] close(4 [pid 5088] <... mkdir resumed>) = 0 [pid 5878] write(3, "1000", 4 [pid 5875] <... close resumed>) = 0 [pid 5874] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5878] <... write resumed>) = 4 [pid 5875] mkdir("./file0", 0777 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5878] close(3 [pid 5875] <... mkdir resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5878] <... close resumed>) = 0 [pid 5874] <... openat resumed>) = 4 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5878] symlink("/dev/binderfs", "./binderfs" [pid 5874] ioctl(4, LOOP_SET_FD, 3 [ 139.884661][ T5875] loop2: detected capacity change from 0 to 4096 [ 139.919674][ T5874] loop1: detected capacity change from 0 to 4096 [pid 5875] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5878] <... symlink resumed>) = 0 [pid 5877] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152executing program [pid 5878] write(1, "executing program\n", 18 [pid 5874] <... ioctl resumed>) = 0 [pid 5878] <... write resumed>) = 18 [pid 5874] close(3) = 0 [pid 5878] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5874] close(4 [pid 5878] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5874] <... close resumed>) = 0 [pid 5878] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5874] mkdir("./file0", 0777 [pid 5878] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5874] <... mkdir resumed>) = 0 [pid 5878] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5874] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5878] <... mmap resumed>) = 0x7f1dfa693000 [pid 5878] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5877] <... write resumed>) = 2097152 [pid 5878] <... mprotect resumed>) = 0 [pid 5877] munmap(0x7f1df2200000, 138412032 [pid 5878] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5877] <... munmap resumed>) = 0 [pid 5878] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5878] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5879]}, 88) = 5879 [pid 5878] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 5879 attached [pid 5879] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5878] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5879] <... rseq resumed>) = 0 [pid 5878] <... futex resumed>) = 0 [pid 5879] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5878] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5879] <... set_robust_list resumed>) = 0 [pid 5879] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5879] memfd_create("syzkaller", 0) = 3 [pid 5879] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 139.921434][ T5875] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 139.953156][ T5874] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5877] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... ioctl resumed>) = 0 [pid 5877] <... ioctl resumed>) = 0 [pid 5877] close(3) = 0 [pid 5877] close(4) = 0 [pid 5877] mkdir("./file0", 0777 [pid 5088] close(3) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5877] <... mkdir resumed>) = 0 [ 140.015973][ T5877] loop0: detected capacity change from 0 to 4096 [pid 5877] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, ""./strace-static-x86_64: Process 5880 attached [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5880 [pid 5880] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5880] chdir("./77") = 0 [pid 5880] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5875] <... mount resumed>) = 0 [pid 5880] <... prctl resumed>) = 0 [pid 5880] setpgid(0, 0) = 0 [pid 5875] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5880] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5874] <... mount resumed>) = 0 [pid 5875] chdir("./file0" [pid 5880] <... openat resumed>) = 3 [pid 5875] <... chdir resumed>) = 0 [pid 5874] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5880] write(3, "1000", 4 [pid 5875] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5874] <... openat resumed>) = 3 [pid 5880] <... write resumed>) = 4 [pid 5875] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5874] chdir("./file0" [pid 5880] close(3 [pid 5875] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5874] <... chdir resumed>) = 0 [pid 5880] <... close resumed>) = 0 [pid 5879] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5875] <... futex resumed>) = 1 [pid 5874] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5873] <... futex resumed>) = 0 [pid 5880] symlink("/dev/binderfs", "./binderfs" [pid 5875] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5874] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5873] exit_group(0 [pid 5880] <... symlink resumed>) = 0 [pid 5875] <... futex resumed>) = ? [pid 5874] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5873] <... exit_group resumed>) = ? [pid 5874] <... futex resumed>) = 1 [pid 5872] <... futex resumed>) = 0 [pid 5872] exit_group(0) = ? [ 140.066121][ T5877] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 140.080902][ T5875] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 140.094288][ T5874] ntfs3: loop1: Failed to initialize $Extend/$ObjId. executing program [pid 5880] write(1, "executing program\n", 18 [pid 5875] +++ exited with 0 +++ [pid 5874] +++ exited with 0 +++ [pid 5873] +++ exited with 0 +++ [pid 5872] +++ exited with 0 +++ [pid 5880] <... write resumed>) = 18 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5873, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5880] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5872, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5880] <... futex resumed>) = 0 [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5880] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... restart_syscall resumed>) = 0 [pid 5880] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5086] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5880] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5086] newfstatat(3, "", [pid 5880] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5880] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] getdents64(3, [pid 5880] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... openat resumed>) = 3 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5880] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] newfstatat(3, "", [pid 5086] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5880] <... mprotect resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./77/binderfs") = 0 [pid 5086] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5880] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5880] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5880] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./77/binderfs", [pid 5880] <... clone3 resumed> => {parent_tid=[5881]}, 88) = 5881 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./77/binderfs"./strace-static-x86_64: Process 5881 attached ) = 0 [pid 5880] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5880] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5880] <... futex resumed>) = 0 [pid 5880] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5881] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5881] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5086] <... umount2 resumed>) = 0 [pid 5881] <... set_robust_list resumed>) = 0 [pid 5881] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5879] <... write resumed>) = 2097152 [pid 5881] memfd_create("syzkaller", 0 [pid 5877] <... mount resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5086] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5881] <... memfd_create resumed>) = 3 [pid 5879] munmap(0x7f1df2200000, 138412032 [pid 5877] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5879] <... munmap resumed>) = 0 [pid 5877] <... openat resumed>) = 3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./77/file0", [pid 5881] <... mmap resumed>) = 0x7f1df2200000 [pid 5879] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5877] chdir("./file0" [pid 5087] newfstatat(AT_FDCWD, "./77/file0", [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5879] <... openat resumed>) = 4 [pid 5086] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5879] ioctl(4, LOOP_SET_FD, 3 [pid 5877] <... chdir resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5879] <... ioctl resumed>) = 0 [pid 5877] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5877] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] getdents64(4, [pid 5087] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5086] close(4 [pid 5087] newfstatat(4, "", [pid 5086] <... close resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] rmdir("./77/file0" [pid 5087] getdents64(4, [pid 5877] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5877] <... futex resumed>) = 1 [pid 5876] <... futex resumed>) = 0 [pid 5087] getdents64(4, [pid 5877] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5876] exit_group(0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5877] <... futex resumed>) = ? [pid 5876] <... exit_group resumed>) = ? [pid 5087] close(4 [pid 5086] getdents64(3, [pid 5879] close(3 [pid 5877] +++ exited with 0 +++ [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./77/file0" [pid 5879] <... close resumed>) = 0 [pid 5876] +++ exited with 0 +++ [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5879] close(4 [pid 5087] getdents64(3, [pid 5086] close(3 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5876, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 5879] <... close resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] <... close resumed>) = 0 [pid 5879] mkdir("./file0", 0777 [pid 5086] rmdir("./77" [pid 5879] <... mkdir resumed>) = 0 [pid 5087] close(3 [pid 5085] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... close resumed>) = 0 [pid 5086] mkdir("./78", 0777 [pid 5085] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] rmdir("./77" [pid 5085] <... openat resumed>) = 3 [pid 5881] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5879] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... mkdir resumed>) = 0 [pid 5085] newfstatat(3, "", [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [ 140.189561][ T5877] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 140.212549][ T5879] loop4: detected capacity change from 0 to 4096 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] mkdir("./78", 0777) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./77/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5085] unlink("./77/binderfs" [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] <... unlink resumed>) = 0 [pid 5085] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5085] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./77/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5881] <... write resumed>) = 2097152 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./77/file0" [pid 5881] munmap(0x7f1df2200000, 138412032 [pid 5085] <... rmdir resumed>) = 0 [ 140.247965][ T5879] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5085] getdents64(3, [pid 5881] <... munmap resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5881] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] close(3 [pid 5881] <... openat resumed>) = 4 [pid 5881] ioctl(4, LOOP_SET_FD, 3 [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./77" [pid 5087] <... ioctl resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5085] mkdir("./78", 0777 [pid 5087] close(3 [pid 5879] <... mount resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5879] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... close resumed>) = 0 [pid 5086] close(3 [pid 5879] <... openat resumed>) = 3 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] <... close resumed>) = 0 [pid 5879] chdir("./file0" [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5881] <... ioctl resumed>) = 0 [pid 5879] <... chdir resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5881] close(3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5881] <... close resumed>) = 0 [pid 5879] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5882 attached [pid 5881] close(4 [pid 5879] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5882] set_robust_list(0x555580b0d6a0, 24 [pid 5881] <... close resumed>) = 0 [pid 5879] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5883 [pid 5882] <... set_robust_list resumed>) = 0 [pid 5879] <... futex resumed>) = 1 [pid 5878] <... futex resumed>) = 0 [pid 5882] chdir("./78" [pid 5878] exit_group(0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5882 [pid 5882] <... chdir resumed>) = 0 [pid 5878] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 5883 attached [pid 5882] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5881] mkdir("./file0", 0777 [pid 5879] +++ exited with 0 +++ [pid 5878] +++ exited with 0 +++ [pid 5882] <... prctl resumed>) = 0 [pid 5882] setpgid(0, 0 [pid 5881] <... mkdir resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5878, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5882] <... setpgid resumed>) = 0 [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5881] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... restart_syscall resumed>) = 0 [pid 5883] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5883] chdir("./78" [pid 5882] <... openat resumed>) = 3 [pid 5089] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5883] <... chdir resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 140.318473][ T5879] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 140.351327][ T5881] loop3: detected capacity change from 0 to 4096 [pid 5882] write(3, "1000", 4 [pid 5089] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5882] <... write resumed>) = 4 [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5882] close(3 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5882] <... close resumed>) = 0 [pid 5089] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5882] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 5089] newfstatat(AT_FDCWD, "./77/binderfs", [pid 5882] write(1, "executing program\n", 18 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5882] <... write resumed>) = 18 [pid 5089] unlink("./77/binderfs" [pid 5883] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5882] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5883] <... prctl resumed>) = 0 [pid 5882] <... futex resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5882] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5882] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5089] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5883] setpgid(0, 0 [pid 5882] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5883] <... setpgid resumed>) = 0 [pid 5882] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] <... umount2 resumed>) = 0 [pid 5883] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5882] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5883] <... openat resumed>) = 3 [pid 5882] <... mprotect resumed>) = 0 [pid 5089] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5882] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./77/file0", [pid 5882] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5882] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5884 attached ) = -1 EINVAL (Invalid argument) [pid 5884] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5089] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5884] <... rseq resumed>) = 0 [pid 5882] <... clone3 resumed> => {parent_tid=[5884]}, 88) = 5884 [pid 5884] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5882] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... openat resumed>) = 4 [pid 5884] <... set_robust_list resumed>) = 0 [pid 5882] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] newfstatat(4, "", [pid 5884] rt_sigprocmask(SIG_SETMASK, [], [pid 5883] write(3, "1000", 4 [pid 5882] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5884] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5882] <... futex resumed>) = 0 [pid 5884] memfd_create("syzkaller", 0 [pid 5883] <... write resumed>) = 4 [pid 5882] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5884] <... memfd_create resumed>) = 3 [pid 5883] close(3 [pid 5089] rmdir("./77/file0" [pid 5883] <... close resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5883] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5883] write(1, "executing program\n", 18) = 18 [pid 5883] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] getdents64(3, [pid 5883] <... futex resumed>) = 0 [pid 5883] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5883] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5883] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5089] close(3 [pid 5883] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5089] <... close resumed>) = 0 [ 140.381293][ T5881] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5883] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5883] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5089] rmdir("./77" [pid 5883] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5885 attached [pid 5883] <... clone3 resumed> => {parent_tid=[5885]}, 88) = 5885 [pid 5885] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5883] rt_sigprocmask(SIG_SETMASK, [], [pid 5885] <... rseq resumed>) = 0 [pid 5883] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] mkdir("./78", 0777 [pid 5885] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5883] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... mkdir resumed>) = 0 [pid 5885] <... set_robust_list resumed>) = 0 [pid 5883] <... futex resumed>) = 0 [pid 5885] rt_sigprocmask(SIG_SETMASK, [], [pid 5883] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5085] <... ioctl resumed>) = 0 [pid 5885] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5884] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5881] <... mount resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5085] close(3 [pid 5885] memfd_create("syzkaller", 0 [pid 5085] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5886 attached [pid 5885] <... memfd_create resumed>) = 3 [pid 5886] set_robust_list(0x555580b0d6a0, 24 [pid 5885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5886] <... set_robust_list resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5886 [pid 5886] chdir("./78") = 0 [pid 5885] <... mmap resumed>) = 0x7f1df2200000 [pid 5886] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5886] setpgid(0, 0) = 0 [pid 5886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5881] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5886] <... openat resumed>) = 3 [pid 5881] <... openat resumed>) = 3 [pid 5881] chdir("./file0" [pid 5886] write(3, "1000", 4 [pid 5881] <... chdir resumed>) = 0 [pid 5886] <... write resumed>) = 4 [pid 5886] close(3) = 0 [pid 5881] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5886] symlink("/dev/binderfs", "./binderfs" [pid 5881] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5886] <... symlink resumed>) = 0 executing program [pid 5886] write(1, "executing program\n", 18 [pid 5881] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5886] <... write resumed>) = 18 [pid 5881] <... futex resumed>) = 1 [pid 5880] <... futex resumed>) = 0 [pid 5886] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5881] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5880] exit_group(0 [pid 5886] <... futex resumed>) = 0 [pid 5881] <... futex resumed>) = ? [pid 5880] <... exit_group resumed>) = ? [pid 5886] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5881] +++ exited with 0 +++ [ 140.463858][ T5881] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5886] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5886] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5886] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5884] <... write resumed>) = 2097152 [pid 5880] +++ exited with 0 +++ [pid 5886] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5880, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5886] <... mprotect resumed>) = 0 [pid 5886] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5886] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] umount2("./77", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5887 attached [pid 5886] <... clone3 resumed> => {parent_tid=[5887]}, 88) = 5887 [pid 5088] openat(AT_FDCWD, "./77", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5887] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5886] rt_sigprocmask(SIG_SETMASK, [], [pid 5887] <... rseq resumed>) = 0 [pid 5886] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5887] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5886] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] newfstatat(3, "", [pid 5887] <... set_robust_list resumed>) = 0 [pid 5886] <... futex resumed>) = 0 [pid 5885] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5887] rt_sigprocmask(SIG_SETMASK, [], [pid 5886] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] <... ioctl resumed>) = 0 [pid 5088] getdents64(3, [pid 5887] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] close(3 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5884] munmap(0x7f1df2200000, 138412032 [pid 5088] umount2("./77/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5884] <... munmap resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./77/binderfs", [pid 5887] memfd_create("syzkaller", 0 [pid 5089] <... close resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./77/binderfs" [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5888 attached [pid 5088] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5888] set_robust_list(0x555580b0d6a0, 24 [pid 5884] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] <... umount2 resumed>) = 0 [pid 5888] <... set_robust_list resumed>) = 0 [pid 5887] <... memfd_create resumed>) = 3 [pid 5884] <... openat resumed>) = 4 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5888 [pid 5088] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5888] chdir("./78" [pid 5887] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5884] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5888] <... chdir resumed>) = 0 [pid 5887] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] newfstatat(AT_FDCWD, "./77/file0", [pid 5888] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5888] setpgid(0, 0 [pid 5088] umount2("./77/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5888] <... setpgid resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5888] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] openat(AT_FDCWD, "./77/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5888] <... openat resumed>) = 3 [pid 5888] write(3, "1000", 4 [pid 5088] <... openat resumed>) = 4 [pid 5888] <... write resumed>) = 4 [pid 5088] newfstatat(4, "", [pid 5888] close(3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5888] <... close resumed>) = 0 [pid 5885] <... write resumed>) = 2097152 [pid 5088] getdents64(4, [pid 5888] symlink("/dev/binderfs", "./binderfs" [pid 5885] munmap(0x7f1df2200000, 138412032 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5888] <... symlink resumed>) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4 [pid 5888] write(1, "executing program\n", 18executing program [pid 5088] <... close resumed>) = 0 [pid 5888] <... write resumed>) = 18 [pid 5088] rmdir("./77/file0" [pid 5888] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5884] <... ioctl resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5888] <... futex resumed>) = 0 [pid 5884] close(3 [pid 5088] getdents64(3, [pid 5888] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5884] <... close resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5887] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5885] <... munmap resumed>) = 0 [pid 5088] close(3 [pid 5888] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5884] close(4 [pid 5088] <... close resumed>) = 0 [pid 5888] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5884] <... close resumed>) = 0 [pid 5888] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5885] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5884] mkdir("./file0", 0777 [pid 5088] rmdir("./77" [pid 5888] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5885] <... openat resumed>) = 4 [pid 5888] <... mmap resumed>) = 0x7f1dfa693000 [ 140.600030][ T5884] loop1: detected capacity change from 0 to 4096 [pid 5888] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5884] <... mkdir resumed>) = 0 [pid 5888] <... mprotect resumed>) = 0 [pid 5888] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5884] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... rmdir resumed>) = 0 [pid 5885] ioctl(4, LOOP_SET_FD, 3 [pid 5888] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5888] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] mkdir("./78", 0777) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5888] <... clone3 resumed> => {parent_tid=[5889]}, 88) = 5889 [pid 5888] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5888] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... openat resumed>) = 3 [pid 5888] <... futex resumed>) = 0 [pid 5888] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5885] <... ioctl resumed>) = 0 [pid 5885] close(3./strace-static-x86_64: Process 5889 attached [pid 5889] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5889] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5889] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5885] <... close resumed>) = 0 [pid 5889] memfd_create("syzkaller", 0 [pid 5885] close(4) = 0 [pid 5885] mkdir("./file0", 0777 [pid 5889] <... memfd_create resumed>) = 3 [pid 5889] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5885] <... mkdir resumed>) = 0 [ 140.657648][ T5885] loop2: detected capacity change from 0 to 4096 [ 140.657703][ T5884] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5885] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5887] <... write resumed>) = 2097152 [pid 5887] munmap(0x7f1df2200000, 138412032) = 0 [ 140.701916][ T5885] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5889] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5884] <... mount resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5887] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5887] ioctl(4, LOOP_SET_FD, 3 [pid 5088] close(3 [pid 5884] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 5890 [pid 5887] <... ioctl resumed>) = 0 [pid 5884] <... openat resumed>) = 3 [pid 5887] close(3 [pid 5884] chdir("./file0" [pid 5887] <... close resumed>) = 0 [pid 5885] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5890 attached [pid 5887] close(4 [pid 5885] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5887] <... close resumed>) = 0 [pid 5884] <... chdir resumed>) = 0 [pid 5890] set_robust_list(0x555580b0d6a0, 24 [pid 5887] mkdir("./file0", 0777 [pid 5884] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5890] <... set_robust_list resumed>) = 0 [pid 5885] <... openat resumed>) = 3 [pid 5890] chdir("./78") = 0 [pid 5890] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5889] <... write resumed>) = 2097152 [pid 5887] <... mkdir resumed>) = 0 [pid 5885] chdir("./file0" [pid 5884] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5890] setpgid(0, 0 [pid 5889] munmap(0x7f1df2200000, 138412032 [pid 5887] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5885] <... chdir resumed>) = 0 [pid 5884] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5890] <... setpgid resumed>) = 0 [pid 5885] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5884] <... futex resumed>) = 1 [pid 5882] <... futex resumed>) = 0 [pid 5890] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5882] exit_group(0 [pid 5885] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5882] <... exit_group resumed>) = ? [ 140.743235][ T5884] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 140.768240][ T5887] loop0: detected capacity change from 0 to 4096 [ 140.776570][ T5885] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5885] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5890] <... openat resumed>) = 3 [pid 5889] <... munmap resumed>) = 0 [pid 5885] <... futex resumed>) = 1 [pid 5884] +++ exited with 0 +++ [pid 5883] <... futex resumed>) = 0 [pid 5882] +++ exited with 0 +++ [pid 5890] write(3, "1000", 4 [pid 5885] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5883] exit_group(0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5882, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5890] <... write resumed>) = 4 [pid 5889] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5885] <... futex resumed>) = ? [pid 5883] <... exit_group resumed>) = ? [pid 5890] close(3) = 0 [pid 5086] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5890] symlink("/dev/binderfs", "./binderfs" [pid 5086] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5890] <... symlink resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5890] write(1, "executing program\n", 18 [pid 5086] newfstatat(3, "", executing program [pid 5890] <... write resumed>) = 18 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5890] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] getdents64(3, [pid 5890] <... futex resumed>) = 0 [pid 5890] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5890] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5086] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5890] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5890] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5890] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5889] <... openat resumed>) = 4 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5890] <... mmap resumed>) = 0x7f1dfa693000 [pid 5889] ioctl(4, LOOP_SET_FD, 3 [pid 5086] unlink("./78/binderfs" [pid 5890] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5889] <... ioctl resumed>) = 0 [pid 5890] <... mprotect resumed>) = 0 [pid 5889] close(3 [pid 5885] +++ exited with 0 +++ [pid 5883] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5883, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5087] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5889] <... close resumed>) = 0 [pid 5890] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5889] close(4) = 0 [pid 5087] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... unlink resumed>) = 0 [pid 5890] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5889] mkdir("./file0", 0777 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5890] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5889] <... mkdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5890] <... clone3 resumed> => {parent_tid=[5891]}, 88) = 5891 [pid 5087] <... openat resumed>) = 3 [pid 5890] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] newfstatat(3, "", ./strace-static-x86_64: Process 5891 attached [pid 5890] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5889] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5891] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5890] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5891] <... rseq resumed>) = 0 [pid 5890] <... futex resumed>) = 0 [pid 5087] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5891] set_robust_list(0x7f1dfa6b39a0, 24 [ 140.825477][ T5887] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 140.854251][ T5889] loop4: detected capacity change from 0 to 4096 [pid 5890] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5891] <... set_robust_list resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5891] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] newfstatat(AT_FDCWD, "./78/file0", [pid 5887] <... mount resumed>) = 0 [pid 5891] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] unlink("./78/binderfs" [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5891] memfd_create("syzkaller", 0 [pid 5087] <... unlink resumed>) = 0 [pid 5086] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5891] <... memfd_create resumed>) = 3 [pid 5887] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5891] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5887] <... openat resumed>) = 3 [ 140.895975][ T5889] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 140.904331][ T5887] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5086] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5891] <... mmap resumed>) = 0x7f1df2200000 [pid 5887] chdir("./file0" [pid 5087] <... umount2 resumed>) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5889] <... mount resumed>) = 0 [pid 5887] <... chdir resumed>) = 0 [pid 5086] newfstatat(4, "", [pid 5887] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5889] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] getdents64(4, [pid 5889] <... openat resumed>) = 3 [pid 5887] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5887] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(4, [pid 5889] chdir("./file0" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5889] <... chdir resumed>) = 0 [pid 5887] <... futex resumed>) = 1 [pid 5886] <... futex resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./78/file0", [pid 5086] close(4 [pid 5889] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5887] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5886] exit_group(0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... close resumed>) = 0 [pid 5889] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5887] <... futex resumed>) = ? [pid 5886] <... exit_group resumed>) = ? [pid 5087] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] rmdir("./78/file0" [pid 5889] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5887] +++ exited with 0 +++ [pid 5886] +++ exited with 0 +++ [pid 5086] <... rmdir resumed>) = 0 [pid 5891] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5888] <... futex resumed>) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5886, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5888] exit_group(0) = ? [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] rmdir("./78" [pid 5085] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5889] <... futex resumed>) = ? [pid 5085] getdents64(3, [pid 5086] mkdir("./79", 0777) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... openat resumed>) = 3 [pid 5085] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./78/binderfs") = 0 [pid 5085] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5889] +++ exited with 0 +++ [pid 5888] +++ exited with 0 +++ [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5888, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5087] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 140.942214][ T5889] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5087] newfstatat(4, "", [pid 5891] <... write resumed>) = 2097152 [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5085] <... umount2 resumed>) = 0 [pid 5085] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... restart_syscall resumed>) = 0 [pid 5891] munmap(0x7f1df2200000, 138412032 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] getdents64(4, [pid 5085] newfstatat(AT_FDCWD, "./78/file0", [pid 5089] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5891] <... munmap resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] getdents64(4, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5891] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... openat resumed>) = 3 [pid 5085] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5891] <... openat resumed>) = 4 [pid 5089] newfstatat(3, "", [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5891] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] close(4 [pid 5085] newfstatat(4, "", [pid 5089] getdents64(3, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] getdents64(4, [pid 5089] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5085] close(4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./78/file0" [pid 5089] unlink("./78/binderfs" [pid 5085] <... rmdir resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5089] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] rmdir("./78" [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./78/file0") = 0 [pid 5891] <... ioctl resumed>) = 0 [pid 5087] getdents64(3, [pid 5089] <... umount2 resumed>) = 0 [pid 5891] close(3 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5891] <... close resumed>) = 0 [pid 5087] close(3 [pid 5891] close(4 [pid 5087] <... close resumed>) = 0 [pid 5891] <... close resumed>) = 0 [pid 5891] mkdir("./file0", 0777 [pid 5087] rmdir("./78" [pid 5891] <... mkdir resumed>) = 0 [pid 5089] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] mkdir("./79", 0777 [pid 5891] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... rmdir resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./78/file0", [pid 5087] mkdir("./79", 0777 [pid 5085] <... mkdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... ioctl resumed>) = 0 [ 141.022072][ T5891] loop3: detected capacity change from 0 to 4096 [pid 5089] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... mkdir resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... openat resumed>) = 3 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] close(4 [pid 5086] <... close resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] rmdir("./78/file0" [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... rmdir resumed>) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5087] <... openat resumed>) = 3 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5892 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./78") = 0 ./strace-static-x86_64: Process 5892 attached [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5892] set_robust_list(0x555580b0d6a0, 24 [pid 5089] mkdir("./79", 0777 [pid 5892] <... set_robust_list resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5892] chdir("./79") = 0 [pid 5892] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5892] setpgid(0, 0) = 0 [pid 5892] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5089] <... openat resumed>) = 3 [pid 5892] write(3, "1000", 4) = 4 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5892] close(3) = 0 [pid 5892] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5892] write(1, "executing program\n", 18) = 18 [pid 5892] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5892] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5892] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5892] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [ 141.062852][ T5891] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5892] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5085] <... ioctl resumed>) = 0 [pid 5892] <... mprotect resumed>) = 0 [pid 5892] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5891] <... mount resumed>) = 0 [pid 5891] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5891] chdir("./file0") = 0 [pid 5891] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5892] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5891] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] close(3 [pid 5891] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... close resumed>) = 0 [pid 5891] <... futex resumed>) = 1 [pid 5890] <... futex resumed>) = 0 [pid 5891] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5890] exit_group(0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5890] <... exit_group resumed>) = ? [pid 5891] <... futex resumed>) = ? [pid 5892] <... clone3 resumed> => {parent_tid=[5893]}, 88) = 5893 ./strace-static-x86_64: Process 5893 attached [pid 5892] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5894 [pid 5891] +++ exited with 0 +++ [pid 5890] +++ exited with 0 +++ [pid 5087] <... ioctl resumed>) = 0 [pid 5892] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5893] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5892] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5893] <... rseq resumed>) = 0 [pid 5893] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5892] <... futex resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5890, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5088] umount2("./78", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./78", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5894 attached [pid 5893] <... set_robust_list resumed>) = 0 [pid 5892] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... openat resumed>) = 3 [pid 5894] set_robust_list(0x555580b0d6a0, 24 [pid 5893] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] newfstatat(3, "", [pid 5894] <... set_robust_list resumed>) = 0 [pid 5893] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5894] chdir("./79" [pid 5088] getdents64(3, [pid 5894] <... chdir resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5894] prctl(PR_SET_PDEATHSIG, SIGKILL [ 141.124186][ T5891] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5893] memfd_create("syzkaller", 0 [pid 5088] umount2("./78/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5894] <... prctl resumed>) = 0 [pid 5893] <... memfd_create resumed>) = 3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] close(3 [pid 5894] setpgid(0, 0 [pid 5893] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] newfstatat(AT_FDCWD, "./78/binderfs", [pid 5894] <... setpgid resumed>) = 0 [pid 5893] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... close resumed>) = 0 [pid 5894] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] unlink("./78/binderfs" [pid 5894] <... openat resumed>) = 3 [pid 5089] <... ioctl resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5894] write(3, "1000", 4 [pid 5088] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5894] <... write resumed>) = 4 [pid 5894] close(3) = 0 [pid 5894] symlink("/dev/binderfs", "./binderfs" [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5894] <... symlink resumed>) = 0 executing program [pid 5894] write(1, "executing program\n", 18) = 18 [pid 5894] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] close(3 [pid 5894] <... futex resumed>) = 0 ./strace-static-x86_64: Process 5895 attached [pid 5894] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... close resumed>) = 0 [pid 5895] set_robust_list(0x555580b0d6a0, 24 [pid 5894] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5894] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5895] <... set_robust_list resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5895] chdir("./79" [pid 5894] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5894] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5896 attached [pid 5895] <... chdir resumed>) = 0 [pid 5894] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] newfstatat(AT_FDCWD, "./78/file0", [pid 5896] set_robust_list(0x555580b0d6a0, 24 [pid 5895] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5894] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5896] <... set_robust_list resumed>) = 0 [pid 5895] <... prctl resumed>) = 0 [pid 5894] <... mprotect resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5896 [pid 5088] umount2("./78/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5896] chdir("./79" [pid 5895] setpgid(0, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5895] <... setpgid resumed>) = 0 [pid 5894] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5896] <... chdir resumed>) = 0 [pid 5895] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5894] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] openat(AT_FDCWD, "./78/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5896] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5894] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5897 attached [pid 5896] <... prctl resumed>) = 0 [pid 5088] newfstatat(4, "", [pid 5897] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5896] setpgid(0, 0 [pid 5895] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5895 [pid 5897] <... rseq resumed>) = 0 [pid 5896] <... setpgid resumed>) = 0 [pid 5895] write(3, "1000", 4 [pid 5894] <... clone3 resumed> => {parent_tid=[5897]}, 88) = 5897 [pid 5088] getdents64(4, [pid 5896] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5895] <... write resumed>) = 4 [pid 5894] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5897] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5896] <... openat resumed>) = 3 [pid 5895] close(3 [pid 5894] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] getdents64(4, [pid 5897] <... set_robust_list resumed>) = 0 [pid 5895] <... close resumed>) = 0 [pid 5894] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5897] rt_sigprocmask(SIG_SETMASK, [], [pid 5896] write(3, "1000", 4 [pid 5895] symlink("/dev/binderfs", "./binderfs" [pid 5894] <... futex resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5897] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5896] <... write resumed>) = 4 [pid 5895] <... symlink resumed>) = 0 [pid 5894] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] close(4 [pid 5897] memfd_create("syzkaller", 0 [pid 5896] close(3 [pid 5088] <... close resumed>) = 0 executing program [pid 5896] <... close resumed>) = 0 [pid 5895] write(1, "executing program\n", 18 [pid 5088] rmdir("./78/file0" [pid 5896] symlink("/dev/binderfs", "./binderfs" [pid 5895] <... write resumed>) = 18 [pid 5088] <... rmdir resumed>) = 0 [pid 5896] <... symlink resumed>) = 0 [pid 5895] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000executing program [pid 5897] <... memfd_create resumed>) = 3 [pid 5896] write(1, "executing program\n", 18 [pid 5895] <... futex resumed>) = 0 [pid 5088] getdents64(3, [pid 5897] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5896] <... write resumed>) = 18 [pid 5895] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5897] <... mmap resumed>) = 0x7f1df2200000 [pid 5896] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5895] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5896] <... futex resumed>) = 0 [pid 5895] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] close(3 [pid 5896] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5895] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... close resumed>) = 0 [pid 5896] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5895] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] rmdir("./78" [pid 5896] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5895] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... rmdir resumed>) = 0 [pid 5896] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5895] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5895] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5896] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5895] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5896] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5895] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] mkdir("./79", 0777 [pid 5896] <... mprotect resumed>) = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 5896] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5896] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5895] <... clone3 resumed> => {parent_tid=[5898]}, 88) = 5898 ./strace-static-x86_64: Process 5899 attached [pid 5895] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5899] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5896] <... clone3 resumed> => {parent_tid=[5899]}, 88) = 5899 [pid 5895] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5898 attached [pid 5899] <... rseq resumed>) = 0 [pid 5896] rt_sigprocmask(SIG_SETMASK, [], [pid 5895] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5893] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5899] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5898] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5896] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5895] <... futex resumed>) = 0 [pid 5899] <... set_robust_list resumed>) = 0 [pid 5898] <... rseq resumed>) = 0 [pid 5899] rt_sigprocmask(SIG_SETMASK, [], [pid 5898] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5896] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5895] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5899] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5898] <... set_robust_list resumed>) = 0 [pid 5896] <... futex resumed>) = 0 [pid 5898] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5898] memfd_create("syzkaller", 0 [pid 5896] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5898] <... memfd_create resumed>) = 3 [pid 5898] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5899] memfd_create("syzkaller", 0) = 3 [pid 5899] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5897] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5893] <... write resumed>) = 2097152 [pid 5893] munmap(0x7f1df2200000, 138412032 [pid 5897] <... write resumed>) = 2097152 [pid 5897] munmap(0x7f1df2200000, 138412032) = 0 [pid 5893] <... munmap resumed>) = 0 [pid 5897] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5899] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5898] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5897] <... openat resumed>) = 4 [pid 5893] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] <... ioctl resumed>) = 0 [pid 5897] ioctl(4, LOOP_SET_FD, 3 [pid 5893] <... openat resumed>) = 4 [pid 5088] close(3 [pid 5897] <... ioctl resumed>) = 0 [pid 5893] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5900 attached [pid 5900] set_robust_list(0x555580b0d6a0, 24 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5900 [pid 5897] close(3) = 0 [pid 5897] close(4) = 0 [pid 5897] mkdir("./file0", 0777 [pid 5900] <... set_robust_list resumed>) = 0 [pid 5897] <... mkdir resumed>) = 0 [pid 5900] chdir("./79") = 0 [pid 5900] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5897] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5900] <... prctl resumed>) = 0 [pid 5899] <... write resumed>) = 2097152 [pid 5900] setpgid(0, 0 [pid 5893] <... ioctl resumed>) = 0 [pid 5893] close(3 [pid 5900] <... setpgid resumed>) = 0 [pid 5893] <... close resumed>) = 0 [pid 5893] close(4 [pid 5900] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5893] <... close resumed>) = 0 [pid 5893] mkdir("./file0", 0777 [pid 5900] <... openat resumed>) = 3 [pid 5893] <... mkdir resumed>) = 0 [pid 5900] write(3, "1000", 4) = 4 [pid 5900] close(3 [pid 5899] munmap(0x7f1df2200000, 138412032 [pid 5898] <... write resumed>) = 2097152 [pid 5900] <... close resumed>) = 0 [pid 5900] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5900] write(1, "executing program\n", 18 [pid 5898] munmap(0x7f1df2200000, 138412032 [pid 5900] <... write resumed>) = 18 [pid 5893] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5900] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5898] <... munmap resumed>) = 0 [pid 5900] <... futex resumed>) = 0 [pid 5900] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5899] <... munmap resumed>) = 0 [ 141.382575][ T5897] loop0: detected capacity change from 0 to 4096 [ 141.399329][ T5893] loop1: detected capacity change from 0 to 4096 [ 141.420261][ T5897] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5900] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5899] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5898] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5900] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5899] <... openat resumed>) = 4 [pid 5898] <... openat resumed>) = 4 [pid 5900] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5899] ioctl(4, LOOP_SET_FD, 3 [pid 5900] <... mmap resumed>) = 0x7f1dfa693000 [pid 5900] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5898] ioctl(4, LOOP_SET_FD, 3 [pid 5900] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5898] <... ioctl resumed>) = 0 [pid 5900] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5898] close(3 [pid 5900] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5899] <... ioctl resumed>) = 0 [pid 5898] <... close resumed>) = 0 ./strace-static-x86_64: Process 5901 attached [pid 5899] close(3 [pid 5898] close(4 [pid 5901] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5900] <... clone3 resumed> => {parent_tid=[5901]}, 88) = 5901 [pid 5899] <... close resumed>) = 0 [pid 5898] <... close resumed>) = 0 [pid 5897] <... mount resumed>) = 0 [pid 5901] <... rseq resumed>) = 0 [pid 5900] rt_sigprocmask(SIG_SETMASK, [], [pid 5899] close(4 [pid 5898] mkdir("./file0", 0777 [pid 5897] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5901] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5900] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5899] <... close resumed>) = 0 [pid 5898] <... mkdir resumed>) = 0 [pid 5901] <... set_robust_list resumed>) = 0 [pid 5900] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5899] mkdir("./file0", 0777 [pid 5898] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5897] <... openat resumed>) = 3 [pid 5901] rt_sigprocmask(SIG_SETMASK, [], [pid 5900] <... futex resumed>) = 0 [ 141.456238][ T5893] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 141.475059][ T5899] loop4: detected capacity change from 0 to 4096 [ 141.482858][ T5897] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 141.491612][ T5898] loop2: detected capacity change from 0 to 4096 [pid 5901] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5899] <... mkdir resumed>) = 0 [pid 5901] memfd_create("syzkaller", 0 [pid 5900] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5899] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5897] chdir("./file0") = 0 [pid 5897] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5901] <... memfd_create resumed>) = 3 [pid 5897] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5897] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5894] <... futex resumed>) = 0 [pid 5897] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5901] <... mmap resumed>) = 0x7f1df2200000 [pid 5894] exit_group(0 [pid 5893] <... mount resumed>) = 0 [pid 5897] <... futex resumed>) = ? [pid 5894] <... exit_group resumed>) = ? [pid 5893] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5893] chdir("./file0") = 0 [pid 5893] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5893] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5892] <... futex resumed>) = 0 [pid 5893] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5892] exit_group(0 [pid 5897] +++ exited with 0 +++ [pid 5894] +++ exited with 0 +++ [pid 5893] <... futex resumed>) = ? [pid 5892] <... exit_group resumed>) = ? [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5894, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5085] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5893] +++ exited with 0 +++ [pid 5892] +++ exited with 0 +++ [ 141.512064][ T5898] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 141.525922][ T5899] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 141.529319][ T5893] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5892, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5085] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5901] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5898] <... mount resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5898] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] <... openat resumed>) = 3 [pid 5898] <... openat resumed>) = 3 [pid 5086] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] newfstatat(3, "", [pid 5898] chdir("./file0" [pid 5086] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, [pid 5085] getdents64(3, [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5085] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./79/binderfs") = 0 [pid 5086] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5898] <... chdir resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5898] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./79/binderfs" [pid 5898] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... umount2 resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5898] <... futex resumed>) = 1 [pid 5895] <... futex resumed>) = 0 [pid 5898] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5895] exit_group(0) = ? [pid 5898] <... futex resumed>) = ? [pid 5899] <... mount resumed>) = 0 [pid 5085] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5899] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5898] +++ exited with 0 +++ [pid 5895] +++ exited with 0 +++ [pid 5086] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5899] chdir("./file0" [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5895, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5086] newfstatat(AT_FDCWD, "./79/file0", [pid 5899] <... chdir resumed>) = 0 [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5901] <... write resumed>) = 2097152 [pid 5899] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... restart_syscall resumed>) = 0 [pid 5086] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5899] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5899] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5899] <... futex resumed>) = 1 [pid 5087] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... openat resumed>) = 4 [pid 5899] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5896] <... futex resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(4, "", [pid 5896] exit_group(0 [pid 5087] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5899] <... futex resumed>) = ? [pid 5896] <... exit_group resumed>) = ? [pid 5087] <... openat resumed>) = 3 [pid 5086] getdents64(4, [pid 5899] +++ exited with 0 +++ [pid 5087] newfstatat(3, "", [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, [pid 5087] getdents64(3, [pid 5901] munmap(0x7f1df2200000, 138412032 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(4 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./79/file0" [ 141.598004][ T5898] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 141.622468][ T5899] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5087] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5086] <... rmdir resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./79/binderfs") = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5085] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] close(3 [pid 5085] newfstatat(AT_FDCWD, "./79/file0", [pid 5901] <... munmap resumed>) = 0 [pid 5896] +++ exited with 0 +++ [pid 5087] <... umount2 resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5896, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5086] <... close resumed>) = 0 [pid 5087] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] newfstatat(AT_FDCWD, "./79/file0", [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... openat resumed>) = 3 [pid 5086] rmdir("./79" [pid 5085] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] newfstatat(3, "", [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] mkdir("./80", 0777 [pid 5085] newfstatat(4, "", [pid 5089] getdents64(3, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... mkdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(4, [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... openat resumed>) = 4 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5087] newfstatat(4, "", [pid 5086] <... openat resumed>) = 3 [pid 5085] getdents64(4, [pid 5901] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5901] <... openat resumed>) = 4 [pid 5089] unlink("./79/binderfs" [pid 5087] getdents64(4, [pid 5086] <... ioctl resumed>) = 0 [pid 5085] close(4 [pid 5901] ioctl(4, LOOP_SET_FD, 3 [pid 5085] <... close resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] close(3 [pid 5085] rmdir("./79/file0" [pid 5901] <... ioctl resumed>) = 0 [pid 5089] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(4, [pid 5085] <... rmdir resumed>) = 0 [pid 5901] close(3 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] getdents64(3, [pid 5087] close(4 [pid 5901] <... close resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5901] close(4 [pid 5087] <... close resumed>) = 0 [pid 5085] close(3 [pid 5901] <... close resumed>) = 0 [pid 5087] rmdir("./79/file0" [pid 5085] <... close resumed>) = 0 [pid 5901] mkdir("./file0", 0777 [pid 5087] <... rmdir resumed>) = 0 [pid 5085] rmdir("./79" [pid 5901] <... mkdir resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5087] getdents64(3, [pid 5085] <... rmdir resumed>) = 0 [pid 5085] mkdir("./80", 0777) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./79") = 0 [pid 5901] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5087] mkdir("./80", 0777 [pid 5085] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5902 attached [pid 5087] <... mkdir resumed>) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5902 [pid 5902] set_robust_list(0x555580b0d6a0, 24 [pid 5089] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5902] <... set_robust_list resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... openat resumed>) = 3 [pid 5902] chdir("./80" [pid 5089] newfstatat(AT_FDCWD, "./79/file0", [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5902] <... chdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5902] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5902] <... prctl resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5902] setpgid(0, 0 [pid 5089] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5902] <... setpgid resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [ 141.712780][ T5901] loop3: detected capacity change from 0 to 4096 [ 141.746015][ T5901] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5089] newfstatat(4, "", [pid 5902] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5902] <... openat resumed>) = 3 [pid 5902] write(3, "1000", 4 [pid 5089] rmdir("./79/file0") = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5902] <... write resumed>) = 4 [pid 5089] <... close resumed>) = 0 [pid 5902] close(3) = 0 [pid 5089] rmdir("./79" [pid 5902] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... rmdir resumed>) = 0 [pid 5089] mkdir("./80", 0777 [pid 5902] <... symlink resumed>) = 0 [pid 5902] write(1, "executing program\n", 18 [pid 5089] <... mkdir resumed>) = 0 executing program [pid 5902] <... write resumed>) = 18 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5902] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5902] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... openat resumed>) = 3 [pid 5902] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5902] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5902] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5901] <... mount resumed>) = 0 [pid 5902] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5902] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] close(3) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 5903 ./strace-static-x86_64: Process 5903 attached [pid 5903] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5903] chdir("./80" [pid 5902] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5903] <... chdir resumed>) = 0 [pid 5902] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5903] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5903] setpgid(0, 0 [pid 5902] <... clone3 resumed> => {parent_tid=[5904]}, 88) = 5904 ./strace-static-x86_64: Process 5904 attached [pid 5904] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5902] rt_sigprocmask(SIG_SETMASK, [], [pid 5903] <... setpgid resumed>) = 0 [pid 5901] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5902] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5901] <... openat resumed>) = 3 [pid 5904] <... rseq resumed>) = 0 [pid 5902] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5904] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5903] <... openat resumed>) = 3 [pid 5902] <... futex resumed>) = 0 [pid 5901] chdir("./file0" [pid 5904] <... set_robust_list resumed>) = 0 [pid 5902] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5903] write(3, "1000", 4 [pid 5901] <... chdir resumed>) = 0 [pid 5903] <... write resumed>) = 4 [pid 5901] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5903] close(3 [pid 5901] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5903] <... close resumed>) = 0 [pid 5901] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5903] symlink("/dev/binderfs", "./binderfs" [pid 5901] <... futex resumed>) = 1 [pid 5900] <... futex resumed>) = 0 [pid 5904] rt_sigprocmask(SIG_SETMASK, [], [pid 5900] exit_group(0 [pid 5087] <... ioctl resumed>) = 0 [pid 5904] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5903] <... symlink resumed>) = 0 [pid 5900] <... exit_group resumed>) = ? [pid 5904] memfd_create("syzkaller", 0 [pid 5901] +++ exited with 0 +++ [pid 5900] +++ exited with 0 +++ [pid 5087] close(3executing program [pid 5903] write(1, "executing program\n", 18) = 18 [pid 5903] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5900, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5087] <... close resumed>) = 0 [pid 5904] <... memfd_create resumed>) = 3 [pid 5903] <... futex resumed>) = 0 [pid 5088] umount2("./79", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5904] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5903] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5903] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5904] <... mmap resumed>) = 0x7f1df2200000 [pid 5903] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5903] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5903] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5905 ./strace-static-x86_64: Process 5905 attached [pid 5903] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5905] set_robust_list(0x555580b0d6a0, 24./strace-static-x86_64: Process 5906 attached [ 141.841302][ T5901] ntfs3: loop3: Failed to initialize $Extend/$ObjId. ) = 0 [pid 5903] <... clone3 resumed> => {parent_tid=[5906]}, 88) = 5906 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5906] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5905] chdir("./80" [pid 5903] rt_sigprocmask(SIG_SETMASK, [], [pid 5906] <... rseq resumed>) = 0 [pid 5903] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5903] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5905] <... chdir resumed>) = 0 [pid 5903] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5906] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5905] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5906] <... set_robust_list resumed>) = 0 [pid 5905] <... prctl resumed>) = 0 [pid 5906] rt_sigprocmask(SIG_SETMASK, [], [pid 5905] setpgid(0, 0 [pid 5906] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5905] <... setpgid resumed>) = 0 [pid 5906] memfd_create("syzkaller", 0 [pid 5905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 executing program [pid 5905] write(3, "1000", 4 [pid 5088] openat(AT_FDCWD, "./79", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5906] <... memfd_create resumed>) = 3 [pid 5905] <... write resumed>) = 4 [pid 5089] <... ioctl resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5088] newfstatat(3, "", [pid 5906] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5905] close(3 [pid 5906] <... mmap resumed>) = 0x7f1df2200000 [pid 5905] <... close resumed>) = 0 [pid 5905] symlink("/dev/binderfs", "./binderfs" [pid 5904] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5905] <... symlink resumed>) = 0 [pid 5905] write(1, "executing program\n", 18) = 18 [pid 5088] getdents64(3, [pid 5905] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5905] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5905] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5905] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5089] close(3 [pid 5088] umount2("./79/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5905] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... close resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./79/binderfs", [pid 5905] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5905] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 ./strace-static-x86_64: Process 5907 attached [pid 5905] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5907] set_robust_list(0x555580b0d6a0, 24 [pid 5905] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5907 [pid 5905] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5908 attached [pid 5907] <... set_robust_list resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./79/binderfs" [pid 5908] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5908] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5907] chdir("./80" [pid 5905] <... clone3 resumed> => {parent_tid=[5908]}, 88) = 5908 [pid 5088] <... unlink resumed>) = 0 [pid 5908] <... set_robust_list resumed>) = 0 [pid 5907] <... chdir resumed>) = 0 [pid 5905] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5908] rt_sigprocmask(SIG_SETMASK, [], [pid 5907] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5905] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5908] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5907] <... prctl resumed>) = 0 [pid 5905] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5908] memfd_create("syzkaller", 0 [pid 5907] setpgid(0, 0 [pid 5905] <... futex resumed>) = 0 [pid 5908] <... memfd_create resumed>) = 3 [pid 5905] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5908] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5907] <... setpgid resumed>) = 0 [pid 5908] <... mmap resumed>) = 0x7f1df2200000 [pid 5907] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5907] write(3, "1000", 4) = 4 [pid 5907] close(3) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5907] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5907] write(1, "executing program\n", 18) = 18 [pid 5088] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5907] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5907] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5088] newfstatat(AT_FDCWD, "./79/file0", [pid 5907] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5906] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5907] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5907] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5907] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5907] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5904] <... write resumed>) = 2097152 ./strace-static-x86_64: Process 5909 attached [pid 5907] <... clone3 resumed> => {parent_tid=[5909]}, 88) = 5909 [pid 5088] umount2("./79/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5909] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5907] rt_sigprocmask(SIG_SETMASK, [], [pid 5909] <... rseq resumed>) = 0 [pid 5907] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5909] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5907] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5909] <... set_robust_list resumed>) = 0 [pid 5907] <... futex resumed>) = 0 [pid 5909] rt_sigprocmask(SIG_SETMASK, [], [pid 5907] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5909] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5909] memfd_create("syzkaller", 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./79/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", [pid 5904] munmap(0x7f1df2200000, 138412032 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, [pid 5909] <... memfd_create resumed>) = 3 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5909] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5904] <... munmap resumed>) = 0 [pid 5088] getdents64(4, [pid 5908] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5904] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./79/file0" [pid 5904] <... openat resumed>) = 4 [pid 5904] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... rmdir resumed>) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5904] <... ioctl resumed>) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./79") = 0 [pid 5904] close(3 [pid 5088] mkdir("./80", 0777 [pid 5904] <... close resumed>) = 0 [pid 5904] close(4 [pid 5088] <... mkdir resumed>) = 0 [pid 5904] <... close resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5904] mkdir("./file0", 0777 [pid 5088] <... openat resumed>) = 3 [pid 5904] <... mkdir resumed>) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5904] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5906] <... write resumed>) = 2097152 [ 142.045940][ T5904] loop1: detected capacity change from 0 to 4096 [pid 5906] munmap(0x7f1df2200000, 138412032 [pid 5908] <... write resumed>) = 2097152 [pid 5906] <... munmap resumed>) = 0 [pid 5909] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5908] munmap(0x7f1df2200000, 138412032 [pid 5906] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5906] ioctl(4, LOOP_SET_FD, 3 [pid 5908] <... munmap resumed>) = 0 [pid 5906] <... ioctl resumed>) = 0 [pid 5908] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5906] close(3 [pid 5908] ioctl(4, LOOP_SET_FD, 3 [pid 5906] <... close resumed>) = 0 [pid 5909] <... write resumed>) = 2097152 [pid 5906] close(4) = 0 [ 142.093499][ T5904] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 142.116079][ T5906] loop0: detected capacity change from 0 to 4096 [pid 5909] munmap(0x7f1df2200000, 138412032 [pid 5906] mkdir("./file0", 0777) = 0 [pid 5909] <... munmap resumed>) = 0 [pid 5906] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5909] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5909] ioctl(4, LOOP_SET_FD, 3 [pid 5908] <... ioctl resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5909] <... ioctl resumed>) = 0 [pid 5908] close(3 [pid 5909] close(3 [pid 5908] <... close resumed>) = 0 [pid 5904] <... mount resumed>) = 0 [pid 5088] close(3 [pid 5909] <... close resumed>) = 0 [pid 5908] close(4 [pid 5909] close(4 [pid 5908] <... close resumed>) = 0 [pid 5904] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5909] <... close resumed>) = 0 [pid 5908] mkdir("./file0", 0777 [pid 5904] <... openat resumed>) = 3 [pid 5088] <... close resumed>) = 0 [pid 5909] mkdir("./file0", 0777 [pid 5908] <... mkdir resumed>) = 0 [pid 5904] chdir("./file0" [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5909] <... mkdir resumed>) = 0 [ 142.146151][ T5908] loop2: detected capacity change from 0 to 4096 [ 142.171275][ T5906] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 142.183173][ T5909] loop4: detected capacity change from 0 to 4096 [ 142.183405][ T5904] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5904] <... chdir resumed>) = 0 [pid 5909] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5908] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5904] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5904] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5910 attached ) = 1 [pid 5902] <... futex resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5910 [pid 5910] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5902] exit_group(0 [pid 5910] chdir("./80" [pid 5902] <... exit_group resumed>) = ? [pid 5910] <... chdir resumed>) = 0 [pid 5904] +++ exited with 0 +++ [pid 5902] +++ exited with 0 +++ [pid 5910] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5902, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5910] <... prctl resumed>) = 0 [pid 5910] setpgid(0, 0) = 0 [pid 5086] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5910] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", [pid 5910] write(3, "1000", 4) = 4 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5910] close(3 [pid 5086] getdents64(3, [pid 5910] <... close resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5910] symlink("/dev/binderfs", "./binderfs" [pid 5086] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5906] <... mount resumed>) = 0 [pid 5910] <... symlink resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5906] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 executing program [pid 5906] chdir("./file0" [pid 5910] write(1, "executing program\n", 18 [pid 5086] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5910] <... write resumed>) = 18 [pid 5910] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5910] <... futex resumed>) = 0 [pid 5906] <... chdir resumed>) = 0 [pid 5086] unlink("./80/binderfs" [pid 5910] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5906] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] <... unlink resumed>) = 0 [pid 5910] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5906] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5906] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5903] <... futex resumed>) = 0 [pid 5906] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5903] exit_group(0 [pid 5910] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5906] <... futex resumed>) = ? [pid 5903] <... exit_group resumed>) = ? [ 142.234296][ T5909] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 142.247084][ T5908] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 142.262722][ T5906] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5910] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5086] <... umount2 resumed>) = 0 [pid 5906] +++ exited with 0 +++ [pid 5903] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5903, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5085] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5085] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./80/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./80/binderfs" [pid 5910] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5909] <... mount resumed>) = 0 [pid 5086] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... unlink resumed>) = 0 [pid 5910] <... mprotect resumed>) = 0 [pid 5909] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5910] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5909] <... openat resumed>) = 3 [pid 5910] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5909] chdir("./file0" [pid 5086] newfstatat(AT_FDCWD, "./80/file0", [pid 5910] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5909] <... chdir resumed>) = 0 [pid 5085] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5911 attached [pid 5909] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5908] <... mount resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5910] <... clone3 resumed> => {parent_tid=[5911]}, 88) = 5911 [pid 5909] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] rt_sigprocmask(SIG_SETMASK, [], [pid 5909] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5910] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5911] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5909] <... futex resumed>) = 1 [pid 5907] <... futex resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5911] <... rseq resumed>) = 0 [pid 5910] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5909] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5907] exit_group(0 [pid 5086] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5911] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5910] <... futex resumed>) = 0 [pid 5909] <... futex resumed>) = ? [pid 5908] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5907] <... exit_group resumed>) = ? [pid 5911] <... set_robust_list resumed>) = 0 [pid 5910] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5909] +++ exited with 0 +++ [pid 5086] <... openat resumed>) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./80/file0" [pid 5911] rt_sigprocmask(SIG_SETMASK, [], [pid 5908] <... openat resumed>) = 3 [pid 5907] +++ exited with 0 +++ [pid 5085] <... umount2 resumed>) = 0 [pid 5911] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5908] chdir("./file0" [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5907, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5908] <... chdir resumed>) = 0 [pid 5908] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5086] <... rmdir resumed>) = 0 [pid 5908] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] getdents64(3, [pid 5908] <... futex resumed>) = 1 [pid 5905] <... futex resumed>) = 0 [pid 5085] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5911] memfd_create("syzkaller", 0 [pid 5908] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5905] exit_group(0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5908] <... futex resumed>) = ? [pid 5905] <... exit_group resumed>) = ? [pid 5089] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(3 [pid 5085] newfstatat(AT_FDCWD, "./80/file0", [pid 5911] <... memfd_create resumed>) = 3 [pid 5908] +++ exited with 0 +++ [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] rmdir("./80" [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... openat resumed>) = 3 [pid 5911] <... mmap resumed>) = 0x7f1df2200000 [ 142.323666][ T5909] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 142.340980][ T5908] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5089] newfstatat(3, "", [pid 5086] <... rmdir resumed>) = 0 [pid 5085] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5905] +++ exited with 0 +++ [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] getdents64(3, [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5905, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5086] mkdir("./81", 0777 [pid 5085] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5087] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... mkdir resumed>) = 0 [pid 5085] newfstatat(4, "", [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] getdents64(4, [pid 5089] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5087] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... openat resumed>) = 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5089] unlink("./80/binderfs" [pid 5085] getdents64(4, [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] <... unlink resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] close(4 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5911] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... close resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] rmdir("./80/file0" [pid 5087] unlink("./80/binderfs") = 0 [pid 5087] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5089] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(3, [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5911] <... write resumed>) = 2097152 [pid 5089] newfstatat(AT_FDCWD, "./80/file0", [pid 5087] <... umount2 resumed>) = 0 [pid 5085] close(3 [pid 5087] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5911] munmap(0x7f1df2200000, 138412032 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... close resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./80/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] rmdir("./80" [pid 5087] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... rmdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, [pid 5085] mkdir("./81", 0777 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... mkdir resumed>) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5087] rmdir("./80/file0") = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5911] <... munmap resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5911] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(3, [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5911] <... openat resumed>) = 4 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] rmdir("./80" [pid 5086] <... ioctl resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] close(3) = 0 [pid 5911] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... openat resumed>) = 4 [pid 5087] <... rmdir resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 5087] mkdir("./81", 0777 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... mkdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 5912 attached [pid 5911] <... ioctl resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5912 [pid 5087] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5912] set_robust_list(0x555580b0d6a0, 24 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5912] <... set_robust_list resumed>) = 0 [pid 5912] chdir("./81") = 0 [pid 5911] close(3 [pid 5089] getdents64(4, [pid 5085] <... ioctl resumed>) = 0 [pid 5912] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5911] <... close resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5912] <... prctl resumed>) = 0 [pid 5911] close(4 [pid 5089] close(4 [pid 5085] close(3 [pid 5912] setpgid(0, 0 [pid 5911] <... close resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5911] mkdir("./file0", 0777 [pid 5089] rmdir("./80/file0" [pid 5912] <... setpgid resumed>) = 0 [pid 5911] <... mkdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5911] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5912] <... openat resumed>) = 3 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5912] write(3, "1000", 4 [pid 5089] <... close resumed>) = 0 [pid 5912] <... write resumed>) = 4 [pid 5089] rmdir("./80" [pid 5912] close(3 [pid 5089] <... rmdir resumed>) = 0 [pid 5912] <... close resumed>) = 0 [pid 5912] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5089] mkdir("./81", 0777executing program [pid 5912] write(1, "executing program\n", 18) = 18 [pid 5089] <... mkdir resumed>) = 0 [pid 5912] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5912] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5912] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5912] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5089] <... openat resumed>) = 3 [pid 5912] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5912] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 ./strace-static-x86_64: Process 5913 attached [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5913 [pid 5912] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5913] set_robust_list(0x555580b0d6a0, 24) = 0 ./strace-static-x86_64: Process 5914 attached [pid 5914] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5914] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5913] chdir("./81" [pid 5914] <... set_robust_list resumed>) = 0 [pid 5914] rt_sigprocmask(SIG_SETMASK, [], [pid 5913] <... chdir resumed>) = 0 [pid 5912] <... clone3 resumed> => {parent_tid=[5914]}, 88) = 5914 [pid 5914] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 142.483232][ T5911] loop3: detected capacity change from 0 to 4096 [ 142.521391][ T5911] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5914] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5913] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5912] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... ioctl resumed>) = 0 [pid 5912] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5913] <... prctl resumed>) = 0 [pid 5913] setpgid(0, 0) = 0 [pid 5912] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] close(3 [pid 5914] <... futex resumed>) = 0 [pid 5913] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5912] <... futex resumed>) = 1 [pid 5914] memfd_create("syzkaller", 0 [pid 5913] <... openat resumed>) = 3 [pid 5912] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] <... close resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5914] <... memfd_create resumed>) = 3 [pid 5914] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5913] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 5915 attached [pid 5913] close(3 [pid 5915] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5913] <... close resumed>) = 0 [pid 5913] symlink("/dev/binderfs", "./binderfs" [pid 5915] chdir("./81" [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5915 [pid 5915] <... chdir resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5915] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5913] <... symlink resumed>) = 0 [pid 5915] setpgid(0, 0executing program [pid 5913] write(1, "executing program\n", 18) = 18 [pid 5915] <... setpgid resumed>) = 0 [pid 5913] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] close(3 [pid 5915] <... openat resumed>) = 3 [pid 5913] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5913] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5913] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5913] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5916 [pid 5915] write(3, "1000", 4 [pid 5913] <... mmap resumed>) = 0x7f1dfa693000 ./strace-static-x86_64: Process 5916 attached executing program [pid 5916] set_robust_list(0x555580b0d6a0, 24 [pid 5915] <... write resumed>) = 4 [pid 5913] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5915] close(3 [pid 5913] <... mprotect resumed>) = 0 [pid 5915] <... close resumed>) = 0 [pid 5916] <... set_robust_list resumed>) = 0 [pid 5915] symlink("/dev/binderfs", "./binderfs" [pid 5916] chdir("./81" [pid 5915] <... symlink resumed>) = 0 [pid 5915] write(1, "executing program\n", 18) = 18 [pid 5915] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5915] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5913] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5916] <... chdir resumed>) = 0 [pid 5915] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5915] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5916] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5915] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5913] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5916] <... prctl resumed>) = 0 [pid 5915] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5916] setpgid(0, 0 [pid 5915] <... mmap resumed>) = 0x7f1dfa693000 [pid 5913] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5911] <... mount resumed>) = 0 [pid 5915] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 ./strace-static-x86_64: Process 5917 attached [pid 5916] <... setpgid resumed>) = 0 [pid 5917] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5916] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5915] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5913] <... clone3 resumed> => {parent_tid=[5917]}, 88) = 5917 [pid 5911] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5917] <... rseq resumed>) = 0 [pid 5913] rt_sigprocmask(SIG_SETMASK, [], [pid 5917] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5913] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5917] <... set_robust_list resumed>) = 0 [pid 5917] rt_sigprocmask(SIG_SETMASK, [], [pid 5916] <... openat resumed>) = 3 [pid 5915] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5911] <... openat resumed>) = 3 [pid 5915] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5911] chdir("./file0") = 0 [pid 5917] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5916] write(3, "1000", 4 [pid 5915] <... clone3 resumed> => {parent_tid=[5918]}, 88) = 5918 [pid 5911] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5913] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5918 attached [pid 5916] <... write resumed>) = 4 [pid 5915] rt_sigprocmask(SIG_SETMASK, [], [pid 5913] <... futex resumed>) = 0 [pid 5911] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5918] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5916] close(3 [pid 5915] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5913] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5911] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5918] <... rseq resumed>) = 0 [pid 5915] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5911] <... futex resumed>) = 1 [pid 5918] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5916] <... close resumed>) = 0 [pid 5915] <... futex resumed>) = 0 [pid 5911] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5910] <... futex resumed>) = 0 [pid 5918] <... set_robust_list resumed>) = 0 [pid 5916] symlink("/dev/binderfs", "./binderfs" [pid 5915] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5910] exit_group(0 [pid 5918] rt_sigprocmask(SIG_SETMASK, [], [pid 5911] <... futex resumed>) = ? [pid 5910] <... exit_group resumed>) = ? [pid 5918] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5911] +++ exited with 0 +++ [pid 5918] memfd_create("syzkaller", 0 [pid 5916] <... symlink resumed>) = 0 [pid 5914] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5918] <... memfd_create resumed>) = 3 [pid 5918] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [ 142.628597][ T5911] ntfs3: loop3: Failed to initialize $Extend/$ObjId. executing program [pid 5917] memfd_create("syzkaller", 0 [pid 5916] write(1, "executing program\n", 18 [pid 5910] +++ exited with 0 +++ [pid 5917] <... memfd_create resumed>) = 3 [pid 5916] <... write resumed>) = 18 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5910, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5916] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] umount2("./80", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5917] <... mmap resumed>) = 0x7f1df2200000 [pid 5916] <... futex resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5916] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5918] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5917] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5916] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5914] <... write resumed>) = 2097152 [pid 5088] openat(AT_FDCWD, "./80", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5916] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5916] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5914] munmap(0x7f1df2200000, 138412032 [pid 5088] <... openat resumed>) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, [pid 5916] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5916] <... mprotect resumed>) = 0 [pid 5088] umount2("./80/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5916] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5916] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] newfstatat(AT_FDCWD, "./80/binderfs", [pid 5916] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./80/binderfs") = 0 [pid 5088] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5916] <... clone3 resumed> => {parent_tid=[5919]}, 88) = 5919 [pid 5916] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5916] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5916] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5919 attached [pid 5088] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./80/file0", [pid 5919] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5914] <... munmap resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5919] <... rseq resumed>) = 0 [pid 5088] umount2("./80/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./80/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5919] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5088] <... openat resumed>) = 4 [pid 5088] newfstatat(4, "", [pid 5919] <... set_robust_list resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5919] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] getdents64(4, [pid 5919] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5918] <... write resumed>) = 2097152 [pid 5914] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5919] memfd_create("syzkaller", 0 [pid 5918] munmap(0x7f1df2200000, 138412032 [pid 5914] <... openat resumed>) = 4 [pid 5088] getdents64(4, [pid 5919] <... memfd_create resumed>) = 3 [pid 5914] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5917] <... write resumed>) = 2097152 [pid 5088] close(4 [pid 5919] <... mmap resumed>) = 0x7f1df2200000 [pid 5918] <... munmap resumed>) = 0 [pid 5917] munmap(0x7f1df2200000, 138412032 [pid 5088] <... close resumed>) = 0 [pid 5918] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5918] ioctl(4, LOOP_SET_FD, 3 [pid 5088] rmdir("./80/file0") = 0 [pid 5914] <... ioctl resumed>) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3 [pid 5914] close(3 [pid 5088] <... close resumed>) = 0 [pid 5914] <... close resumed>) = 0 [pid 5088] rmdir("./80" [pid 5914] close(4 [pid 5088] <... rmdir resumed>) = 0 [pid 5914] <... close resumed>) = 0 [pid 5914] mkdir("./file0", 0777 [pid 5917] <... munmap resumed>) = 0 [pid 5914] <... mkdir resumed>) = 0 [pid 5088] mkdir("./81", 0777 [pid 5914] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5917] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5917] ioctl(4, LOOP_SET_FD, 3 [pid 5918] <... ioctl resumed>) = 0 [pid 5918] close(3) = 0 [pid 5918] close(4) = 0 [pid 5919] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5918] mkdir("./file0", 0777 [pid 5917] <... ioctl resumed>) = 0 [pid 5918] <... mkdir resumed>) = 0 [pid 5918] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 142.773393][ T5914] loop1: detected capacity change from 0 to 4096 [ 142.785100][ T5918] loop2: detected capacity change from 0 to 4096 [ 142.804332][ T5914] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 142.806659][ T5917] loop0: detected capacity change from 0 to 4096 [pid 5917] close(3) = 0 [pid 5917] close(4) = 0 [pid 5917] mkdir("./file0", 0777) = 0 [ 142.829940][ T5918] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5917] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... ioctl resumed>) = 0 [pid 5914] <... mount resumed>) = 0 [pid 5919] <... write resumed>) = 2097152 [pid 5914] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5914] chdir("./file0" [pid 5088] close(3 [pid 5914] <... chdir resumed>) = 0 [pid 5919] munmap(0x7f1df2200000, 138412032 [pid 5088] <... close resumed>) = 0 [pid 5914] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5919] <... munmap resumed>) = 0 [pid 5914] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5914] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5920 [pid 5914] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL./strace-static-x86_64: Process 5920 attached [pid 5912] <... futex resumed>) = 0 [pid 5912] exit_group(0 [pid 5914] <... futex resumed>) = ? [pid 5912] <... exit_group resumed>) = ? [pid 5920] set_robust_list(0x555580b0d6a0, 24 [pid 5914] +++ exited with 0 +++ [pid 5912] +++ exited with 0 +++ [pid 5920] <... set_robust_list resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5912, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5920] chdir("./81") = 0 [ 142.883598][ T5914] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 142.901211][ T5917] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 142.922963][ T5918] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5086] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5920] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5919] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5918] <... mount resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5920] <... prctl resumed>) = 0 [pid 5919] <... openat resumed>) = 4 [pid 5086] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5920] setpgid(0, 0 [pid 5919] ioctl(4, LOOP_SET_FD, 3 [pid 5918] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... openat resumed>) = 3 [pid 5920] <... setpgid resumed>) = 0 [pid 5086] newfstatat(3, "", [pid 5918] <... openat resumed>) = 3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5918] chdir("./file0" [pid 5086] getdents64(3, [pid 5920] <... openat resumed>) = 3 [pid 5920] write(3, "1000", 4) = 4 [pid 5920] close(3 [pid 5919] <... ioctl resumed>) = 0 [pid 5918] <... chdir resumed>) = 0 [pid 5917] <... mount resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5920] <... close resumed>) = 0 [pid 5918] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5920] symlink("/dev/binderfs", "./binderfs" [pid 5918] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5920] <... symlink resumed>) = 0 [pid 5918] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5918] <... futex resumed>) = 1 [pid 5919] close(3 [pid 5086] newfstatat(AT_FDCWD, "./81/binderfs", [pid 5918] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5919] <... close resumed>) = 0 [pid 5915] <... futex resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5920] write(1, "executing program\n", 18 [pid 5919] close(4 [pid 5915] exit_group(0 [pid 5086] unlink("./81/binderfs" [pid 5920] <... write resumed>) = 18 [pid 5919] <... close resumed>) = 0 [pid 5918] <... futex resumed>) = ? [pid 5915] <... exit_group resumed>) = ? executing program [pid 5920] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5919] mkdir("./file0", 0777 [pid 5918] +++ exited with 0 +++ [pid 5915] +++ exited with 0 +++ [pid 5086] <... unlink resumed>) = 0 [pid 5920] <... futex resumed>) = 0 [pid 5919] <... mkdir resumed>) = 0 [pid 5917] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5920] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5915, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5920] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5920] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5919] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5920] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5917] <... openat resumed>) = 3 [pid 5087] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5920] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5917] chdir("./file0" [pid 5087] <... openat resumed>) = 3 [pid 5920] <... mmap resumed>) = 0x7f1dfa693000 [pid 5917] <... chdir resumed>) = 0 [pid 5087] newfstatat(3, "", [pid 5917] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5917] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./81/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./81/binderfs" [pid 5920] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] <... unlink resumed>) = 0 [pid 5917] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5917] <... futex resumed>) = 1 [pid 5917] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5920] <... mprotect resumed>) = 0 [pid 5920] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5913] <... futex resumed>) = 0 [pid 5920] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5913] exit_group(0 [pid 5087] <... umount2 resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5920] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5917] <... futex resumed>) = ? [pid 5913] <... exit_group resumed>) = ? [pid 5087] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5921 attached [pid 5917] +++ exited with 0 +++ [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(AT_FDCWD, "./81/file0", [pid 5920] <... clone3 resumed> => {parent_tid=[5921]}, 88) = 5921 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5921] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5087] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5920] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./81/file0", [pid 5921] <... rseq resumed>) = 0 [pid 5920] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5921] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5920] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5913] +++ exited with 0 +++ [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5913, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5921] <... set_robust_list resumed>) = 0 [pid 5920] <... futex resumed>) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5086] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5921] rt_sigprocmask(SIG_SETMASK, [], [pid 5920] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] newfstatat(4, "", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5921] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 142.983457][ T5919] loop4: detected capacity change from 0 to 4096 [ 142.991725][ T5917] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 143.015373][ T5919] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, [pid 5921] memfd_create("syzkaller", 0 [pid 5085] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5921] <... memfd_create resumed>) = 3 [pid 5085] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5085] <... openat resumed>) = 3 [pid 5087] close(4 [pid 5085] newfstatat(3, "", [pid 5087] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] rmdir("./81/file0" [pid 5085] getdents64(3, [pid 5086] newfstatat(4, "", [pid 5921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] getdents64(3, [pid 5085] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3 [pid 5086] getdents64(4, [pid 5921] <... mmap resumed>) = 0x7f1df2200000 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... close resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] newfstatat(AT_FDCWD, "./81/binderfs", [pid 5086] getdents64(4, [pid 5087] rmdir("./81" [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] close(4 [pid 5087] <... rmdir resumed>) = 0 [pid 5085] unlink("./81/binderfs" [pid 5086] <... close resumed>) = 0 [pid 5087] mkdir("./82", 0777 [pid 5086] rmdir("./81/file0" [pid 5085] <... unlink resumed>) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... rmdir resumed>) = 0 [pid 5085] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5922 attached , child_tidptr=0x555580b0d690) = 5922 [pid 5922] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5922] chdir("./82") = 0 [pid 5086] getdents64(3, [pid 5085] <... umount2 resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 5085] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5919] <... mount resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./81" [pid 5919] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5922] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5919] <... openat resumed>) = 3 [pid 5086] <... rmdir resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./81/file0", [pid 5922] <... prctl resumed>) = 0 [pid 5919] chdir("./file0" [pid 5086] mkdir("./82", 0777 [pid 5922] setpgid(0, 0 [pid 5919] <... chdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5922] <... setpgid resumed>) = 0 [pid 5085] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5919] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5922] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] <... mkdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5922] <... openat resumed>) = 3 [pid 5919] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5922] write(3, "1000", 4 [pid 5919] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5922] <... write resumed>) = 4 [pid 5922] close(3) = 0 [pid 5922] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5919] <... futex resumed>) = 1 [pid 5916] <... futex resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5085] <... openat resumed>) = 4 [pid 5919] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5916] exit_group(0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] newfstatat(4, "", [pid 5919] <... futex resumed>) = ? [pid 5916] <... exit_group resumed>) = ? executing program [pid 5922] write(1, "executing program\n", 18 [pid 5919] +++ exited with 0 +++ [pid 5916] +++ exited with 0 +++ [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5922] <... write resumed>) = 18 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5916, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5089] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5922] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5922] <... futex resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5922] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... openat resumed>) = 3 [ 143.075081][ T5919] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5922] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] newfstatat(3, "", [pid 5085] getdents64(4, [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5922] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5085] getdents64(4, [pid 5922] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] getdents64(3, [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5922] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] close(4 [pid 5922] <... mmap resumed>) = 0x7f1dfa693000 [pid 5921] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... close resumed>) = 0 [pid 5922] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] rmdir("./81/file0" [pid 5922] <... mprotect resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./81/binderfs", [pid 5922] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5922] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] unlink("./81/binderfs" [pid 5085] getdents64(3, [pid 5922] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] <... unlink resumed>) = 0 [pid 5089] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5923 attached [pid 5922] <... clone3 resumed> => {parent_tid=[5923]}, 88) = 5923 [pid 5085] close(3 [pid 5923] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5922] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... umount2 resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5922] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5922] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5922] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5923] <... rseq resumed>) = 0 [pid 5085] rmdir("./81" [pid 5923] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5923] <... set_robust_list resumed>) = 0 [pid 5089] rmdir("./81/file0" [pid 5085] <... rmdir resumed>) = 0 [pid 5923] rt_sigprocmask(SIG_SETMASK, [], [pid 5921] <... write resumed>) = 2097152 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] mkdir("./82", 0777 [pid 5923] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5921] munmap(0x7f1df2200000, 138412032 [pid 5085] <... mkdir resumed>) = 0 [pid 5923] memfd_create("syzkaller", 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5923] <... memfd_create resumed>) = 3 [pid 5923] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] <... openat resumed>) = 3 [pid 5923] <... mmap resumed>) = 0x7f1df2200000 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] getdents64(3, [pid 5921] <... munmap resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./81") = 0 [pid 5089] mkdir("./82", 0777) = 0 [pid 5921] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... ioctl resumed>) = 0 [pid 5921] <... openat resumed>) = 4 [pid 5921] ioctl(4, LOOP_SET_FD, 3 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5921] <... ioctl resumed>) = 0 [pid 5921] close(3) = 0 [pid 5921] close(4) = 0 [pid 5921] mkdir("./file0", 0777) = 0 [pid 5921] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5923] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] close(3) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 5924 ./strace-static-x86_64: Process 5924 attached [pid 5924] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5924] chdir("./82") = 0 [pid 5924] prctl(PR_SET_PDEATHSIG, SIGKILL [ 143.209139][ T5921] loop3: detected capacity change from 0 to 4096 [ 143.241858][ T5921] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5085] close(3 [pid 5924] <... prctl resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5924] setpgid(0, 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5924] <... setpgid resumed>) = 0 [pid 5924] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5925 attached ) = 3 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5925 [pid 5925] set_robust_list(0x555580b0d6a0, 24 [pid 5924] write(3, "1000", 4 [pid 5925] <... set_robust_list resumed>) = 0 [pid 5924] <... write resumed>) = 4 [pid 5925] chdir("./82" [pid 5924] close(3) = 0 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5925] <... chdir resumed>) = 0 [pid 5924] symlink("/dev/binderfs", "./binderfs" [pid 5925] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program ) = 0 [pid 5924] <... symlink resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5926 [pid 5925] setpgid(0, 0 [pid 5924] write(1, "executing program\n", 18 [pid 5925] <... setpgid resumed>) = 0 [pid 5924] <... write resumed>) = 18 ./strace-static-x86_64: Process 5926 attached [pid 5925] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5924] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5926] set_robust_list(0x555580b0d6a0, 24 [pid 5925] <... openat resumed>) = 3 [pid 5924] <... futex resumed>) = 0 [pid 5926] <... set_robust_list resumed>) = 0 [pid 5925] write(3, "1000", 4 [pid 5924] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5926] chdir("./82" [pid 5925] <... write resumed>) = 4 [pid 5924] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5926] <... chdir resumed>) = 0 [pid 5925] close(3 [pid 5924] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5923] <... write resumed>) = 2097152 [pid 5926] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5925] <... close resumed>) = 0 [pid 5924] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5926] <... prctl resumed>) = 0 [pid 5925] symlink("/dev/binderfs", "./binderfs" [pid 5924] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0executing program [pid 5926] setpgid(0, 0 [pid 5925] <... symlink resumed>) = 0 [pid 5924] <... mmap resumed>) = 0x7f1dfa693000 [pid 5925] write(1, "executing program\n", 18 [pid 5924] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5923] munmap(0x7f1df2200000, 138412032 [pid 5926] <... setpgid resumed>) = 0 [pid 5925] <... write resumed>) = 18 [pid 5924] <... mprotect resumed>) = 0 [pid 5924] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5925] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5924] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5925] <... futex resumed>) = 0 [pid 5924] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5925] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5925] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5924] <... clone3 resumed> => {parent_tid=[5927]}, 88) = 5927 [pid 5925] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5924] rt_sigprocmask(SIG_SETMASK, [], [pid 5926] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5925] <... mmap resumed>) = 0x7f1dfa693000 [pid 5924] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5927 attached [pid 5926] <... openat resumed>) = 3 [pid 5925] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5924] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5923] <... munmap resumed>) = 0 [pid 5921] <... mount resumed>) = 0 [pid 5927] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5926] write(3, "1000", 4 [pid 5925] <... mprotect resumed>) = 0 [pid 5924] <... futex resumed>) = 0 [pid 5927] <... rseq resumed>) = 0 [pid 5926] <... write resumed>) = 4 [pid 5921] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5927] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5926] close(3 [pid 5924] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5923] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5921] <... openat resumed>) = 3 [pid 5927] <... set_robust_list resumed>) = 0 [pid 5926] <... close resumed>) = 0 [pid 5925] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5923] <... openat resumed>) = 4 [pid 5927] rt_sigprocmask(SIG_SETMASK, [], [pid 5926] symlink("/dev/binderfs", "./binderfs" [pid 5925] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5921] chdir("./file0" [pid 5927] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5925] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5926] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5928 attached [pid 5928] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5925] <... clone3 resumed> => {parent_tid=[5928]}, 88) = 5928 [pid 5928] <... rseq resumed>) = 0 [pid 5927] memfd_create("syzkaller", 0 [pid 5925] rt_sigprocmask(SIG_SETMASK, [], executing program [pid 5928] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5926] write(1, "executing program\n", 18 [pid 5921] <... chdir resumed>) = 0 [pid 5928] <... set_robust_list resumed>) = 0 [pid 5926] <... write resumed>) = 18 [pid 5925] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5921] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5928] rt_sigprocmask(SIG_SETMASK, [], [pid 5926] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5925] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5928] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5926] <... futex resumed>) = 0 [pid 5925] <... futex resumed>) = 0 [pid 5921] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5928] memfd_create("syzkaller", 0 [pid 5927] <... memfd_create resumed>) = 3 [pid 5926] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5925] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5923] ioctl(4, LOOP_SET_FD, 3 [pid 5921] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5926] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5927] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5921] <... futex resumed>) = 1 [pid 5920] <... futex resumed>) = 0 [pid 5926] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5927] <... mmap resumed>) = 0x7f1df2200000 [pid 5920] exit_group(0 [pid 5926] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5921] +++ exited with 0 +++ [pid 5920] <... exit_group resumed>) = ? [pid 5928] <... memfd_create resumed>) = 3 [pid 5926] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5920] +++ exited with 0 +++ [pid 5928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5926] <... mmap resumed>) = 0x7f1dfa693000 [pid 5926] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5920, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5926] <... mprotect resumed>) = 0 [pid 5923] <... ioctl resumed>) = 0 [pid 5088] umount2("./81", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5926] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5923] close(3 [pid 5088] openat(AT_FDCWD, "./81", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5926] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5923] <... close resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5923] close(4 [pid 5088] newfstatat(3, "", [pid 5926] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, [pid 5926] <... clone3 resumed> => {parent_tid=[5929]}, 88) = 5929 ./strace-static-x86_64: Process 5929 attached [pid 5928] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5927] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5926] rt_sigprocmask(SIG_SETMASK, [], [pid 5923] <... close resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5926] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 143.348493][ T5921] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 143.372527][ T5923] loop2: detected capacity change from 0 to 4096 [pid 5923] mkdir("./file0", 0777 [pid 5929] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5926] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] umount2("./81/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5929] <... rseq resumed>) = 0 [pid 5929] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5929] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5929] memfd_create("syzkaller", 0 [pid 5926] <... futex resumed>) = 0 [pid 5923] <... mkdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5926] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5923] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] newfstatat(AT_FDCWD, "./81/binderfs", [pid 5929] <... memfd_create resumed>) = 3 [pid 5929] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5929] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] unlink("./81/binderfs") = 0 [pid 5088] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5927] <... write resumed>) = 2097152 [pid 5927] munmap(0x7f1df2200000, 138412032 [pid 5088] <... umount2 resumed>) = 0 [pid 5927] <... munmap resumed>) = 0 [pid 5088] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./81/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./81/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./81/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5928] <... write resumed>) = 2097152 [pid 5927] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4 [pid 5927] <... openat resumed>) = 4 [pid 5088] <... close resumed>) = 0 [pid 5928] munmap(0x7f1df2200000, 138412032 [pid 5088] rmdir("./81/file0" [pid 5928] <... munmap resumed>) = 0 [pid 5927] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... rmdir resumed>) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [ 143.441989][ T5923] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5088] rmdir("./81") = 0 [pid 5929] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] mkdir("./82", 0777) = 0 [pid 5928] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5928] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5927] <... ioctl resumed>) = 0 [pid 5928] close(3) = 0 [pid 5928] close(4) = 0 [pid 5928] mkdir("./file0", 0777) = 0 [pid 5927] close(3) = 0 [pid 5923] <... mount resumed>) = 0 [pid 5927] close(4 [pid 5929] <... write resumed>) = 2097152 [pid 5928] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5927] <... close resumed>) = 0 [pid 5923] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5929] munmap(0x7f1df2200000, 138412032 [pid 5927] mkdir("./file0", 0777) = 0 [ 143.499576][ T5927] loop1: detected capacity change from 0 to 4096 [ 143.513217][ T5928] loop0: detected capacity change from 0 to 4096 [ 143.525610][ T5923] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5929] <... munmap resumed>) = 0 [pid 5927] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5923] <... openat resumed>) = 3 [pid 5088] <... ioctl resumed>) = 0 [pid 5929] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5923] chdir("./file0" [pid 5929] <... openat resumed>) = 4 [pid 5923] <... chdir resumed>) = 0 [pid 5088] close(3 [pid 5923] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... close resumed>) = 0 [pid 5929] ioctl(4, LOOP_SET_FD, 3 [pid 5923] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5923] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5923] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5922] <... futex resumed>) = 0 [pid 5922] exit_group(0 [pid 5923] <... futex resumed>) = ? [pid 5922] <... exit_group resumed>) = ? [pid 5923] +++ exited with 0 +++ [pid 5922] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5922, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5930 ./strace-static-x86_64: Process 5930 attached [pid 5930] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5087] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5930] chdir("./82" [pid 5929] <... ioctl resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 143.558378][ T5928] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 143.570401][ T5927] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 143.584119][ T5929] loop4: detected capacity change from 0 to 4096 [pid 5930] <... chdir resumed>) = 0 [pid 5929] close(3 [pid 5087] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5930] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5087] newfstatat(3, "", [pid 5930] setpgid(0, 0) = 0 [pid 5929] <... close resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5930] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5929] close(4 [pid 5087] getdents64(3, [pid 5930] <... openat resumed>) = 3 [pid 5929] <... close resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5930] write(3, "1000", 4 [pid 5929] mkdir("./file0", 0777 [pid 5930] <... write resumed>) = 4 [pid 5929] <... mkdir resumed>) = 0 [pid 5087] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5930] close(3 [pid 5929] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, ""executing program [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5930] <... close resumed>) = 0 [pid 5928] <... mount resumed>) = 0 [pid 5930] symlink("/dev/binderfs", "./binderfs" [pid 5928] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5930] <... symlink resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./82/binderfs", [pid 5930] write(1, "executing program\n", 18 [pid 5928] <... openat resumed>) = 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5928] chdir("./file0" [pid 5930] <... write resumed>) = 18 [pid 5928] <... chdir resumed>) = 0 [pid 5930] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5928] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5930] <... futex resumed>) = 0 [pid 5930] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5928] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] unlink("./82/binderfs" [pid 5930] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5928] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5930] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5928] <... futex resumed>) = 1 [pid 5930] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5928] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5925] <... futex resumed>) = 0 [pid 5930] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5925] exit_group(0 [pid 5930] <... mmap resumed>) = 0x7f1dfa693000 [pid 5928] <... futex resumed>) = ? [pid 5925] <... exit_group resumed>) = ? [pid 5087] <... unlink resumed>) = 0 [pid 5930] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5928] +++ exited with 0 +++ [pid 5930] <... mprotect resumed>) = 0 [pid 5087] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5930] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5930] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5931]}, 88) = 5931 ./strace-static-x86_64: Process 5931 attached [pid 5930] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5931] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5930] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5931] <... rseq resumed>) = 0 [pid 5930] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5931] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5925] +++ exited with 0 +++ [pid 5087] <... umount2 resumed>) = 0 [pid 5931] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5925, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5931] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5927] <... mount resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./82/file0", [pid 5931] memfd_create("syzkaller", 0 [pid 5927] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5931] <... memfd_create resumed>) = 3 [pid 5927] <... openat resumed>) = 3 [pid 5087] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5931] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5927] chdir("./file0" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 143.626898][ T5928] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 143.648006][ T5929] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 143.666129][ T5927] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5087] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5927] <... chdir resumed>) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5085] <... openat resumed>) = 3 [pid 5931] <... mmap resumed>) = 0x7f1df2200000 [pid 5927] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5087] newfstatat(4, "", [pid 5085] newfstatat(3, "", [pid 5927] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5927] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5927] <... futex resumed>) = 1 [pid 5924] <... futex resumed>) = 0 [pid 5087] getdents64(4, [pid 5085] getdents64(3, [pid 5927] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5924] exit_group(0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5927] <... futex resumed>) = ? [pid 5924] <... exit_group resumed>) = ? [pid 5087] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5927] +++ exited with 0 +++ [pid 5924] +++ exited with 0 +++ [pid 5085] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5924, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5085] newfstatat(AT_FDCWD, "./82/binderfs", [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5087] <... close resumed>) = 0 [pid 5086] <... restart_syscall resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] rmdir("./82/file0" [pid 5085] unlink("./82/binderfs" [pid 5086] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... unlink resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... close resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", [pid 5087] rmdir("./82" [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, [pid 5087] mkdir("./83", 0777 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] <... mkdir resumed>) = 0 [pid 5086] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] unlink("./82/binderfs" [pid 5087] <... openat resumed>) = 3 [pid 5086] <... unlink resumed>) = 0 [pid 5929] <... mount resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5929] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5929] chdir("./file0" [pid 5085] <... umount2 resumed>) = 0 [pid 5929] <... chdir resumed>) = 0 [pid 5929] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5929] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5926] <... futex resumed>) = 0 [pid 5926] exit_group(0) = ? [pid 5929] <... futex resumed>) = ? [pid 5929] +++ exited with 0 +++ [pid 5926] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5926, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5089] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5089] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... openat resumed>) = 3 [pid 5086] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(AT_FDCWD, "./82/file0", [pid 5089] newfstatat(3, "", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] newfstatat(AT_FDCWD, "./82/file0", [pid 5085] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] getdents64(3, [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5931] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... openat resumed>) = 4 [pid 5089] newfstatat(AT_FDCWD, "./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./82/binderfs") = 0 [pid 5089] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... openat resumed>) = 4 [pid 5085] newfstatat(4, "", [pid 5086] newfstatat(4, "", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, [pid 5086] getdents64(4, [pid 5089] <... umount2 resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, [pid 5085] getdents64(4, [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4 [pid 5085] close(4 [pid 5086] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5086] rmdir("./82/file0" [pid 5085] rmdir("./82/file0" [pid 5089] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [ 143.729175][ T5929] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5089] newfstatat(AT_FDCWD, "./82/file0", [pid 5086] getdents64(3, [pid 5085] getdents64(3, [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 5085] close(3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./82/file0") = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./82") = 0 [pid 5089] mkdir("./83", 0777) = 0 [pid 5086] rmdir("./82" [pid 5085] rmdir("./82" [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5085] <... rmdir resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5086] <... rmdir resumed>) = 0 [pid 5085] mkdir("./83", 0777 [pid 5931] <... write resumed>) = 2097152 [pid 5086] mkdir("./83", 0777 [pid 5085] <... mkdir resumed>) = 0 [pid 5931] munmap(0x7f1df2200000, 138412032 [pid 5086] <... mkdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] <... openat resumed>) = 3 [pid 5086] <... openat resumed>) = 3 [pid 5931] <... munmap resumed>) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5931] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5931] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... ioctl resumed>) = 0 [pid 5931] <... ioctl resumed>) = 0 [pid 5931] close(3) = 0 [pid 5931] close(4 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 5932 [pid 5931] <... close resumed>) = 0 ./strace-static-x86_64: Process 5932 attached [pid 5932] set_robust_list(0x555580b0d6a0, 24 [pid 5931] mkdir("./file0", 0777 [pid 5089] <... ioctl resumed>) = 0 [ 143.824891][ T5931] loop3: detected capacity change from 0 to 4096 [pid 5089] close(3 [pid 5932] <... set_robust_list resumed>) = 0 [pid 5931] <... mkdir resumed>) = 0 [pid 5932] chdir("./83" [pid 5931] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5932] <... chdir resumed>) = 0 [pid 5932] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 5933 [pid 5932] setpgid(0, 0./strace-static-x86_64: Process 5933 attached [pid 5086] <... ioctl resumed>) = 0 [pid 5933] set_robust_list(0x555580b0d6a0, 24 [pid 5932] <... setpgid resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5933] <... set_robust_list resumed>) = 0 [pid 5932] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5933] chdir("./83" [pid 5932] <... openat resumed>) = 3 [pid 5086] close(3 [pid 5085] close(3 [pid 5933] <... chdir resumed>) = 0 [pid 5932] write(3, "1000", 4 [pid 5933] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5932] <... write resumed>) = 4 [pid 5086] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5933] <... prctl resumed>) = 0 [pid 5932] close(3) = 0 [pid 5933] setpgid(0, 0 [pid 5932] symlink("/dev/binderfs", "./binderfs" [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5933] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5934 attached [pid 5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5932] <... symlink resumed>) = 0 [pid 5932] write(1, "executing program\n", 18 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5935 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5934 executing program [pid 5933] <... openat resumed>) = 3 [pid 5932] <... write resumed>) = 18 ./strace-static-x86_64: Process 5935 attached [pid 5935] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5935] chdir("./83") = 0 [pid 5935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5935] setpgid(0, 0) = 0 [ 143.892357][ T5931] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5934] set_robust_list(0x555580b0d6a0, 24 [pid 5933] write(3, "1000", 4 [pid 5932] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5935] <... openat resumed>) = 3 [pid 5934] <... set_robust_list resumed>) = 0 [pid 5933] <... write resumed>) = 4 [pid 5932] <... futex resumed>) = 0 [pid 5935] write(3, "1000", 4 [pid 5934] chdir("./83" [pid 5935] <... write resumed>) = 4 [pid 5932] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5935] close(3 [pid 5932] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5934] <... chdir resumed>) = 0 [pid 5935] <... close resumed>) = 0 [pid 5934] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5932] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5935] symlink("/dev/binderfs", "./binderfs" [pid 5934] <... prctl resumed>) = 0 [pid 5933] close(3 [pid 5932] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5935] <... symlink resumed>) = 0 [pid 5934] setpgid(0, 0 [pid 5933] <... close resumed>) = 0 [pid 5932] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0executing program [pid 5935] write(1, "executing program\n", 18 [pid 5934] <... setpgid resumed>) = 0 [pid 5933] symlink("/dev/binderfs", "./binderfs" [pid 5932] <... mmap resumed>) = 0x7f1dfa693000 [pid 5932] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5934] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5933] <... symlink resumed>) = 0 [pid 5932] <... mprotect resumed>) = 0 [pid 5932] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5935] <... write resumed>) = 18 [pid 5932] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5935] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5934] <... openat resumed>) = 3 [pid 5932] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5933] write(1, "executing program\n", 18executing program ./strace-static-x86_64: Process 5936 attached [pid 5935] <... futex resumed>) = 0 [pid 5933] <... write resumed>) = 18 [pid 5936] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5933] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5936] <... rseq resumed>) = 0 [pid 5934] write(3, "1000", 4 [pid 5933] <... futex resumed>) = 0 [pid 5932] <... clone3 resumed> => {parent_tid=[5936]}, 88) = 5936 [pid 5936] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5934] <... write resumed>) = 4 [pid 5933] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5932] rt_sigprocmask(SIG_SETMASK, [], [pid 5936] <... set_robust_list resumed>) = 0 [pid 5934] close(3 [pid 5933] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5932] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5936] rt_sigprocmask(SIG_SETMASK, [], [pid 5934] <... close resumed>) = 0 [pid 5933] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5932] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5936] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5934] symlink("/dev/binderfs", "./binderfs" [pid 5933] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5932] <... futex resumed>) = 0 [pid 5935] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5936] memfd_create("syzkaller", 0 [pid 5935] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5933] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5932] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5935] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5933] <... mmap resumed>) = 0x7f1dfa693000 [pid 5936] <... memfd_create resumed>) = 3 [pid 5935] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5934] <... symlink resumed>) = 0 [pid 5933] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5936] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5935] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5933] <... mprotect resumed>) = 0 executing program [pid 5935] <... mmap resumed>) = 0x7f1dfa693000 [pid 5933] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5936] <... mmap resumed>) = 0x7f1df2200000 [pid 5935] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5934] write(1, "executing program\n", 18 [pid 5933] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5935] <... mprotect resumed>) = 0 [pid 5934] <... write resumed>) = 18 [pid 5935] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5935] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5937]}, 88) = 5937 [pid 5935] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5935] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5937 attached ) = 0 [pid 5937] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5935] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5937] <... rseq resumed>) = 0 [pid 5937] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5937] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5937] memfd_create("syzkaller", 0 [pid 5934] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5933] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5937] <... memfd_create resumed>) = 3 [pid 5934] <... futex resumed>) = 0 [pid 5937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5934] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5933] <... clone3 resumed> => {parent_tid=[5938]}, 88) = 5938 [pid 5937] <... mmap resumed>) = 0x7f1df2200000 [pid 5934] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5933] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5938 attached [pid 5938] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5934] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5933] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5931] <... mount resumed>) = 0 [pid 5938] <... rseq resumed>) = 0 [pid 5934] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5933] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5931] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5938] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5934] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5933] <... futex resumed>) = 0 [pid 5938] <... set_robust_list resumed>) = 0 [pid 5934] <... mmap resumed>) = 0x7f1dfa693000 [pid 5933] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5931] <... openat resumed>) = 3 [pid 5938] rt_sigprocmask(SIG_SETMASK, [], [pid 5934] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5931] chdir("./file0" [pid 5938] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5934] <... mprotect resumed>) = 0 [pid 5938] memfd_create("syzkaller", 0) = 3 [pid 5934] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5931] <... chdir resumed>) = 0 [pid 5938] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5934] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5931] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5938] <... mmap resumed>) = 0x7f1df2200000 [pid 5934] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5931] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 5939 attached [pid 5931] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5931] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5930] <... futex resumed>) = 0 [pid 5939] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5934] <... clone3 resumed> => {parent_tid=[5939]}, 88) = 5939 [pid 5930] exit_group(0 [pid 5939] <... rseq resumed>) = 0 [pid 5934] rt_sigprocmask(SIG_SETMASK, [], [pid 5939] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5931] <... futex resumed>) = ? [pid 5930] <... exit_group resumed>) = ? [pid 5934] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5931] +++ exited with 0 +++ [pid 5939] <... set_robust_list resumed>) = 0 [pid 5934] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5930] +++ exited with 0 +++ [pid 5939] rt_sigprocmask(SIG_SETMASK, [], [pid 5934] <... futex resumed>) = 0 [pid 5939] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5934] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5930, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5939] memfd_create("syzkaller", 0 [pid 5088] <... restart_syscall resumed>) = 0 [pid 5939] <... memfd_create resumed>) = 3 [pid 5939] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] umount2("./82", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./82", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5939] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] <... openat resumed>) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./82/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 144.031273][ T5931] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5936] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] newfstatat(AT_FDCWD, "./82/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./82/binderfs") = 0 [pid 5088] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5088] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5938] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] newfstatat(AT_FDCWD, "./82/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./82/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./82/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./82/file0") = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./82") = 0 [pid 5088] mkdir("./83", 0777 [pid 5937] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5939] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5936] <... write resumed>) = 2097152 [pid 5937] <... write resumed>) = 2097152 [pid 5938] <... write resumed>) = 2097152 [pid 5936] munmap(0x7f1df2200000, 138412032 [pid 5937] munmap(0x7f1df2200000, 138412032 [pid 5936] <... munmap resumed>) = 0 [pid 5939] <... write resumed>) = 2097152 [pid 5938] munmap(0x7f1df2200000, 138412032 [pid 5939] munmap(0x7f1df2200000, 138412032 [pid 5937] <... munmap resumed>) = 0 [pid 5937] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5936] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5937] <... openat resumed>) = 4 [pid 5937] ioctl(4, LOOP_SET_FD, 3 [pid 5936] <... openat resumed>) = 4 [pid 5938] <... munmap resumed>) = 0 [pid 5939] <... munmap resumed>) = 0 [pid 5937] <... ioctl resumed>) = 0 [pid 5936] ioctl(4, LOOP_SET_FD, 3 [pid 5939] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5939] ioctl(4, LOOP_SET_FD, 3 [pid 5937] close(3 [pid 5936] <... ioctl resumed>) = 0 [pid 5936] close(3 [pid 5937] <... close resumed>) = 0 [pid 5937] close(4 [pid 5936] <... close resumed>) = 0 [pid 5938] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5937] <... close resumed>) = 0 [pid 5936] close(4 [pid 5088] <... ioctl resumed>) = 0 [pid 5937] mkdir("./file0", 0777 [pid 5936] <... close resumed>) = 0 [pid 5088] close(3 [pid 5938] <... openat resumed>) = 4 [pid 5938] ioctl(4, LOOP_SET_FD, 3 [pid 5937] <... mkdir resumed>) = 0 [pid 5936] mkdir("./file0", 0777 [pid 5088] <... close resumed>) = 0 [pid 5939] <... ioctl resumed>) = 0 [pid 5938] <... ioctl resumed>) = 0 [pid 5937] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5936] <... mkdir resumed>) = 0 [ 144.191447][ T5937] loop1: detected capacity change from 0 to 4096 [ 144.207723][ T5936] loop2: detected capacity change from 0 to 4096 [ 144.208900][ T5939] loop0: detected capacity change from 0 to 4096 [ 144.227664][ T5938] loop4: detected capacity change from 0 to 4096 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5939] close(3 [pid 5938] close(3 [pid 5939] <... close resumed>) = 0 [pid 5936] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5939] close(4 [pid 5938] <... close resumed>) = 0 [pid 5939] <... close resumed>) = 0 [pid 5938] close(4 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5940 ./strace-static-x86_64: Process 5940 attached [pid 5940] set_robust_list(0x555580b0d6a0, 24 [pid 5939] mkdir("./file0", 0777 [pid 5938] <... close resumed>) = 0 [pid 5940] <... set_robust_list resumed>) = 0 [pid 5938] mkdir("./file0", 0777 [pid 5940] chdir("./83") = 0 [pid 5939] <... mkdir resumed>) = 0 [pid 5940] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5940] setpgid(0, 0) = 0 [pid 5939] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5938] <... mkdir resumed>) = 0 [pid 5940] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5938] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 144.244253][ T5937] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 144.261449][ T5936] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 144.281276][ T5939] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5940] write(3, "1000", 4) = 4 [pid 5940] close(3) = 0 [pid 5940] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5940] write(1, "executing program\n", 18executing program ) = 18 [pid 5940] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5940] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5940] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5940] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5940] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5940] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5940] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5941]}, 88) = 5941 [pid 5940] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5940] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 5941 attached [pid 5940] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5941] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5941] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5941] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 144.294975][ T5938] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 144.315392][ T5937] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5941] memfd_create("syzkaller", 0) = 3 [pid 5937] <... mount resumed>) = 0 [pid 5941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5937] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5937] chdir("./file0") = 0 [pid 5937] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5937] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5935] <... futex resumed>) = 0 [pid 5937] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5936] <... mount resumed>) = 0 [pid 5935] exit_group(0 [pid 5937] <... futex resumed>) = ? [pid 5935] <... exit_group resumed>) = ? [pid 5937] +++ exited with 0 +++ [pid 5936] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5935] +++ exited with 0 +++ [pid 5936] <... openat resumed>) = 3 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5935, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5936] chdir("./file0" [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5936] <... chdir resumed>) = 0 [pid 5086] <... restart_syscall resumed>) = 0 [pid 5936] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5936] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5086] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5936] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5932] <... futex resumed>) = 0 [pid 5086] newfstatat(3, "", [pid 5932] exit_group(0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5936] <... futex resumed>) = ? [pid 5932] <... exit_group resumed>) = ? [pid 5086] getdents64(3, [pid 5936] +++ exited with 0 +++ [pid 5932] +++ exited with 0 +++ [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5932, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5086] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(AT_FDCWD, "./83/binderfs", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] unlink("./83/binderfs" [pid 5087] <... openat resumed>) = 3 [pid 5086] <... unlink resumed>) = 0 [pid 5086] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5087] getdents64(3, [pid 5939] <... mount resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5939] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 144.347033][ T5936] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 144.386064][ T5939] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5087] newfstatat(AT_FDCWD, "./83/binderfs", [pid 5086] newfstatat(AT_FDCWD, "./83/file0", [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5939] <... openat resumed>) = 3 [pid 5087] unlink("./83/binderfs" [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5087] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5941] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5939] chdir("./file0" [pid 5938] <... mount resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5939] <... chdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5939] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./83/file0", [pid 5939] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5087] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(4, "", [pid 5939] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5934] <... futex resumed>) = 0 [pid 5939] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5934] exit_group(0 [pid 5938] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5934] <... exit_group resumed>) = ? [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5939] <... futex resumed>) = ? [pid 5938] <... openat resumed>) = 3 [pid 5087] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] getdents64(4, [pid 5939] +++ exited with 0 +++ [pid 5938] chdir("./file0" [pid 5934] +++ exited with 0 +++ [pid 5087] <... openat resumed>) = 4 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5938] <... chdir resumed>) = 0 [pid 5086] getdents64(4, [pid 5938] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] newfstatat(4, "", [pid 5086] close(4) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5934, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5085] restart_syscall(<... resuming interrupted clone ...> [pid 5086] rmdir("./83/file0" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... restart_syscall resumed>) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... rmdir resumed>) = 0 [pid 5087] getdents64(4, [pid 5085] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5938] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5938] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] close(4 [pid 5085] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5938] <... futex resumed>) = 1 [pid 5933] <... futex resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5086] close(3 [pid 5085] <... openat resumed>) = 3 [pid 5938] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5933] exit_group(0 [pid 5087] rmdir("./83/file0" [pid 5085] newfstatat(3, "", [pid 5938] <... futex resumed>) = ? [pid 5933] <... exit_group resumed>) = ? [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5941] <... write resumed>) = 2097152 [pid 5938] +++ exited with 0 +++ [pid 5933] +++ exited with 0 +++ [pid 5087] getdents64(3, [ 144.425304][ T5938] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5085] getdents64(3, [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] close(3 [pid 5085] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... close resumed>) = 0 [pid 5941] munmap(0x7f1df2200000, 138412032 [pid 5086] rmdir("./83" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5933, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5087] rmdir("./83" [pid 5085] newfstatat(AT_FDCWD, "./83/binderfs", [pid 5089] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] mkdir("./84", 0777 [pid 5085] unlink("./83/binderfs" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... mkdir resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... openat resumed>) = 3 [pid 5087] <... openat resumed>) = 3 [pid 5941] <... munmap resumed>) = 0 [pid 5089] newfstatat(3, "", [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] mkdir("./84", 0777 [pid 5085] <... umount2 resumed>) = 0 [pid 5085] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./83/file0") = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./83" [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5089] getdents64(3, [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... rmdir resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5085] mkdir("./84", 0777 [pid 5941] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] <... mkdir resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5941] <... openat resumed>) = 4 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] newfstatat(AT_FDCWD, "./83/binderfs", [pid 5941] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] unlink("./83/binderfs") = 0 [pid 5089] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5941] <... ioctl resumed>) = 0 [pid 5941] close(3) = 0 [pid 5941] close(4) = 0 [pid 5941] mkdir("./file0", 0777) = 0 [pid 5941] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... umount2 resumed>) = 0 [pid 5089] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] <... ioctl resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] close(3 [pid 5085] <... ioctl resumed>) = 0 [pid 5089] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5087] <... close resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5942 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4 [pid 5085] close(3 [pid 5089] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5089] rmdir("./83/file0" [pid 5086] <... ioctl resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5942 attached [pid 5942] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5942] chdir("./84"./strace-static-x86_64: Process 5943 attached [pid 5089] <... rmdir resumed>) = 0 [ 144.515407][ T5941] loop3: detected capacity change from 0 to 4096 [ 144.553005][ T5941] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5086] close(3) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5943 [pid 5942] <... chdir resumed>) = 0 [pid 5089] getdents64(3, [pid 5942] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5942] setpgid(0, 0 [pid 5089] close(3 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5942] <... setpgid resumed>) = 0 [pid 5943] set_robust_list(0x555580b0d6a0, 24 [pid 5942] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5943] <... set_robust_list resumed>) = 0 [pid 5943] chdir("./84") = 0 [pid 5942] <... openat resumed>) = 3 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./83" [pid 5943] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5942] write(3, "1000", 4 [pid 5943] <... prctl resumed>) = 0 [pid 5942] <... write resumed>) = 4 [pid 5943] setpgid(0, 0 [pid 5942] close(3 [pid 5943] <... setpgid resumed>) = 0 [pid 5942] <... close resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5944 [pid 5943] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5942] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5944 attached [pid 5943] <... openat resumed>) = 3 [pid 5942] <... symlink resumed>) = 0 [pid 5944] set_robust_list(0x555580b0d6a0, 24 executing program [pid 5089] mkdir("./84", 0777 [pid 5943] write(3, "1000", 4 [pid 5942] write(1, "executing program\n", 18 [pid 5944] <... set_robust_list resumed>) = 0 [pid 5943] <... write resumed>) = 4 [pid 5942] <... write resumed>) = 18 [pid 5089] <... mkdir resumed>) = 0 [pid 5942] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5942] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5942] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5943] close(3 [pid 5942] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5943] <... close resumed>) = 0 [pid 5942] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5943] symlink("/dev/binderfs", "./binderfs" [pid 5942] <... mmap resumed>) = 0x7f1dfa693000 [pid 5943] <... symlink resumed>) = 0 [pid 5942] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5944] chdir("./84" [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWRexecuting program [pid 5943] write(1, "executing program\n", 18 [pid 5942] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... openat resumed>) = 3 [pid 5943] <... write resumed>) = 18 [pid 5942] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5943] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5942] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5944] <... chdir resumed>) = 0 [pid 5943] <... futex resumed>) = 0 [pid 5941] <... mount resumed>) = 0 [pid 5944] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5943] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5942] <... clone3 resumed> => {parent_tid=[5945]}, 88) = 5945 [pid 5944] <... prctl resumed>) = 0 [pid 5943] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5942] rt_sigprocmask(SIG_SETMASK, [], [pid 5941] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 5945 attached [pid 5944] setpgid(0, 0 [pid 5943] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5942] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5944] <... setpgid resumed>) = 0 [pid 5943] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5942] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5943] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5942] <... futex resumed>) = 0 [pid 5944] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5943] <... mmap resumed>) = 0x7f1dfa693000 [pid 5942] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5943] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5941] <... openat resumed>) = 3 [pid 5944] <... openat resumed>) = 3 [pid 5943] <... mprotect resumed>) = 0 [pid 5941] chdir("./file0" [pid 5945] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5943] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5943] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5941] <... chdir resumed>) = 0 [pid 5945] <... rseq resumed>) = 0 ./strace-static-x86_64: Process 5946 attached [pid 5945] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5944] write(3, "1000", 4 [pid 5941] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5946] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5945] <... set_robust_list resumed>) = 0 [pid 5943] <... clone3 resumed> => {parent_tid=[5946]}, 88) = 5946 [pid 5946] <... rseq resumed>) = 0 [pid 5945] rt_sigprocmask(SIG_SETMASK, [], [pid 5944] <... write resumed>) = 4 [pid 5943] rt_sigprocmask(SIG_SETMASK, [], [pid 5941] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5946] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5945] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5944] close(3 [pid 5943] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5946] <... set_robust_list resumed>) = 0 [pid 5943] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5941] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5946] rt_sigprocmask(SIG_SETMASK, [], [pid 5945] memfd_create("syzkaller", 0 [pid 5944] <... close resumed>) = 0 [pid 5943] <... futex resumed>) = 0 [pid 5941] <... futex resumed>) = 1 [pid 5940] <... futex resumed>) = 0 [pid 5946] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5945] <... memfd_create resumed>) = 3 [pid 5944] symlink("/dev/binderfs", "./binderfs" [pid 5943] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5941] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5940] exit_group(0 [pid 5945] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5944] <... symlink resumed>) = 0 [pid 5941] <... futex resumed>) = ? [pid 5940] <... exit_group resumed>) = ? [pid 5946] memfd_create("syzkaller", 0 [pid 5945] <... mmap resumed>) = 0x7f1df2200000 [pid 5941] +++ exited with 0 +++ [pid 5940] +++ exited with 0 +++ executing program [pid 5946] <... memfd_create resumed>) = 3 [pid 5944] write(1, "executing program\n", 18 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5940, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5944] <... write resumed>) = 18 [ 144.617145][ T5941] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5944] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... restart_syscall resumed>) = 0 [pid 5946] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] umount2("./83", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5944] <... futex resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./83", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5944] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] <... openat resumed>) = 3 [pid 5944] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] newfstatat(3, "", [pid 5944] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5944] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] getdents64(3, [pid 5944] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5944] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] umount2("./83/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./83/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5944] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] unlink("./83/binderfs" [pid 5944] <... mprotect resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5944] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5088] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5944] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5947]}, 88) = 5947 [pid 5944] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5944] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5947 attached [pid 5947] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5947] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5947] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5947] memfd_create("syzkaller", 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5944] <... futex resumed>) = 0 [pid 5947] <... memfd_create resumed>) = 3 [pid 5944] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5947] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] newfstatat(AT_FDCWD, "./83/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./83/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./83/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./83/file0") = 0 [pid 5089] close(3) = 0 [pid 5088] getdents64(3, [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5948 [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./83") = 0 ./strace-static-x86_64: Process 5948 attached [pid 5088] mkdir("./84", 0777) = 0 [pid 5948] set_robust_list(0x555580b0d6a0, 24 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5948] <... set_robust_list resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5948] chdir("./84" [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5948] <... chdir resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5948] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] close(3 [pid 5948] <... prctl resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5948] setpgid(0, 0 [pid 5945] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5948] <... setpgid resumed>) = 0 [pid 5948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5948] write(3, "1000", 4) = 4 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5949 [pid 5948] close(3) = 0 ./strace-static-x86_64: Process 5949 attached [pid 5948] symlink("/dev/binderfs", "./binderfs" [pid 5949] set_robust_list(0x555580b0d6a0, 24 [pid 5948] <... symlink resumed>) = 0 [pid 5949] <... set_robust_list resumed>) = 0 [pid 5949] chdir("./84") = 0 [pid 5949] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5949] setpgid(0, 0) = 0 executing program [pid 5949] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5948] write(1, "executing program\n", 18) = 18 [pid 5949] <... openat resumed>) = 3 [pid 5948] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5949] write(3, "1000", 4 [pid 5948] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5949] <... write resumed>) = 4 [pid 5948] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5946] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5949] close(3 [pid 5948] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5949] <... close resumed>) = 0 [pid 5948] <... rt_sigprocmask resumed>NULL, 8) = 0 executing program [pid 5949] symlink("/dev/binderfs", "./binderfs" [pid 5948] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5949] <... symlink resumed>) = 0 [pid 5948] <... mmap resumed>) = 0x7f1dfa693000 [pid 5949] write(1, "executing program\n", 18 [pid 5948] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5949] <... write resumed>) = 18 [pid 5948] <... mprotect resumed>) = 0 [pid 5949] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5948] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5947] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5949] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5949] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5949] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5948] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5949] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5948] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5950 attached [pid 5949] <... mprotect resumed>) = 0 [pid 5950] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5949] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5950] <... rseq resumed>) = 0 [pid 5950] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5948] <... clone3 resumed> => {parent_tid=[5950]}, 88) = 5950 [pid 5950] <... set_robust_list resumed>) = 0 [pid 5949] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5948] rt_sigprocmask(SIG_SETMASK, [], [pid 5950] rt_sigprocmask(SIG_SETMASK, [], [pid 5949] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5948] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5950] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5950] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5948] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5950] <... futex resumed>) = 0 [pid 5948] <... futex resumed>) = 1 [pid 5950] memfd_create("syzkaller", 0 [pid 5948] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5949] <... clone3 resumed> => {parent_tid=[5951]}, 88) = 5951 [pid 5949] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5949] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5949] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5951 attached [pid 5950] <... memfd_create resumed>) = 3 [pid 5951] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5950] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5951] <... rseq resumed>) = 0 [pid 5951] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5950] <... mmap resumed>) = 0x7f1df2200000 [pid 5951] <... set_robust_list resumed>) = 0 [pid 5951] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5951] memfd_create("syzkaller", 0) = 3 [pid 5951] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5945] <... write resumed>) = 2097152 [pid 5951] <... mmap resumed>) = 0x7f1df2200000 [pid 5945] munmap(0x7f1df2200000, 138412032 [pid 5946] <... write resumed>) = 2097152 [pid 5945] <... munmap resumed>) = 0 [pid 5945] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5945] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5946] munmap(0x7f1df2200000, 138412032 [pid 5947] <... write resumed>) = 2097152 [pid 5947] munmap(0x7f1df2200000, 138412032 [pid 5946] <... munmap resumed>) = 0 [pid 5947] <... munmap resumed>) = 0 [pid 5951] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5950] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5945] close(3 [pid 5946] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5945] <... close resumed>) = 0 [pid 5945] close(4 [pid 5946] <... openat resumed>) = 4 [pid 5946] ioctl(4, LOOP_SET_FD, 3 [pid 5945] <... close resumed>) = 0 [pid 5947] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5946] <... ioctl resumed>) = 0 [pid 5947] <... openat resumed>) = 4 [ 144.882401][ T5945] loop2: detected capacity change from 0 to 4096 [ 144.911788][ T5946] loop0: detected capacity change from 0 to 4096 [pid 5947] ioctl(4, LOOP_SET_FD, 3 [pid 5951] <... write resumed>) = 2097152 [pid 5946] close(3) = 0 [pid 5946] close(4 [pid 5945] mkdir("./file0", 0777) = 0 [pid 5951] munmap(0x7f1df2200000, 138412032 [pid 5946] <... close resumed>) = 0 [pid 5945] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5946] mkdir("./file0", 0777 [pid 5951] <... munmap resumed>) = 0 [pid 5947] <... ioctl resumed>) = 0 [pid 5946] <... mkdir resumed>) = 0 [pid 5946] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5947] close(3) = 0 [pid 5947] close(4) = 0 [pid 5947] mkdir("./file0", 0777) = 0 [ 144.933443][ T5947] loop1: detected capacity change from 0 to 4096 [ 144.947588][ T5945] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5951] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5947] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5951] ioctl(4, LOOP_SET_FD, 3 [pid 5950] <... write resumed>) = 2097152 [pid 5950] munmap(0x7f1df2200000, 138412032) = 0 [pid 5950] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5950] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5951] <... ioctl resumed>) = 0 [pid 5951] close(3 [pid 5950] close(3 [pid 5951] <... close resumed>) = 0 [pid 5950] <... close resumed>) = 0 [pid 5951] close(4 [pid 5950] close(4) = 0 [ 144.979414][ T5946] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 144.982498][ T5947] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 144.999352][ T5951] loop3: detected capacity change from 0 to 4096 [ 145.007948][ T5950] loop4: detected capacity change from 0 to 4096 [pid 5950] mkdir("./file0", 0777) = 0 [pid 5951] <... close resumed>) = 0 [pid 5950] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5951] mkdir("./file0", 0777) = 0 [pid 5947] <... mount resumed>) = 0 [pid 5946] <... mount resumed>) = 0 [pid 5946] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5946] chdir("./file0") = 0 [pid 5951] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5947] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5947] chdir("./file0") = 0 [pid 5947] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [ 145.047820][ T5947] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 145.056810][ T5946] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 145.064670][ T5950] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5947] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5946] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5947] <... futex resumed>) = 1 [pid 5946] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5944] <... futex resumed>) = 0 [pid 5947] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5946] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5944] exit_group(0 [pid 5947] <... futex resumed>) = ? [pid 5946] <... futex resumed>) = 1 [pid 5944] <... exit_group resumed>) = ? [pid 5943] <... futex resumed>) = 0 [pid 5946] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5943] exit_group(0 [pid 5947] +++ exited with 0 +++ [pid 5946] <... futex resumed>) = ? [pid 5945] <... mount resumed>) = 0 [pid 5944] +++ exited with 0 +++ [pid 5943] <... exit_group resumed>) = ? [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5944, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5946] +++ exited with 0 +++ [pid 5943] +++ exited with 0 +++ [pid 5086] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5943, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5086] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./84/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./84/binderfs" [pid 5945] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5950] <... mount resumed>) = 0 [pid 5085] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5950] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5945] <... openat resumed>) = 3 [pid 5945] chdir("./file0") = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5950] <... openat resumed>) = 3 [pid 5945] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5085] <... openat resumed>) = 3 [pid 5945] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] newfstatat(3, "", [pid 5950] chdir("./file0" [pid 5945] <... futex resumed>) = 1 [pid 5942] <... futex resumed>) = 0 [pid 5945] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5950] <... chdir resumed>) = 0 [pid 5942] exit_group(0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5950] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5945] <... futex resumed>) = ? [pid 5942] <... exit_group resumed>) = ? [pid 5085] getdents64(3, [pid 5945] +++ exited with 0 +++ [pid 5950] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5950] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5942] +++ exited with 0 +++ [pid 5950] <... futex resumed>) = 1 [pid 5948] <... futex resumed>) = 0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5942, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5948] exit_group(0) = ? [pid 5950] +++ exited with 0 +++ [pid 5948] +++ exited with 0 +++ [pid 5087] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... unlink resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5948, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [ 145.091422][ T5951] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 145.112983][ T5945] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 145.137031][ T5950] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5087] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5087] <... openat resumed>) = 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(3, "", [pid 5089] <... restart_syscall resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5086] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(3, [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] newfstatat(AT_FDCWD, "./84/file0", [pid 5087] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] unlink("./84/binderfs" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] unlink("./84/binderfs" [pid 5086] <... openat resumed>) = 4 [pid 5089] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... unlink resumed>) = 0 [pid 5086] newfstatat(4, "", [pid 5085] <... unlink resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5087] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./84/file0") = 0 [pid 5089] newfstatat(3, "", [pid 5085] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, [pid 5951] <... mount resumed>) = 0 [pid 5089] getdents64(3, [pid 5087] <... umount2 resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./84/file0", [pid 5085] newfstatat(AT_FDCWD, "./84/file0", [pid 5951] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] close(3 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5951] <... openat resumed>) = 3 [pid 5086] <... close resumed>) = 0 [pid 5951] chdir("./file0" [pid 5086] rmdir("./84" [pid 5951] <... chdir resumed>) = 0 [pid 5089] unlink("./84/binderfs" [pid 5087] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5951] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] <... openat resumed>) = 4 [pid 5951] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] newfstatat(4, "", [pid 5951] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... unlink resumed>) = 0 [pid 5086] mkdir("./85", 0777 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5085] newfstatat(4, "", [pid 5949] <... futex resumed>) = 0 [pid 5949] exit_group(0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5949] <... exit_group resumed>) = ? [pid 5085] getdents64(4, [pid 5087] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5951] <... futex resumed>) = ? [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, [pid 5089] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5951] +++ exited with 0 +++ [pid 5949] +++ exited with 0 +++ [pid 5087] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5085] close(4 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5949, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5088] umount2("./84", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] close(4 [pid 5085] <... close resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... close resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./84", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] rmdir("./84/file0" [pid 5087] rmdir("./84/file0" [pid 5088] <... openat resumed>) = 3 [pid 5088] newfstatat(3, "", [pid 5087] <... rmdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] <... rmdir resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, [pid 5086] <... openat resumed>) = 3 [pid 5085] getdents64(3, [pid 5088] getdents64(3, [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] close(3 [pid 5085] close(3 [pid 5088] umount2("./84/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] rmdir("./84" [pid 5088] newfstatat(AT_FDCWD, "./84/binderfs", [pid 5085] rmdir("./84" [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5088] unlink("./84/binderfs" [pid 5085] mkdir("./85", 0777) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5088] <... unlink resumed>) = 0 [ 145.198708][ T5951] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5087] mkdir("./85", 0777 [pid 5089] <... umount2 resumed>) = 0 [pid 5088] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... ioctl resumed>) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5089] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, [pid 5086] close(3 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] <... umount2 resumed>) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... close resumed>) = 0 [pid 5089] close(4 [pid 5088] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] <... close resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] rmdir("./84/file0") = 0 [pid 5088] newfstatat(AT_FDCWD, "./84/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./84/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./84/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5952 attached [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5952 [pid 5952] set_robust_list(0x555580b0d6a0, 24 [pid 5088] close(4 [pid 5952] <... set_robust_list resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5952] chdir("./85" [pid 5088] rmdir("./84/file0" [pid 5952] <... chdir resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5952] setpgid(0, 0 [pid 5089] getdents64(3, [pid 5088] getdents64(3, [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5952] <... setpgid resumed>) = 0 [pid 5952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5952] <... openat resumed>) = 3 [pid 5088] rmdir("./84") = 0 [pid 5952] write(3, "1000", 4) = 4 [pid 5952] close(3 [pid 5088] mkdir("./85", 0777 [pid 5952] <... close resumed>) = 0 [pid 5952] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 5089] rmdir("./84"executing program [pid 5952] write(1, "executing program\n", 18) = 18 [pid 5952] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5952] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5952] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5952] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5952] <... mmap resumed>) = 0x7f1dfa693000 [pid 5952] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5089] mkdir("./85", 0777 [pid 5952] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5952] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5952] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5953 attached [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5087] close(3 [pid 5953] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5952] <... clone3 resumed> => {parent_tid=[5953]}, 88) = 5953 [pid 5087] <... close resumed>) = 0 [pid 5953] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5952] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5953] <... set_robust_list resumed>) = 0 [pid 5952] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5952] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5952] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5953] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5954 ./strace-static-x86_64: Process 5954 attached [pid 5954] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5954] chdir("./85" [pid 5953] memfd_create("syzkaller", 0 [pid 5954] <... chdir resumed>) = 0 [pid 5953] <... memfd_create resumed>) = 3 [pid 5954] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5954] <... prctl resumed>) = 0 [pid 5954] setpgid(0, 0) = 0 [pid 5954] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5953] <... mmap resumed>) = 0x7f1df2200000 [pid 5085] close(3 [pid 5954] <... openat resumed>) = 3 [pid 5085] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5954] write(3, "1000", 4) = 4 [pid 5954] close(3) = 0 [pid 5954] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5954] write(1, "executing program\n", 18executing program ) = 18 [pid 5954] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5954] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5954] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5954] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5955 [pid 5954] <... mmap resumed>) = 0x7f1dfa693000 [pid 5954] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 ./strace-static-x86_64: Process 5955 attached [pid 5954] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... ioctl resumed>) = 0 [pid 5954] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5954] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[5956]}, 88) = 5956 [pid 5954] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5954] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5954] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5956 attached [pid 5956] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5956] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5956] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5955] set_robust_list(0x555580b0d6a0, 24 [pid 5956] memfd_create("syzkaller", 0 [pid 5955] <... set_robust_list resumed>) = 0 [pid 5088] close(3 [pid 5956] <... memfd_create resumed>) = 3 [pid 5088] <... close resumed>) = 0 [pid 5956] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5955] chdir("./85" [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5955] <... chdir resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5955] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5953] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] close(3 [pid 5955] <... prctl resumed>) = 0 [pid 5955] setpgid(0, 0 [pid 5089] <... close resumed>) = 0 ./strace-static-x86_64: Process 5957 attached [pid 5955] <... setpgid resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5957 [pid 5955] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5957] set_robust_list(0x555580b0d6a0, 24 [pid 5955] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5958 attached [pid 5957] <... set_robust_list resumed>) = 0 [pid 5955] write(3, "1000", 4 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5958 [pid 5957] chdir("./85") = 0 [pid 5958] set_robust_list(0x555580b0d6a0, 24 [pid 5957] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5955] <... write resumed>) = 4 [pid 5953] <... write resumed>) = 2097152 [pid 5958] <... set_robust_list resumed>) = 0 [pid 5957] <... prctl resumed>) = 0 [pid 5955] close(3 [pid 5953] munmap(0x7f1df2200000, 138412032 [pid 5957] setpgid(0, 0 [pid 5955] <... close resumed>) = 0 [pid 5958] chdir("./85" [pid 5955] symlink("/dev/binderfs", "./binderfs" [pid 5957] <... setpgid resumed>) = 0 [pid 5955] <... symlink resumed>) = 0 executing program [pid 5957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5955] write(1, "executing program\n", 18) = 18 [pid 5958] <... chdir resumed>) = 0 [pid 5957] <... openat resumed>) = 3 [pid 5955] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5958] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5955] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5958] <... prctl resumed>) = 0 [pid 5955] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5956] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5955] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5958] setpgid(0, 0 [pid 5955] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5958] <... setpgid resumed>) = 0 [pid 5957] write(3, "1000", 4 [pid 5955] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5957] <... write resumed>) = 4 [pid 5958] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5955] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5957] close(3) = 0 [pid 5955] <... mprotect resumed>) = 0 [pid 5957] symlink("/dev/binderfs", "./binderfs" [pid 5958] <... openat resumed>) = 3 [pid 5957] <... symlink resumed>) = 0 [pid 5955] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5953] <... munmap resumed>) = 0 executing program [pid 5957] write(1, "executing program\n", 18 [pid 5955] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5958] write(3, "1000", 4 [pid 5957] <... write resumed>) = 18 [pid 5955] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5953] <... openat resumed>) = 4 [pid 5957] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5953] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5959 attached [pid 5957] <... futex resumed>) = 0 [pid 5959] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5959] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5958] <... write resumed>) = 4 [pid 5957] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5956] <... write resumed>) = 2097152 [pid 5955] <... clone3 resumed> => {parent_tid=[5959]}, 88) = 5959 [pid 5953] <... ioctl resumed>) = 0 [pid 5959] rt_sigprocmask(SIG_SETMASK, [], [pid 5958] close(3 [pid 5957] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5956] munmap(0x7f1df2200000, 138412032 [pid 5955] rt_sigprocmask(SIG_SETMASK, [], [pid 5953] close(3 [pid 5959] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5958] <... close resumed>) = 0 [pid 5957] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5955] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5959] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5958] symlink("/dev/binderfs", "./binderfs" [pid 5957] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5955] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5953] <... close resumed>) = 0 [pid 5959] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5958] <... symlink resumed>) = 0 [pid 5957] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5955] <... futex resumed>) = 0 [pid 5953] close(4 [pid 5955] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5959] memfd_create("syzkaller", 0 [pid 5958] write(1, "executing program\n", 18 [pid 5957] <... mmap resumed>) = 0x7f1dfa693000 [pid 5956] <... munmap resumed>) = 0 [pid 5953] <... close resumed>) = 0 [pid 5953] mkdir("./file0", 0777executing program [pid 5959] <... memfd_create resumed>) = 3 [pid 5958] <... write resumed>) = 18 [pid 5957] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5956] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5953] <... mkdir resumed>) = 0 [pid 5957] <... mprotect resumed>) = 0 [pid 5956] <... openat resumed>) = 4 [pid 5953] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5959] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5958] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5957] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5956] ioctl(4, LOOP_SET_FD, 3 [pid 5959] <... mmap resumed>) = 0x7f1df2200000 [pid 5958] <... futex resumed>) = 0 [pid 5958] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5957] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5958] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5957] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5958] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 5960 attached [pid 5960] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5958] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5960] <... rseq resumed>) = 0 [pid 5958] <... mmap resumed>) = 0x7f1dfa693000 [pid 5960] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5958] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5957] <... clone3 resumed> => {parent_tid=[5960]}, 88) = 5960 [pid 5960] <... set_robust_list resumed>) = 0 [pid 5958] <... mprotect resumed>) = 0 [pid 5957] rt_sigprocmask(SIG_SETMASK, [], [pid 5960] rt_sigprocmask(SIG_SETMASK, [], [pid 5958] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5957] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5960] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5958] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5957] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5958] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5957] <... futex resumed>) = 0 [pid 5957] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5961 attached [pid 5960] memfd_create("syzkaller", 0 [pid 5958] <... clone3 resumed> => {parent_tid=[5961]}, 88) = 5961 [pid 5956] <... ioctl resumed>) = 0 [pid 5961] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5960] <... memfd_create resumed>) = 3 [pid 5958] rt_sigprocmask(SIG_SETMASK, [], [pid 5956] close(3 [pid 5960] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5958] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5956] <... close resumed>) = 0 [pid 5961] <... rseq resumed>) = 0 [pid 5960] <... mmap resumed>) = 0x7f1df2200000 [pid 5958] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5956] close(4 [pid 5961] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5958] <... futex resumed>) = 0 [pid 5956] <... close resumed>) = 0 [pid 5958] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5961] <... set_robust_list resumed>) = 0 [pid 5961] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5961] memfd_create("syzkaller", 0 [ 145.506889][ T5953] loop1: detected capacity change from 0 to 4096 [ 145.534009][ T5953] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 145.534085][ T5956] loop2: detected capacity change from 0 to 4096 [pid 5956] mkdir("./file0", 0777 [pid 5961] <... memfd_create resumed>) = 3 [pid 5959] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5956] <... mkdir resumed>) = 0 [pid 5961] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5956] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5953] <... mount resumed>) = 0 [pid 5953] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5953] chdir("./file0") = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5953] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5952] <... futex resumed>) = 0 [pid 5953] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5959] <... write resumed>) = 2097152 [pid 5952] exit_group(0 [pid 5959] munmap(0x7f1df2200000, 138412032 [pid 5953] <... futex resumed>) = ? [pid 5952] <... exit_group resumed>) = ? [pid 5953] +++ exited with 0 +++ [pid 5952] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5952, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [ 145.608714][ T5953] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 145.609789][ T5956] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5086] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5960] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./85/binderfs") = 0 [pid 5086] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5959] <... munmap resumed>) = 0 [pid 5961] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5959] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] <... umount2 resumed>) = 0 [pid 5959] <... openat resumed>) = 4 [pid 5086] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, [pid 5959] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./85/file0") = 0 [pid 5959] <... ioctl resumed>) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5959] close(3 [pid 5956] <... mount resumed>) = 0 [pid 5959] <... close resumed>) = 0 [pid 5956] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5959] close(4 [pid 5960] <... write resumed>) = 2097152 [pid 5959] <... close resumed>) = 0 [pid 5956] <... openat resumed>) = 3 [pid 5960] munmap(0x7f1df2200000, 138412032 [pid 5959] mkdir("./file0", 0777 [pid 5956] chdir("./file0" [pid 5086] close(3 [pid 5959] <... mkdir resumed>) = 0 [pid 5956] <... chdir resumed>) = 0 [pid 5960] <... munmap resumed>) = 0 [pid 5959] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5956] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... close resumed>) = 0 [pid 5960] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5956] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5960] <... openat resumed>) = 4 [ 145.690835][ T5956] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 145.702927][ T5959] loop0: detected capacity change from 0 to 4096 [pid 5956] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5960] ioctl(4, LOOP_SET_FD, 3 [pid 5956] <... futex resumed>) = 1 [pid 5954] <... futex resumed>) = 0 [pid 5086] rmdir("./85" [pid 5961] <... write resumed>) = 2097152 [pid 5956] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5954] exit_group(0 [pid 5086] <... rmdir resumed>) = 0 [pid 5954] <... exit_group resumed>) = ? [pid 5086] mkdir("./86", 0777) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5960] <... ioctl resumed>) = 0 [pid 5960] close(3 [pid 5961] munmap(0x7f1df2200000, 138412032 [pid 5956] <... futex resumed>) = ? [pid 5960] <... close resumed>) = 0 [ 145.742127][ T5960] loop3: detected capacity change from 0 to 4096 [ 145.748991][ T5959] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 145.782240][ T5959] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5960] close(4 [pid 5961] <... munmap resumed>) = 0 [pid 5960] <... close resumed>) = 0 [pid 5956] +++ exited with 0 +++ [pid 5954] +++ exited with 0 +++ [pid 5960] mkdir("./file0", 0777 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5954, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5960] <... mkdir resumed>) = 0 [pid 5960] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5961] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5959] <... mount resumed>) = 0 [pid 5961] <... openat resumed>) = 4 [pid 5959] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5961] ioctl(4, LOOP_SET_FD, 3 [pid 5959] <... openat resumed>) = 3 [pid 5087] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./85/binderfs" [pid 5961] <... ioctl resumed>) = 0 [pid 5959] chdir("./file0" [pid 5087] <... unlink resumed>) = 0 [pid 5961] close(3 [pid 5959] <... chdir resumed>) = 0 [pid 5087] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5961] <... close resumed>) = 0 [pid 5959] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5961] close(4 [pid 5087] <... umount2 resumed>) = 0 [pid 5959] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5961] <... close resumed>) = 0 [pid 5087] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... ioctl resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5961] mkdir("./file0", 0777 [pid 5959] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] newfstatat(AT_FDCWD, "./85/file0", [pid 5961] <... mkdir resumed>) = 0 [pid 5960] <... mount resumed>) = 0 [pid 5959] <... futex resumed>) = 1 [pid 5955] <... futex resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] close(3 [pid 5959] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5087] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5955] exit_group(0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5959] <... futex resumed>) = ? [pid 5955] <... exit_group resumed>) = ? [pid 5087] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5959] +++ exited with 0 +++ [pid 5961] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5960] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5955] +++ exited with 0 +++ [pid 5087] <... openat resumed>) = 4 [pid 5086] <... close resumed>) = 0 [pid 5087] newfstatat(4, "", [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5960] <... openat resumed>) = 3 [pid 5960] chdir("./file0" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5960] <... chdir resumed>) = 0 [ 145.789221][ T5960] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 145.801507][ T5961] loop4: detected capacity change from 0 to 4096 [ 145.825728][ T5960] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5087] getdents64(4, [pid 5960] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5962 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5955, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5085] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5085] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, ./strace-static-x86_64: Process 5962 attached 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5962] set_robust_list(0x555580b0d6a0, 24 [pid 5085] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5962] <... set_robust_list resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5962] chdir("./86" [pid 5085] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5962] <... chdir resumed>) = 0 [pid 5085] unlink("./85/binderfs" [pid 5962] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] getdents64(4, [pid 5085] <... unlink resumed>) = 0 [pid 5960] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5962] <... prctl resumed>) = 0 [pid 5085] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5962] setpgid(0, 0) = 0 [pid 5960] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] close(4 [pid 5960] <... futex resumed>) = 1 [pid 5957] <... futex resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5962] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5960] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5957] exit_group(0 [pid 5087] rmdir("./85/file0" [pid 5960] <... futex resumed>) = ? [pid 5957] <... exit_group resumed>) = ? [pid 5087] <... rmdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5962] <... openat resumed>) = 3 [pid 5960] +++ exited with 0 +++ [pid 5957] +++ exited with 0 +++ [pid 5087] getdents64(3, [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5957, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./85") = 0 [pid 5087] mkdir("./86", 0777 [pid 5088] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5962] write(3, "1000", 4 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5962] <... write resumed>) = 4 [pid 5088] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... mkdir resumed>) = 0 [pid 5962] close(3 [pid 5088] <... openat resumed>) = 3 [pid 5085] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5962] <... close resumed>) = 0 [pid 5088] newfstatat(3, "", [pid 5962] symlink("/dev/binderfs", "./binderfs" [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5962] <... symlink resumed>) = 0 [pid 5088] getdents64(3, [pid 5085] newfstatat(AT_FDCWD, "./85/file0", [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... openat resumed>) = 3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5088] newfstatat(AT_FDCWD, "./85/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./85/binderfs") = 0 [ 145.850601][ T5961] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5088] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5962] write(1, "executing program\n", 18 [pid 5088] <... umount2 resumed>) = 0 [pid 5085] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5962] <... write resumed>) = 18 [pid 5085] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] <... openat resumed>) = 4 [pid 5088] newfstatat(AT_FDCWD, "./85/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5962] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5962] <... futex resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(4, "", [pid 5962] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5962] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5962] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5085] getdents64(4, [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5962] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5962] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] getdents64(4, [pid 5085] getdents64(4, [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5962] <... mmap resumed>) = 0x7f1dfa693000 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5962] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5085] close(4 [pid 5962] <... mprotect resumed>) = 0 [pid 5088] close(4 [pid 5085] <... close resumed>) = 0 [pid 5962] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5961] <... mount resumed>) = 0 [pid 5085] rmdir("./85/file0" [pid 5962] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5961] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... close resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5962] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] rmdir("./85/file0" [pid 5961] <... openat resumed>) = 3 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5962] <... clone3 resumed> => {parent_tid=[5963]}, 88) = 5963 [pid 5961] chdir("./file0" [pid 5085] close(3./strace-static-x86_64: Process 5963 attached [pid 5962] rt_sigprocmask(SIG_SETMASK, [], [pid 5961] <... chdir resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5963] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5962] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5961] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] getdents64(3, [pid 5085] rmdir("./85" [pid 5963] <... rseq resumed>) = 0 [pid 5962] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5961] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5962] <... futex resumed>) = 0 [pid 5963] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5085] mkdir("./86", 0777 [pid 5963] <... set_robust_list resumed>) = 0 [pid 5962] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5961] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] close(3 [pid 5085] <... mkdir resumed>) = 0 [pid 5963] rt_sigprocmask(SIG_SETMASK, [], [pid 5961] <... futex resumed>) = 1 [pid 5088] <... close resumed>) = 0 [pid 5963] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5961] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5958] <... futex resumed>) = 0 [pid 5088] rmdir("./85" [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5958] exit_group(0 [pid 5963] memfd_create("syzkaller", 0 [pid 5961] <... futex resumed>) = ? [pid 5958] <... exit_group resumed>) = ? [pid 5088] <... rmdir resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5963] <... memfd_create resumed>) = 3 [ 145.926979][ T5961] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5963] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5961] +++ exited with 0 +++ [pid 5958] +++ exited with 0 +++ [pid 5088] mkdir("./86", 0777 [pid 5087] close(3 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5958, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5088] <... mkdir resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5964 attached [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] umount2("./85", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... openat resumed>) = 3 [pid 5964] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5964] <... set_robust_list resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./85", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5964] chdir("./86" [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5964 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5964] <... chdir resumed>) = 0 [pid 5089] umount2("./85/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5964] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5964] setpgid(0, 0 [pid 5089] newfstatat(AT_FDCWD, "./85/binderfs", [pid 5964] <... setpgid resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./85/binderfs") = 0 [pid 5089] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5964] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... umount2 resumed>) = 0 [pid 5964] <... openat resumed>) = 3 [pid 5089] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5964] write(3, "1000", 4 [pid 5089] newfstatat(AT_FDCWD, "./85/file0", [pid 5964] <... write resumed>) = 4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5964] close(3 [pid 5089] umount2("./85/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5964] <... close resumed>) = 0 [pid 5964] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5964] <... symlink resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./85/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5964] write(1, "executing program\n", 18 [pid 5963] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] getdents64(4, executing program [pid 5964] <... write resumed>) = 18 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5964] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5964] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5089] close(4 [pid 5964] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] <... close resumed>) = 0 [pid 5964] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] rmdir("./85/file0" [pid 5964] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5964] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] getdents64(3, [pid 5964] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5964] <... mprotect resumed>) = 0 [pid 5089] close(3 [pid 5964] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5089] <... close resumed>) = 0 [pid 5085] close(3 [pid 5964] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] rmdir("./85" [pid 5085] <... close resumed>) = 0 ./strace-static-x86_64: Process 5965 attached [pid 5089] <... rmdir resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5966 attached [pid 5965] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5964] <... clone3 resumed> => {parent_tid=[5965]}, 88) = 5965 [pid 5089] mkdir("./86", 0777 [pid 5966] set_robust_list(0x555580b0d6a0, 24 [pid 5965] <... rseq resumed>) = 0 [pid 5964] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... mkdir resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5966 [pid 5966] <... set_robust_list resumed>) = 0 [pid 5965] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5964] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5966] chdir("./86" [pid 5965] <... set_robust_list resumed>) = 0 [pid 5964] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5966] <... chdir resumed>) = 0 [pid 5965] rt_sigprocmask(SIG_SETMASK, [], [pid 5964] <... futex resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5966] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5965] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5964] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5966] <... prctl resumed>) = 0 [pid 5966] setpgid(0, 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5966] <... setpgid resumed>) = 0 [pid 5966] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5965] memfd_create("syzkaller", 0 [pid 5966] <... openat resumed>) = 3 [pid 5966] write(3, "1000", 4) = 4 [pid 5966] close(3 [pid 5965] <... memfd_create resumed>) = 3 [pid 5966] <... close resumed>) = 0 [pid 5965] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5088] close(3) = 0 [pid 5966] symlink("/dev/binderfs", "./binderfs" [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5966] <... symlink resumed>) = 0 [pid 5965] <... mmap resumed>) = 0x7f1df2200000 executing program ./strace-static-x86_64: Process 5967 attached [pid 5966] write(1, "executing program\n", 18 [pid 5963] <... write resumed>) = 2097152 [pid 5967] set_robust_list(0x555580b0d6a0, 24 [pid 5966] <... write resumed>) = 18 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5967 [pid 5967] <... set_robust_list resumed>) = 0 [pid 5967] chdir("./86" [pid 5966] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5967] <... chdir resumed>) = 0 [pid 5966] <... futex resumed>) = 0 [pid 5967] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5966] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5967] <... prctl resumed>) = 0 [pid 5966] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5967] setpgid(0, 0 [pid 5966] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5967] <... setpgid resumed>) = 0 [pid 5966] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5966] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5963] munmap(0x7f1df2200000, 138412032 [pid 5967] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5966] <... mmap resumed>) = 0x7f1dfa693000 [pid 5963] <... munmap resumed>) = 0 [pid 5966] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5967] <... openat resumed>) = 3 [pid 5966] <... mprotect resumed>) = 0 [pid 5967] write(3, "1000", 4) = 4 executing program [pid 5967] close(3 [pid 5966] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5967] <... close resumed>) = 0 [pid 5967] symlink("/dev/binderfs", "./binderfs" [pid 5966] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5966] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 5968 attached [pid 5967] <... symlink resumed>) = 0 [pid 5968] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5967] write(1, "executing program\n", 18 [pid 5966] <... clone3 resumed> => {parent_tid=[5968]}, 88) = 5968 [pid 5968] <... rseq resumed>) = 0 [pid 5967] <... write resumed>) = 18 [pid 5966] rt_sigprocmask(SIG_SETMASK, [], [pid 5968] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5967] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5966] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5968] <... set_robust_list resumed>) = 0 [pid 5967] <... futex resumed>) = 0 [pid 5966] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5968] rt_sigprocmask(SIG_SETMASK, [], [pid 5967] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5966] <... futex resumed>) = 0 [pid 5963] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5966] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5968] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5967] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5963] <... openat resumed>) = 4 [pid 5967] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5963] ioctl(4, LOOP_SET_FD, 3 [pid 5967] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5968] memfd_create("syzkaller", 0 [pid 5967] <... mmap resumed>) = 0x7f1dfa693000 [pid 5968] <... memfd_create resumed>) = 3 [pid 5967] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5968] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5967] <... mprotect resumed>) = 0 [pid 5965] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5963] <... ioctl resumed>) = 0 [pid 5968] <... mmap resumed>) = 0x7f1df2200000 [pid 5967] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5967] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5963] close(3) = 0 [pid 5963] close(4./strace-static-x86_64: Process 5969 attached [pid 5969] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5969] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5967] <... clone3 resumed> => {parent_tid=[5969]}, 88) = 5969 [pid 5963] <... close resumed>) = 0 [pid 5967] rt_sigprocmask(SIG_SETMASK, [], [pid 5963] mkdir("./file0", 0777 [pid 5089] <... ioctl resumed>) = 0 [pid 5967] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5969] rt_sigprocmask(SIG_SETMASK, [], [pid 5963] <... mkdir resumed>) = 0 [pid 5969] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5969] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5967] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5969] <... futex resumed>) = 0 [ 146.130434][ T5963] loop1: detected capacity change from 0 to 4096 [pid 5969] memfd_create("syzkaller", 0 [pid 5967] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5963] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] close(3 [pid 5969] <... memfd_create resumed>) = 3 [pid 5969] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5968] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5970 ./strace-static-x86_64: Process 5970 attached [pid 5970] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5970] chdir("./86") = 0 [pid 5970] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5970] setpgid(0, 0) = 0 [pid 5970] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5965] <... write resumed>) = 2097152 [pid 5970] write(3, "1000", 4) = 4 [pid 5970] close(3) = 0 [pid 5970] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5965] munmap(0x7f1df2200000, 138412032 [pid 5970] write(1, "executing program\n", 18 [pid 5965] <... munmap resumed>) = 0 [ 146.186744][ T5963] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). executing program [pid 5970] <... write resumed>) = 18 [pid 5970] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5970] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5970] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5970] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5970] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5970] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5965] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5970] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5965] <... openat resumed>) = 4 [pid 5965] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5971 attached ) = 0 [pid 5970] <... clone3 resumed> => {parent_tid=[5971]}, 88) = 5971 [pid 5970] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5970] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5970] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5969] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5965] close(3 [pid 5971] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5968] <... write resumed>) = 2097152 [pid 5963] <... mount resumed>) = 0 [pid 5971] <... rseq resumed>) = 0 [pid 5971] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5971] rt_sigprocmask(SIG_SETMASK, [], [pid 5965] <... close resumed>) = 0 [pid 5965] close(4 [pid 5968] munmap(0x7f1df2200000, 138412032 [pid 5965] <... close resumed>) = 0 [pid 5963] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 146.264359][ T5965] loop2: detected capacity change from 0 to 4096 [ 146.271689][ T5963] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5965] mkdir("./file0", 0777 [pid 5971] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5968] <... munmap resumed>) = 0 [pid 5965] <... mkdir resumed>) = 0 [pid 5963] <... openat resumed>) = 3 [pid 5965] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5971] memfd_create("syzkaller", 0 [pid 5969] <... write resumed>) = 2097152 [pid 5968] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5963] chdir("./file0" [pid 5971] <... memfd_create resumed>) = 3 [pid 5969] munmap(0x7f1df2200000, 138412032 [pid 5968] <... openat resumed>) = 4 [pid 5963] <... chdir resumed>) = 0 [pid 5971] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5969] <... munmap resumed>) = 0 [pid 5968] ioctl(4, LOOP_SET_FD, 3 [pid 5963] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5971] <... mmap resumed>) = 0x7f1df2200000 [ 146.308160][ T5965] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 146.341492][ T5968] loop0: detected capacity change from 0 to 4096 [pid 5963] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5968] <... ioctl resumed>) = 0 [pid 5963] <... futex resumed>) = 1 [pid 5962] <... futex resumed>) = 0 [pid 5963] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5962] exit_group(0 [pid 5969] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5963] <... futex resumed>) = ? [pid 5962] <... exit_group resumed>) = ? [pid 5969] <... openat resumed>) = 4 [pid 5963] +++ exited with 0 +++ [pid 5962] +++ exited with 0 +++ [pid 5969] ioctl(4, LOOP_SET_FD, 3 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5962, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5086] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5965] <... mount resumed>) = 0 [pid 5968] close(3 [pid 5086] getdents64(3, [pid 5968] <... close resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5968] close(4 [pid 5965] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5968] <... close resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5968] mkdir("./file0", 0777 [pid 5965] <... openat resumed>) = 3 [pid 5086] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5968] <... mkdir resumed>) = 0 [pid 5965] chdir("./file0" [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5969] <... ioctl resumed>) = 0 [pid 5968] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5965] <... chdir resumed>) = 0 [pid 5086] unlink("./86/binderfs" [pid 5969] close(3 [pid 5086] <... unlink resumed>) = 0 [pid 5969] <... close resumed>) = 0 [pid 5086] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5969] close(4) = 0 [pid 5965] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5969] mkdir("./file0", 0777) = 0 [ 146.355974][ T5969] loop3: detected capacity change from 0 to 4096 [ 146.361099][ T5965] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 146.388234][ T5968] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5969] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5965] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5964] <... futex resumed>) = 0 [pid 5965] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5964] exit_group(0) = ? [pid 5965] <... futex resumed>) = ? [pid 5965] +++ exited with 0 +++ [pid 5964] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5964, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5087] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... umount2 resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5971] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] newfstatat(3, "", [pid 5086] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(AT_FDCWD, "./86/file0", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] newfstatat(AT_FDCWD, "./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] unlink("./86/binderfs") = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(4 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./86/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] rmdir("./86/file0" [ 146.411234][ T5969] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5087] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 5087] close(4 [pid 5086] <... close resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./86/file0") = 0 [pid 5971] <... write resumed>) = 2097152 [pid 5968] <... mount resumed>) = 0 [pid 5086] rmdir("./86" [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./86") = 0 [pid 5968] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5087] mkdir("./87", 0777 [pid 5968] chdir("./file0" [pid 5087] <... mkdir resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5971] munmap(0x7f1df2200000, 138412032 [pid 5968] <... chdir resumed>) = 0 [pid 5086] mkdir("./87", 0777 [pid 5969] <... mount resumed>) = 0 [pid 5968] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5969] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5968] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... openat resumed>) = 3 [pid 5086] <... mkdir resumed>) = 0 [pid 5969] <... openat resumed>) = 3 [pid 5968] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5969] chdir("./file0" [pid 5971] <... munmap resumed>) = 0 [pid 5969] <... chdir resumed>) = 0 [pid 5968] <... futex resumed>) = 1 [pid 5966] <... futex resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] <... openat resumed>) = 3 [pid 5971] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5969] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5968] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5966] exit_group(0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5971] <... openat resumed>) = 4 [pid 5969] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5968] <... futex resumed>) = ? [pid 5966] <... exit_group resumed>) = ? [pid 5971] ioctl(4, LOOP_SET_FD, 3 [pid 5969] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5968] +++ exited with 0 +++ [pid 5966] +++ exited with 0 +++ [pid 5969] <... futex resumed>) = 1 [pid 5967] <... futex resumed>) = 0 [pid 5967] exit_group(0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5966, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5967] <... exit_group resumed>) = ? [pid 5085] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./86/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./86/binderfs") = 0 [pid 5085] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5971] <... ioctl resumed>) = 0 [pid 5971] close(3) = 0 [pid 5971] close(4) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5971] mkdir("./file0", 0777) = 0 [pid 5969] +++ exited with 0 +++ [pid 5967] +++ exited with 0 +++ [pid 5085] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5971] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5967, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [ 146.486163][ T5968] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 146.504800][ T5969] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 146.527690][ T5971] loop4: detected capacity change from 0 to 4096 [pid 5085] newfstatat(AT_FDCWD, "./86/file0", [pid 5088] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] newfstatat(3, "", [pid 5085] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] getdents64(3, [pid 5085] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... openat resumed>) = 4 [pid 5088] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(4, "", [pid 5088] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] getdents64(4, [pid 5088] unlink("./86/binderfs" [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] <... unlink resumed>) = 0 [pid 5085] getdents64(4, [pid 5088] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./86/file0") = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./86" [pid 5086] <... ioctl resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [ 146.571467][ T5971] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5086] close(3 [pid 5088] <... umount2 resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5085] mkdir("./87", 0777 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 5972 [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5973 attached [pid 5085] <... mkdir resumed>) = 0 [pid 5973] set_robust_list(0x555580b0d6a0, 24 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5973 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5972 attached [pid 5971] <... mount resumed>) = 0 [pid 5088] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... openat resumed>) = 3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5972] set_robust_list(0x555580b0d6a0, 24 [pid 5088] newfstatat(AT_FDCWD, "./86/file0", [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5971] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5973] <... set_robust_list resumed>) = 0 [pid 5971] <... openat resumed>) = 3 [pid 5088] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5973] chdir("./87" [pid 5971] chdir("./file0" [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5973] <... chdir resumed>) = 0 [pid 5971] <... chdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5973] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5972] <... set_robust_list resumed>) = 0 [pid 5971] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... openat resumed>) = 4 [pid 5973] <... prctl resumed>) = 0 [pid 5972] chdir("./87" [pid 5971] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] newfstatat(4, "", [pid 5973] setpgid(0, 0 [pid 5972] <... chdir resumed>) = 0 [pid 5971] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5973] <... setpgid resumed>) = 0 [pid 5972] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5971] <... futex resumed>) = 1 [pid 5970] <... futex resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5973] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5972] <... prctl resumed>) = 0 [pid 5971] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5970] exit_group(0 [pid 5088] getdents64(4, [pid 5973] <... openat resumed>) = 3 [pid 5972] setpgid(0, 0 [pid 5971] <... futex resumed>) = ? [pid 5970] <... exit_group resumed>) = ? [pid 5972] <... setpgid resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5971] +++ exited with 0 +++ [pid 5972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5970] +++ exited with 0 +++ [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4 [pid 5973] write(3, "1000", 4 [pid 5088] <... close resumed>) = 0 [pid 5973] <... write resumed>) = 4 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5970, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5088] rmdir("./86/file0" [pid 5089] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5972] <... openat resumed>) = 3 [pid 5088] <... rmdir resumed>) = 0 [pid 5973] close(3 [pid 5089] umount2("./86", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(3, [pid 5972] write(3, "1000", 4 [pid 5973] <... close resumed>) = 0 [pid 5972] <... write resumed>) = 4 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5973] symlink("/dev/binderfs", "./binderfs" [pid 5972] close(3 [pid 5089] openat(AT_FDCWD, "./86", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5973] <... symlink resumed>) = 0 [pid 5972] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 3 executing program [pid 5088] close(3 [pid 5973] write(1, "executing program\n", 18 [pid 5972] symlink("/dev/binderfs", "./binderfs" [pid 5089] newfstatat(3, "", [pid 5973] <... write resumed>) = 18 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... close resumed>) = 0 [pid 5973] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5972] <... symlink resumed>) = 0 [pid 5089] getdents64(3, [pid 5088] rmdir("./86" [pid 5973] <... futex resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5973] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] umount2("./86/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5973] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... rmdir resumed>) = 0 [pid 5973] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] newfstatat(AT_FDCWD, "./86/binderfs", [pid 5973] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5973] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] unlink("./86/binderfs" [pid 5973] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] <... unlink resumed>) = 0 [pid 5088] mkdir("./87", 0777 [pid 5973] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5089] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... mkdir resumed>) = 0 [pid 5973] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5972] write(1, "executing program\n", 18executing program [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5973] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5972] <... write resumed>) = 18 [pid 5088] <... openat resumed>) = 3 [ 146.620950][ T5971] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5973] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5972] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5974 attached [pid 5974] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5974] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5973] <... clone3 resumed> => {parent_tid=[5974]}, 88) = 5974 [pid 5972] <... futex resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5974] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5974] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5973] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5974] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5973] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] newfstatat(AT_FDCWD, "./86/file0", [pid 5973] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5974] <... futex resumed>) = 0 [pid 5973] <... futex resumed>) = 1 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5974] memfd_create("syzkaller", 0 [pid 5973] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] openat(AT_FDCWD, "./86/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5974] <... memfd_create resumed>) = 3 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5974] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] getdents64(4, [pid 5974] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4 [pid 5972] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./86/file0") = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./86") = 0 [pid 5972] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] mkdir("./87", 0777 [pid 5972] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5972] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] <... ioctl resumed>) = 0 [pid 5972] <... mmap resumed>) = 0x7f1dfa693000 [pid 5972] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5085] close(3 [pid 5972] <... mprotect resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5972] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5088] close(3 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5972] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... close resumed>) = 0 ./strace-static-x86_64: Process 5976 attached ./strace-static-x86_64: Process 5975 attached [pid 5974] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5976] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5975] set_robust_list(0x555580b0d6a0, 24 [pid 5972] <... clone3 resumed> => {parent_tid=[5976]}, 88) = 5976 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5975 [pid 5972] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5972] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5976] <... rseq resumed>) = 0 [pid 5976] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5976] rt_sigprocmask(SIG_SETMASK, [], [pid 5972] <... futex resumed>) = 0 [pid 5976] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5972] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5977 attached [pid 5976] memfd_create("syzkaller", 0 [pid 5975] <... set_robust_list resumed>) = 0 [pid 5977] set_robust_list(0x555580b0d6a0, 24 [pid 5975] chdir("./87" [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5977 [pid 5977] <... set_robust_list resumed>) = 0 [pid 5977] chdir("./87" [pid 5976] <... memfd_create resumed>) = 3 [pid 5975] <... chdir resumed>) = 0 [pid 5977] <... chdir resumed>) = 0 [pid 5975] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5977] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5975] <... prctl resumed>) = 0 [pid 5977] setpgid(0, 0 [pid 5976] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5975] setpgid(0, 0 [pid 5977] <... setpgid resumed>) = 0 [pid 5976] <... mmap resumed>) = 0x7f1df2200000 [pid 5977] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5975] <... setpgid resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5975] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5977] <... openat resumed>) = 3 [pid 5975] <... openat resumed>) = 3 [pid 5089] close(3 [pid 5977] write(3, "1000", 4 [pid 5975] write(3, "1000", 4 [pid 5089] <... close resumed>) = 0 [pid 5977] <... write resumed>) = 4 [pid 5975] <... write resumed>) = 4 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5977] close(3 [pid 5975] close(3 [pid 5977] <... close resumed>) = 0 [pid 5975] <... close resumed>) = 0 [pid 5977] symlink("/dev/binderfs", "./binderfs" [pid 5975] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5978 [pid 5977] <... symlink resumed>) = 0 executing program executing program [pid 5975] <... symlink resumed>) = 0 [pid 5977] write(1, "executing program\n", 18 [pid 5975] write(1, "executing program\n", 18 [pid 5977] <... write resumed>) = 18 [pid 5975] <... write resumed>) = 18 [pid 5977] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5975] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5977] <... futex resumed>) = 0 [pid 5975] <... futex resumed>) = 0 [pid 5977] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5975] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5977] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5975] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5977] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 ./strace-static-x86_64: Process 5978 attached [pid 5977] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5978] set_robust_list(0x555580b0d6a0, 24 [pid 5977] <... mmap resumed>) = 0x7f1dfa693000 [pid 5975] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5978] <... set_robust_list resumed>) = 0 [pid 5977] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5975] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5978] chdir("./87") = 0 [pid 5978] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5978] setpgid(0, 0 [pid 5977] <... mprotect resumed>) = 0 [pid 5975] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5974] <... write resumed>) = 2097152 [pid 5978] <... setpgid resumed>) = 0 [pid 5977] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5976] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5975] <... mmap resumed>) = 0x7f1dfa693000 [pid 5974] munmap(0x7f1df2200000, 138412032 [pid 5978] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5977] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5975] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5974] <... munmap resumed>) = 0 [pid 5977] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5975] <... mprotect resumed>) = 0 [pid 5978] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5979 attached [pid 5978] write(3, "1000", 4 [pid 5975] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5978] <... write resumed>) = 4 [pid 5979] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5978] close(3) = 0 [pid 5978] symlink("/dev/binderfs", "./binderfs" [pid 5975] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5977] <... clone3 resumed> => {parent_tid=[5979]}, 88) = 5979 [pid 5975] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}executing program [pid 5978] <... symlink resumed>) = 0 [pid 5977] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 5980 attached [pid 5979] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5978] write(1, "executing program\n", 18 [pid 5977] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5975] <... clone3 resumed> => {parent_tid=[5980]}, 88) = 5980 [pid 5978] <... write resumed>) = 18 [pid 5977] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5975] rt_sigprocmask(SIG_SETMASK, [], [pid 5980] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5979] <... set_robust_list resumed>) = 0 [pid 5980] <... rseq resumed>) = 0 [pid 5979] rt_sigprocmask(SIG_SETMASK, [], [pid 5978] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5977] <... futex resumed>) = 0 [pid 5975] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5974] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5980] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5979] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5978] <... futex resumed>) = 0 [pid 5977] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5975] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5974] <... openat resumed>) = 4 [pid 5978] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5975] <... futex resumed>) = 0 [pid 5978] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5975] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5978] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5974] ioctl(4, LOOP_SET_FD, 3 [pid 5980] <... set_robust_list resumed>) = 0 [pid 5978] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5979] memfd_create("syzkaller", 0 [pid 5980] rt_sigprocmask(SIG_SETMASK, [], [pid 5978] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5980] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5979] <... memfd_create resumed>) = 3 [pid 5978] <... mmap resumed>) = 0x7f1dfa693000 [pid 5979] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5974] <... ioctl resumed>) = 0 [pid 5980] memfd_create("syzkaller", 0 [pid 5979] <... mmap resumed>) = 0x7f1df2200000 [pid 5978] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5976] <... write resumed>) = 2097152 [pid 5976] munmap(0x7f1df2200000, 138412032 [pid 5974] close(3 [pid 5976] <... munmap resumed>) = 0 [pid 5974] <... close resumed>) = 0 [pid 5974] close(4) = 0 [pid 5978] <... mprotect resumed>) = 0 [pid 5980] <... memfd_create resumed>) = 3 [pid 5978] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5974] mkdir("./file0", 0777 [ 146.880140][ T5974] loop1: detected capacity change from 0 to 4096 [ 146.919428][ T5976] loop2: detected capacity change from 0 to 4096 [pid 5980] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5978] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5974] <... mkdir resumed>) = 0 [pid 5976] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5974] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5978] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5976] <... openat resumed>) = 4 [pid 5976] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5981 attached [pid 5978] <... clone3 resumed> => {parent_tid=[5981]}, 88) = 5981 [pid 5981] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5978] rt_sigprocmask(SIG_SETMASK, [], [pid 5981] <... rseq resumed>) = 0 [pid 5978] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5981] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5978] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5981] <... set_robust_list resumed>) = 0 [pid 5978] <... futex resumed>) = 0 [pid 5978] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5981] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5976] <... ioctl resumed>) = 0 [pid 5976] close(3) = 0 [pid 5976] close(4) = 0 [pid 5981] memfd_create("syzkaller", 0) = 3 [pid 5976] mkdir("./file0", 0777 [pid 5981] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5976] <... mkdir resumed>) = 0 [pid 5981] <... mmap resumed>) = 0x7f1df2200000 [ 146.927192][ T5974] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5976] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5980] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 146.970734][ T5976] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5979] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5981] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5979] <... write resumed>) = 2097152 [pid 5979] munmap(0x7f1df2200000, 138412032 [pid 5980] <... write resumed>) = 2097152 [pid 5980] munmap(0x7f1df2200000, 138412032 [pid 5979] <... munmap resumed>) = 0 [pid 5979] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5981] <... write resumed>) = 2097152 [pid 5979] <... openat resumed>) = 4 [pid 5979] ioctl(4, LOOP_SET_FD, 3 [pid 5981] munmap(0x7f1df2200000, 138412032 [pid 5980] <... munmap resumed>) = 0 [pid 5981] <... munmap resumed>) = 0 [pid 5974] <... mount resumed>) = 0 [pid 5980] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5980] ioctl(4, LOOP_SET_FD, 3 [pid 5981] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5979] <... ioctl resumed>) = 0 [pid 5976] <... mount resumed>) = 0 [pid 5974] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5981] <... openat resumed>) = 4 [pid 5979] close(3 [pid 5976] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5974] <... openat resumed>) = 3 [pid 5981] ioctl(4, LOOP_SET_FD, 3 [pid 5979] <... close resumed>) = 0 [pid 5976] <... openat resumed>) = 3 [pid 5974] chdir("./file0" [pid 5980] <... ioctl resumed>) = 0 [pid 5979] close(4 [pid 5976] chdir("./file0" [pid 5974] <... chdir resumed>) = 0 [pid 5980] close(3) = 0 [pid 5980] close(4) = 0 [pid 5980] mkdir("./file0", 0777) = 0 [pid 5979] <... close resumed>) = 0 [pid 5976] <... chdir resumed>) = 0 [pid 5974] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5981] <... ioctl resumed>) = 0 [pid 5979] mkdir("./file0", 0777 [pid 5976] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5974] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5980] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5976] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5981] close(3 [pid 5979] <... mkdir resumed>) = 0 [ 147.071828][ T5974] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 147.085221][ T5979] loop3: detected capacity change from 0 to 4096 [ 147.093648][ T5976] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 147.099497][ T5980] loop0: detected capacity change from 0 to 4096 [ 147.107347][ T5981] loop4: detected capacity change from 0 to 4096 [pid 5976] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5974] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5981] <... close resumed>) = 0 [pid 5979] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5976] <... futex resumed>) = 1 [pid 5974] <... futex resumed>) = 1 [pid 5972] <... futex resumed>) = 0 [pid 5973] <... futex resumed>) = 0 [pid 5976] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5974] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5972] exit_group(0) = ? [pid 5973] exit_group(0 [pid 5981] close(4 [pid 5976] <... futex resumed>) = ? [pid 5974] <... futex resumed>) = ? [pid 5981] <... close resumed>) = 0 [pid 5973] <... exit_group resumed>) = ? [pid 5976] +++ exited with 0 +++ [pid 5972] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5972, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5087] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5974] +++ exited with 0 +++ [pid 5973] +++ exited with 0 +++ [pid 5087] newfstatat(AT_FDCWD, "./87/binderfs", [pid 5981] mkdir("./file0", 0777 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./87/binderfs" [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5973, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5981] <... mkdir resumed>) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5087] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 147.125842][ T5980] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 147.150963][ T5979] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5981] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... umount2 resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./87/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, [pid 5087] newfstatat(4, "", [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(4, [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] newfstatat(AT_FDCWD, "./87/binderfs", [pid 5087] getdents64(4, [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] unlink("./87/binderfs" [pid 5087] close(4) = 0 [pid 5086] <... unlink resumed>) = 0 [pid 5086] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] rmdir("./87/file0") = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./87") = 0 [ 147.183257][ T5981] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 147.214253][ T5980] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5086] <... umount2 resumed>) = 0 [pid 5980] <... mount resumed>) = 0 [pid 5087] mkdir("./88", 0777) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5980] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... openat resumed>) = 3 [pid 5980] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./87/file0", [pid 5980] chdir("./file0") = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5980] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5086] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5980] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5975] <... futex resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5980] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5975] exit_group(0 [pid 5086] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5980] <... futex resumed>) = ? [pid 5979] <... mount resumed>) = 0 [pid 5975] <... exit_group resumed>) = ? [pid 5086] <... openat resumed>) = 4 [pid 5979] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] newfstatat(4, "", [pid 5979] <... openat resumed>) = 3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, [pid 5979] chdir("./file0" [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5979] <... chdir resumed>) = 0 [pid 5086] getdents64(4, [pid 5979] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./87/file0" [pid 5980] +++ exited with 0 +++ [pid 5975] +++ exited with 0 +++ [pid 5086] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5975, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] restart_syscall(<... resuming interrupted clone ...> [pid 5086] close(3 [pid 5085] <... restart_syscall resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5979] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] rmdir("./87" [pid 5085] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", [pid 5979] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5979] <... futex resumed>) = 1 [pid 5977] <... futex resumed>) = 0 [pid 5086] mkdir("./88", 0777 [pid 5085] getdents64(3, [pid 5979] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5977] exit_group(0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5977] <... exit_group resumed>) = ? [pid 5085] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5979] <... futex resumed>) = ? [pid 5086] <... mkdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./87/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./87/binderfs") = 0 [pid 5085] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5979] +++ exited with 0 +++ [pid 5977] +++ exited with 0 +++ [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] <... umount2 resumed>) = 0 [pid 5085] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5977, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5085] newfstatat(AT_FDCWD, "./87/file0", [pid 5088] <... restart_syscall resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... openat resumed>) = 4 [ 147.246006][ T5979] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./87/file0" [pid 5981] <... mount resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3 [pid 5088] <... openat resumed>) = 3 [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./87" [pid 5088] newfstatat(3, "", [pid 5085] <... rmdir resumed>) = 0 [pid 5085] mkdir("./88", 0777) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5982 attached [pid 5982] set_robust_list(0x555580b0d6a0, 24 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5982] <... set_robust_list resumed>) = 0 [pid 5982] chdir("./88" [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5982 [pid 5982] <... chdir resumed>) = 0 [pid 5982] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5981] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... ioctl resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./87/binderfs", [pid 5981] <... openat resumed>) = 3 [pid 5086] close(3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5981] chdir("./file0" [pid 5088] unlink("./87/binderfs" [pid 5086] <... close resumed>) = 0 [pid 5981] <... chdir resumed>) = 0 [pid 5981] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... unlink resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5983 attached [pid 5981] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 147.301110][ T5981] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5983] set_robust_list(0x555580b0d6a0, 24 [pid 5981] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5983] <... set_robust_list resumed>) = 0 [pid 5982] setpgid(0, 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5978] <... futex resumed>) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5983 [pid 5981] <... futex resumed>) = 1 [pid 5983] chdir("./88" [pid 5982] <... setpgid resumed>) = 0 [pid 5978] exit_group(0 [pid 5088] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5981] umount2("./86/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5982] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5981] +++ exited with 0 +++ [pid 5978] <... exit_group resumed>) = ? [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5983] <... chdir resumed>) = 0 [pid 5982] <... openat resumed>) = 3 [pid 5088] newfstatat(AT_FDCWD, "./87/file0", [pid 5982] write(3, "1000", 4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5983] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5982] <... write resumed>) = 4 [pid 5978] +++ exited with 0 +++ [pid 5088] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5983] <... prctl resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5982] close(3 [pid 5088] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5983] setpgid(0, 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5978, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5088] <... openat resumed>) = 4 [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5983] <... setpgid resumed>) = 0 [pid 5088] newfstatat(4, "", [pid 5982] <... close resumed>) = 0 [pid 5982] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... restart_syscall resumed>) = 0 [pid 5983] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5982] <... symlink resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 5982] write(1, "executing program\n", 18 [pid 5088] getdents64(4, [pid 5983] <... openat resumed>) = 3 [pid 5982] <... write resumed>) = 18 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5983] write(3, "1000", 4 [pid 5982] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] umount2("./87", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5982] <... futex resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] getdents64(4, [pid 5983] <... write resumed>) = 4 [pid 5982] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5982] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5983] close(3 [pid 5982] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] openat(AT_FDCWD, "./87", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5982] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... openat resumed>) = 3 [pid 5983] <... close resumed>) = 0 [pid 5982] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] newfstatat(3, "", [pid 5088] close(4 [pid 5982] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... close resumed>) = 0 [pid 5983] symlink("/dev/binderfs", "./binderfs" [pid 5982] <... mprotect resumed>) = 0 [pid 5089] getdents64(3, [pid 5088] rmdir("./87/file0" [pid 5983] <... symlink resumed>) = 0 [pid 5982] rt_sigprocmask(SIG_BLOCK, ~[], executing program [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5983] write(1, "executing program\n", 18 [pid 5982] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] umount2("./87/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... rmdir resumed>) = 0 [pid 5983] <... write resumed>) = 18 [pid 5982] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5984 attached [pid 5983] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] newfstatat(AT_FDCWD, "./87/binderfs", [pid 5984] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5983] <... futex resumed>) = 0 [pid 5982] <... clone3 resumed> => {parent_tid=[5984]}, 88) = 5984 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] getdents64(3, [pid 5984] <... rseq resumed>) = 0 [pid 5983] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5982] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] unlink("./87/binderfs" [pid 5984] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5983] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5982] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5984] <... set_robust_list resumed>) = 0 [pid 5983] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5982] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] close(3 [pid 5984] rt_sigprocmask(SIG_SETMASK, [], [pid 5983] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5982] <... futex resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5984] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5983] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5982] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] rmdir("./87" [pid 5085] close(3 [pid 5984] memfd_create("syzkaller", 0 [pid 5983] <... mmap resumed>) = 0x7f1dfa693000 [pid 5983] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] <... rmdir resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5983] <... mprotect resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5088] mkdir("./88", 0777 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5983] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 5983] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5986 attached ./strace-static-x86_64: Process 5985 attached [pid 5983] <... clone3 resumed> => {parent_tid=[5986]}, 88) = 5986 [pid 5986] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5985] set_robust_list(0x555580b0d6a0, 24 [pid 5984] <... memfd_create resumed>) = 3 [pid 5983] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... openat resumed>) = 3 [pid 5986] <... rseq resumed>) = 0 [pid 5985] <... set_robust_list resumed>) = 0 [pid 5984] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5983] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5985 [pid 5986] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5985] chdir("./88" [pid 5984] <... mmap resumed>) = 0x7f1df2200000 [pid 5983] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5986] <... set_robust_list resumed>) = 0 [pid 5985] <... chdir resumed>) = 0 [pid 5983] <... futex resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./87/file0", [pid 5986] rt_sigprocmask(SIG_SETMASK, [], [pid 5985] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5983] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5986] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5985] <... prctl resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5985] setpgid(0, 0) = 0 [pid 5985] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] umount2("./87/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5985] <... openat resumed>) = 3 [pid 5089] openat(AT_FDCWD, "./87/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5985] write(3, "1000", 4 [pid 5089] <... openat resumed>) = 4 [pid 5986] memfd_create("syzkaller", 0 [pid 5985] <... write resumed>) = 4 [pid 5089] newfstatat(4, "", [pid 5986] <... memfd_create resumed>) = 3 [pid 5985] close(3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5986] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5985] <... close resumed>) = 0 [pid 5089] getdents64(4, [pid 5986] <... mmap resumed>) = 0x7f1df2200000 [pid 5985] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5985] <... symlink resumed>) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 executing program [pid 5089] close(4 [pid 5985] write(1, "executing program\n", 18) = 18 [pid 5985] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... close resumed>) = 0 [pid 5985] <... futex resumed>) = 0 [pid 5985] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] rmdir("./87/file0" [pid 5985] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5985] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] getdents64(3, [pid 5984] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5985] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5985] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] close(3 [pid 5985] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] <... close resumed>) = 0 [pid 5985] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] rmdir("./87" [pid 5985] <... mprotect resumed>) = 0 [pid 5985] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... rmdir resumed>) = 0 [pid 5985] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5986] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5985] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] mkdir("./88", 0777) = 0 [pid 5985] <... clone3 resumed> => {parent_tid=[5987]}, 88) = 5987 [pid 5985] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5985] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5985] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5987 attached ) = 0 [pid 5987] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5985] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5987] <... rseq resumed>) = 0 [pid 5987] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5987] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5987] memfd_create("syzkaller", 0) = 3 [pid 5987] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5088] <... ioctl resumed>) = 0 [pid 5984] <... write resumed>) = 2097152 [pid 5088] close(3) = 0 [pid 5984] munmap(0x7f1df2200000, 138412032) = 0 [pid 5986] <... write resumed>) = 2097152 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5984] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 5988 attached [pid 5986] munmap(0x7f1df2200000, 138412032 [pid 5984] <... openat resumed>) = 4 [pid 5988] set_robust_list(0x555580b0d6a0, 24 [pid 5987] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5986] <... munmap resumed>) = 0 [pid 5984] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5988 [pid 5988] <... set_robust_list resumed>) = 0 [pid 5988] chdir("./88") = 0 [pid 5988] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5986] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5988] <... prctl resumed>) = 0 [pid 5988] setpgid(0, 0) = 0 [pid 5986] ioctl(4, LOOP_SET_FD, 3 [pid 5988] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5984] <... ioctl resumed>) = 0 [pid 5984] close(3) = 0 [pid 5984] close(4) = 0 [pid 5984] mkdir("./file0", 0777) = 0 [pid 5984] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5988] write(3, "1000", 4 [pid 5089] <... ioctl resumed>) = 0 [pid 5988] <... write resumed>) = 4 [pid 5988] close(3 [pid 5089] close(3 [pid 5988] <... close resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5988] symlink("/dev/binderfs", "./binderfs" [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5988] <... symlink resumed>) = 0 executing program [pid 5988] write(1, "executing program\n", 18 [pid 5986] <... ioctl resumed>) = 0 [pid 5988] <... write resumed>) = 18 [pid 5988] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5986] close(3./strace-static-x86_64: Process 5989 attached [pid 5988] <... futex resumed>) = 0 [pid 5988] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5989 [pid 5988] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5988] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5986] <... close resumed>) = 0 [pid 5988] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5988] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5986] close(4 [pid 5988] <... mmap resumed>) = 0x7f1dfa693000 [pid 5986] <... close resumed>) = 0 [pid 5989] set_robust_list(0x555580b0d6a0, 24 [pid 5988] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5986] mkdir("./file0", 0777 [pid 5989] <... set_robust_list resumed>) = 0 [pid 5988] <... mprotect resumed>) = 0 [pid 5986] <... mkdir resumed>) = 0 [pid 5989] chdir("./88" [pid 5988] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5986] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5989] <... chdir resumed>) = 0 [pid 5988] <... rt_sigprocmask resumed>[], 8) = 0 [ 147.587234][ T5984] loop2: detected capacity change from 0 to 4096 [ 147.607014][ T5986] loop1: detected capacity change from 0 to 4096 [ 147.622929][ T5984] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5989] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5988] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5989] <... prctl resumed>) = 0 [pid 5987] <... write resumed>) = 2097152 [pid 5989] setpgid(0, 0 [pid 5988] <... clone3 resumed> => {parent_tid=[5990]}, 88) = 5990 [pid 5989] <... setpgid resumed>) = 0 [pid 5987] munmap(0x7f1df2200000, 138412032 [pid 5988] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 5990 attached [pid 5989] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5988] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5990] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5989] <... openat resumed>) = 3 [pid 5988] <... futex resumed>) = 0 [pid 5988] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5990] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5989] write(3, "1000", 4 [pid 5987] <... munmap resumed>) = 0 [pid 5990] <... set_robust_list resumed>) = 0 [pid 5989] <... write resumed>) = 4 [pid 5987] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5990] rt_sigprocmask(SIG_SETMASK, [], [pid 5989] close(3 [pid 5987] <... openat resumed>) = 4 [pid 5990] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5989] <... close resumed>) = 0 [ 147.648313][ T5986] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5987] ioctl(4, LOOP_SET_FD, 3 [pid 5990] memfd_create("syzkaller", 0 [pid 5989] symlink("/dev/binderfs", "./binderfs"executing program [pid 5990] <... memfd_create resumed>) = 3 [pid 5989] <... symlink resumed>) = 0 [pid 5987] <... ioctl resumed>) = 0 [pid 5989] write(1, "executing program\n", 18 [pid 5987] close(3 [pid 5989] <... write resumed>) = 18 [pid 5987] <... close resumed>) = 0 [pid 5987] close(4 [pid 5989] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5987] <... close resumed>) = 0 [pid 5989] <... futex resumed>) = 0 [pid 5987] mkdir("./file0", 0777 [pid 5989] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5990] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5989] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5990] <... mmap resumed>) = 0x7f1df2200000 [pid 5989] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5989] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5987] <... mkdir resumed>) = 0 [pid 5989] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5987] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5984] <... mount resumed>) = 0 [pid 5989] <... mprotect resumed>) = 0 [ 147.693420][ T5987] loop0: detected capacity change from 0 to 4096 [ 147.704204][ T5984] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5984] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5989] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5984] chdir("./file0") = 0 [pid 5984] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5984] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5982] <... futex resumed>) = 0 [pid 5982] exit_group(0) = ? [pid 5989] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5989] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5984] +++ exited with 0 +++ [pid 5982] +++ exited with 0 +++ [pid 5989] <... clone3 resumed> => {parent_tid=[5991]}, 88) = 5991 ./strace-static-x86_64: Process 5991 attached [pid 5989] rt_sigprocmask(SIG_SETMASK, [], [pid 5991] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5989] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5982, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5991] <... rseq resumed>) = 0 [pid 5989] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5989] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5991] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5986] <... mount resumed>) = 0 [pid 5087] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5991] <... set_robust_list resumed>) = 0 [pid 5991] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5991] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 147.744890][ T5987] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 147.772526][ T5986] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5990] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5986] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5991] memfd_create("syzkaller", 0 [pid 5986] <... openat resumed>) = 3 [pid 5087] <... openat resumed>) = 3 [pid 5991] <... memfd_create resumed>) = 3 [pid 5087] newfstatat(3, "", [pid 5991] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5986] chdir("./file0" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5991] <... mmap resumed>) = 0x7f1df2200000 [pid 5986] <... chdir resumed>) = 0 [pid 5087] getdents64(3, [pid 5987] <... mount resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5987] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5987] <... openat resumed>) = 3 [pid 5087] newfstatat(AT_FDCWD, "./88/binderfs", [pid 5987] chdir("./file0" [pid 5986] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5987] <... chdir resumed>) = 0 [pid 5986] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] unlink("./88/binderfs" [pid 5987] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5087] <... unlink resumed>) = 0 [pid 5987] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5987] <... futex resumed>) = 1 [pid 5986] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5985] <... futex resumed>) = 0 [pid 5987] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5985] exit_group(0 [pid 5990] <... write resumed>) = 2097152 [pid 5987] <... futex resumed>) = ? [pid 5986] <... futex resumed>) = 1 [pid 5985] <... exit_group resumed>) = ? [pid 5983] <... futex resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5987] +++ exited with 0 +++ [pid 5986] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5990] munmap(0x7f1df2200000, 138412032 [pid 5985] +++ exited with 0 +++ [pid 5983] exit_group(0 [pid 5087] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5986] <... futex resumed>) = ? [pid 5983] <... exit_group resumed>) = ? [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5986] +++ exited with 0 +++ [pid 5087] newfstatat(AT_FDCWD, "./88/file0", [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5985, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5991] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5990] <... munmap resumed>) = 0 [pid 5983] +++ exited with 0 +++ [pid 5087] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 147.796951][ T5987] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5085] restart_syscall(<... resuming interrupted clone ...> [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... restart_syscall resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5983, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5990] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] <... openat resumed>) = 4 [pid 5086] <... restart_syscall resumed>) = 0 [pid 5991] <... write resumed>) = 2097152 [pid 5990] <... openat resumed>) = 4 [pid 5087] newfstatat(4, "", [pid 5085] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5991] munmap(0x7f1df2200000, 138412032 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5990] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5991] <... munmap resumed>) = 0 [pid 5086] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... openat resumed>) = 3 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(3, "", [pid 5086] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5990] <... ioctl resumed>) = 0 [pid 5087] getdents64(4, [pid 5086] <... openat resumed>) = 3 [pid 5085] getdents64(3, [pid 5086] newfstatat(3, "", [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(3, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] newfstatat(AT_FDCWD, "./88/binderfs", [pid 5086] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] unlink("./88/binderfs" [pid 5087] getdents64(4, [pid 5086] newfstatat(AT_FDCWD, "./88/binderfs", [pid 5085] <... unlink resumed>) = 0 [pid 5990] close(3 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5991] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5990] <... close resumed>) = 0 [pid 5087] close(4 [pid 5086] unlink("./88/binderfs" [pid 5991] <... openat resumed>) = 4 [pid 5990] close(4 [pid 5086] <... unlink resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5086] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5991] ioctl(4, LOOP_SET_FD, 3 [pid 5990] <... close resumed>) = 0 [pid 5087] rmdir("./88/file0" [pid 5991] <... ioctl resumed>) = 0 [pid 5990] mkdir("./file0", 0777 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5991] close(3 [pid 5990] <... mkdir resumed>) = 0 [pid 5087] getdents64(3, [pid 5086] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] close(3 [pid 5086] newfstatat(AT_FDCWD, "./88/file0", [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./88" [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5991] <... close resumed>) = 0 [pid 5991] close(4 [pid 5085] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... rmdir resumed>) = 0 [pid 5086] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] mkdir("./89", 0777 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 147.881694][ T5990] loop3: detected capacity change from 0 to 4096 [ 147.898511][ T5991] loop4: detected capacity change from 0 to 4096 [pid 5991] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5991] mkdir("./file0", 0777 [pid 5990] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5991] <... mkdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] newfstatat(AT_FDCWD, "./88/file0", [pid 5991] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5085] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] newfstatat(4, "", [pid 5087] <... openat resumed>) = 3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] getdents64(4, [pid 5085] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... openat resumed>) = 4 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, [pid 5086] close(4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... close resumed>) = 0 [pid 5085] getdents64(4, [pid 5086] rmdir("./88/file0" [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./88/file0" [pid 5086] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, [pid 5085] <... rmdir resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] getdents64(3, [pid 5086] close(3) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] rmdir("./88" [pid 5085] close(3) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5085] rmdir("./88") = 0 [pid 5086] mkdir("./89", 0777 [pid 5085] mkdir("./89", 0777 [pid 5086] <... mkdir resumed>) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] <... openat resumed>) = 3 [pid 5085] <... openat resumed>) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [ 147.937010][ T5990] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 147.953463][ T5991] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5087] <... ioctl resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5992 attached [pid 5990] <... mount resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 5992 [pid 5991] <... mount resumed>) = 0 [pid 5992] set_robust_list(0x555580b0d6a0, 24 [pid 5991] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5990] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] close(3 [pid 5990] <... openat resumed>) = 3 [pid 5991] <... openat resumed>) = 3 [pid 5990] chdir("./file0" [pid 5085] <... close resumed>) = 0 [pid 5990] <... chdir resumed>) = 0 [pid 5991] chdir("./file0" [pid 5990] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5990] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5992] <... set_robust_list resumed>) = 0 [pid 5992] chdir("./89" [pid 5990] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5991] <... chdir resumed>) = 0 [pid 5990] <... futex resumed>) = 1 [pid 5988] <... futex resumed>) = 0 [pid 5988] exit_group(0./strace-static-x86_64: Process 5993 attached [pid 5992] <... chdir resumed>) = 0 [pid 5991] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5988] <... exit_group resumed>) = ? [pid 5086] <... ioctl resumed>) = 0 [pid 5993] set_robust_list(0x555580b0d6a0, 24 [pid 5992] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5990] +++ exited with 0 +++ [pid 5992] <... prctl resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 5993 [pid 5993] <... set_robust_list resumed>) = 0 [pid 5992] setpgid(0, 0 [pid 5991] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5988] +++ exited with 0 +++ [pid 5993] chdir("./89" [pid 5992] <... setpgid resumed>) = 0 [pid 5991] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] close(3 [pid 5992] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5988, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5088] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 148.037206][ T5990] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 148.045015][ T5991] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5993] <... chdir resumed>) = 0 [pid 5992] <... openat resumed>) = 3 [pid 5991] <... futex resumed>) = 1 [pid 5086] <... close resumed>) = 0 [pid 5991] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5993] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5992] write(3, "1000", 4 [pid 5088] newfstatat(3, "", [pid 5993] <... prctl resumed>) = 0 [pid 5992] <... write resumed>) = 4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5994 attached [pid 5993] setpgid(0, 0 [pid 5992] close(3 [pid 5989] <... futex resumed>) = 0 [pid 5088] getdents64(3, [pid 5993] <... setpgid resumed>) = 0 [pid 5992] <... close resumed>) = 0 [pid 5989] exit_group(0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5991] <... futex resumed>) = ? [pid 5989] <... exit_group resumed>) = ? [pid 5088] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 5994 [pid 5994] set_robust_list(0x555580b0d6a0, 24 [pid 5993] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5992] symlink("/dev/binderfs", "./binderfs" [pid 5991] +++ exited with 0 +++ [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5994] <... set_robust_list resumed>) = 0 [pid 5989] +++ exited with 0 +++ [pid 5088] newfstatat(AT_FDCWD, "./88/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./88/binderfs" [pid 5994] chdir("./89" [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5989, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5088] <... unlink resumed>) = 0 [pid 5994] <... chdir resumed>) = 0 [pid 5993] <... openat resumed>) = 3 [pid 5992] <... symlink resumed>) = 0 [pid 5088] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5994] prctl(PR_SET_PDEATHSIG, SIGKILL executing program [pid 5993] write(3, "1000", 4 [pid 5992] write(1, "executing program\n", 18 [pid 5088] <... umount2 resumed>) = 0 [pid 5994] <... prctl resumed>) = 0 [pid 5993] <... write resumed>) = 4 [pid 5992] <... write resumed>) = 18 [pid 5088] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5993] close(3 [pid 5994] setpgid(0, 0 [pid 5993] <... close resumed>) = 0 [pid 5992] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] umount2("./88", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] newfstatat(AT_FDCWD, "./88/file0", [pid 5994] <... setpgid resumed>) = 0 [pid 5993] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5994] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program [pid 5993] <... symlink resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./88", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5992] <... futex resumed>) = 0 [pid 5994] <... openat resumed>) = 3 [pid 5089] <... openat resumed>) = 3 [pid 5992] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5993] write(1, "executing program\n", 18 [pid 5994] write(3, "1000", 4 [pid 5993] <... write resumed>) = 18 [pid 5992] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] newfstatat(3, "", [pid 5088] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5994] <... write resumed>) = 4 [pid 5992] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5994] close(3 [pid 5992] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] getdents64(3, [pid 5088] newfstatat(4, "", [pid 5994] <... close resumed>) = 0 [pid 5993] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5992] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5994] symlink("/dev/binderfs", "./binderfs" [pid 5992] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] getdents64(4, [pid 5994] <... symlink resumed>) = 0 [pid 5993] <... futex resumed>) = 0 [pid 5992] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] umount2("./88/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5993] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] getdents64(4, executing program [pid 5994] write(1, "executing program\n", 18 [pid 5993] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5992] <... mprotect resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5994] <... write resumed>) = 18 [pid 5993] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] close(4 [pid 5994] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5993] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5992] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] newfstatat(AT_FDCWD, "./88/binderfs", [pid 5088] <... close resumed>) = 0 [pid 5994] <... futex resumed>) = 0 [pid 5088] rmdir("./88/file0" [pid 5994] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] <... rmdir resumed>) = 0 [pid 5994] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5994] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5993] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5992] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] getdents64(3, [pid 5994] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5993] <... mmap resumed>) = 0x7f1dfa693000 [pid 5992] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] unlink("./88/binderfs" [pid 5994] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5993] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5995 attached [pid 5994] <... mmap resumed>) = 0x7f1dfa693000 [pid 5992] <... clone3 resumed> => {parent_tid=[5995]}, 88) = 5995 [pid 5089] <... unlink resumed>) = 0 [pid 5088] close(3 [pid 5995] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5994] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5993] <... mprotect resumed>) = 0 [pid 5992] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... close resumed>) = 0 [pid 5995] <... rseq resumed>) = 0 [pid 5994] <... mprotect resumed>) = 0 [pid 5992] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] rmdir("./88" [pid 5995] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5993] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5992] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5995] <... set_robust_list resumed>) = 0 [pid 5994] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... rmdir resumed>) = 0 [pid 5992] <... futex resumed>) = 0 [pid 5995] rt_sigprocmask(SIG_SETMASK, [], [pid 5994] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5992] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5995] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5994] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5993] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] mkdir("./89", 0777 [pid 5995] memfd_create("syzkaller", 0 [pid 5993] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5997 attached ./strace-static-x86_64: Process 5996 attached [pid 5995] <... memfd_create resumed>) = 3 [pid 5994] <... clone3 resumed> => {parent_tid=[5996]}, 88) = 5996 [pid 5089] <... umount2 resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5997] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5996] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5995] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5994] rt_sigprocmask(SIG_SETMASK, [], [pid 5993] <... clone3 resumed> => {parent_tid=[5997]}, 88) = 5997 [pid 5089] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... openat resumed>) = 3 [pid 5997] <... rseq resumed>) = 0 [pid 5996] <... rseq resumed>) = 0 [pid 5995] <... mmap resumed>) = 0x7f1df2200000 [pid 5994] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5993] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5997] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5996] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5994] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5993] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] newfstatat(AT_FDCWD, "./88/file0", [pid 5997] <... set_robust_list resumed>) = 0 [pid 5996] <... set_robust_list resumed>) = 0 [pid 5994] <... futex resumed>) = 0 [pid 5993] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5997] rt_sigprocmask(SIG_SETMASK, [], [pid 5996] rt_sigprocmask(SIG_SETMASK, [], [pid 5994] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5993] <... futex resumed>) = 0 [pid 5089] umount2("./88/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5997] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5996] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5993] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5997] memfd_create("syzkaller", 0 [pid 5089] openat(AT_FDCWD, "./88/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5997] <... memfd_create resumed>) = 3 [pid 5996] memfd_create("syzkaller", 0 [pid 5089] newfstatat(4, "", [pid 5997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5997] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4 [pid 5996] <... memfd_create resumed>) = 3 [pid 5995] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... close resumed>) = 0 [pid 5996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5089] rmdir("./88/file0") = 0 [pid 5997] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./88") = 0 [pid 5995] <... write resumed>) = 2097152 [pid 5997] <... write resumed>) = 2097152 [pid 5089] mkdir("./89", 0777 [pid 5995] munmap(0x7f1df2200000, 138412032) = 0 [pid 5997] munmap(0x7f1df2200000, 138412032 [pid 5995] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... mkdir resumed>) = 0 [pid 5995] <... openat resumed>) = 4 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5995] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... openat resumed>) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] <... ioctl resumed>) = 0 [pid 5088] close(3 [pid 5997] <... munmap resumed>) = 0 [pid 5996] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5995] <... ioctl resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5997] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5995] close(3) = 0 [pid 5995] close(4) = 0 [pid 5995] mkdir("./file0", 0777 [pid 5997] <... openat resumed>) = 4 [pid 5995] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5998 attached [pid 5997] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 5998 [pid 5995] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5998] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5998] chdir("./89") = 0 [pid 5998] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5997] <... ioctl resumed>) = 0 [pid 5998] setpgid(0, 0 [pid 5997] close(3 [pid 5998] <... setpgid resumed>) = 0 [pid 5997] <... close resumed>) = 0 [pid 5998] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5997] close(4) = 0 [ 148.259731][ T5995] loop2: detected capacity change from 0 to 4096 [ 148.290525][ T5997] loop0: detected capacity change from 0 to 4096 [ 148.292276][ T5995] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5997] mkdir("./file0", 0777 [pid 5998] <... openat resumed>) = 3 [pid 5997] <... mkdir resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5997] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5998] write(3, "1000", 4) = 4 [pid 5998] close(3 [pid 5089] close(3 [pid 5998] <... close resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5998] symlink("/dev/binderfs", "./binderfs" [pid 5996] <... write resumed>) = 2097152 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 5998] <... symlink resumed>) = 0 [pid 5998] write(1, "executing program\n", 18./strace-static-x86_64: Process 5999 attached ) = 18 [ 148.342993][ T5997] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5996] munmap(0x7f1df2200000, 138412032 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 5999 [pid 5998] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5995] <... mount resumed>) = 0 [pid 5999] set_robust_list(0x555580b0d6a0, 24 [pid 5998] <... futex resumed>) = 0 [pid 5999] <... set_robust_list resumed>) = 0 [pid 5998] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5999] chdir("./89" [pid 5998] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5999] <... chdir resumed>) = 0 [pid 5998] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5999] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5998] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5999] <... prctl resumed>) = 0 [pid 5999] setpgid(0, 0 [pid 5998] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5999] <... setpgid resumed>) = 0 [pid 5998] <... mmap resumed>) = 0x7f1dfa693000 [pid 5995] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5998] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5995] <... openat resumed>) = 3 [pid 5998] <... mprotect resumed>) = 0 [pid 5995] chdir("./file0" [pid 5999] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5998] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5995] <... chdir resumed>) = 0 [pid 5998] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5995] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5999] <... openat resumed>) = 3 [pid 5998] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5995] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5995] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6000 attached [pid 5998] <... clone3 resumed> => {parent_tid=[6000]}, 88) = 6000 [pid 5995] <... futex resumed>) = 1 [pid 5992] <... futex resumed>) = 0 [pid 6000] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5998] rt_sigprocmask(SIG_SETMASK, [], [pid 5995] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5992] exit_group(0 [pid 6000] <... rseq resumed>) = 0 [pid 5998] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5996] <... munmap resumed>) = 0 [pid 5995] <... futex resumed>) = ? [pid 5992] <... exit_group resumed>) = ? [pid 5999] write(3, "1000", 4 [pid 6000] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5999] <... write resumed>) = 4 [pid 5998] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5996] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5995] +++ exited with 0 +++ [pid 5992] +++ exited with 0 +++ [pid 6000] <... set_robust_list resumed>) = 0 [pid 5999] close(3 [pid 5998] <... futex resumed>) = 0 [pid 5996] <... openat resumed>) = 4 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5992, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6000] rt_sigprocmask(SIG_SETMASK, [], [pid 5999] <... close resumed>) = 0 [pid 5998] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5996] ioctl(4, LOOP_SET_FD, 3 [pid 6000] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5999] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5087] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 148.384609][ T5995] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5087] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORYexecuting program ) = 3 [pid 5999] write(1, "executing program\n", 18 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, [pid 6000] memfd_create("syzkaller", 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./89/binderfs" [pid 6000] <... memfd_create resumed>) = 3 [pid 5087] <... unlink resumed>) = 0 [pid 5087] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6000] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5999] <... write resumed>) = 18 [pid 5087] <... umount2 resumed>) = 0 [pid 6000] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5999] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5999] <... futex resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./89/file0", [pid 5999] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5999] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5999] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5999] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5999] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5999] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] <... openat resumed>) = 4 [pid 5999] <... mprotect resumed>) = 0 [pid 5087] newfstatat(4, "", [pid 5999] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5999] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5999] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] getdents64(4, ./strace-static-x86_64: Process 6001 attached [pid 5999] <... clone3 resumed> => {parent_tid=[6001]}, 88) = 6001 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6001] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5999] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] getdents64(4, [pid 6001] <... rseq resumed>) = 0 [pid 5999] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5996] <... ioctl resumed>) = 0 [pid 6001] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5999] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6001] <... set_robust_list resumed>) = 0 [pid 5999] <... futex resumed>) = 0 [pid 5996] close(3 [pid 6001] rt_sigprocmask(SIG_SETMASK, [], [pid 5999] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5996] <... close resumed>) = 0 [pid 5087] close(4 [pid 6001] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5996] close(4 [pid 5087] <... close resumed>) = 0 [pid 6001] memfd_create("syzkaller", 0 [pid 5996] <... close resumed>) = 0 [pid 5087] rmdir("./89/file0") = 0 [pid 5087] getdents64(3, [pid 6001] <... memfd_create resumed>) = 3 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6001] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] close(3 [pid 6001] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./89" [pid 5996] mkdir("./file0", 0777 [pid 5087] <... rmdir resumed>) = 0 [ 148.436172][ T5996] loop1: detected capacity change from 0 to 4096 [pid 5996] <... mkdir resumed>) = 0 [pid 5997] <... mount resumed>) = 0 [pid 5996] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] mkdir("./90", 0777) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6000] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5997] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5997] <... openat resumed>) = 3 [pid 5997] chdir("./file0") = 0 [pid 5997] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5997] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5997] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5993] <... futex resumed>) = 0 [pid 5993] exit_group(0) = ? [pid 5997] <... futex resumed>) = ? [pid 5997] +++ exited with 0 +++ [pid 5993] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5993, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5085] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./89/binderfs" [ 148.501347][ T5997] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 148.512310][ T5996] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 6001] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6000] <... write resumed>) = 2097152 [pid 5085] <... unlink resumed>) = 0 [pid 5085] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6000] munmap(0x7f1df2200000, 138412032) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5085] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5085] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, [pid 6000] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] close(3 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5996] <... mount resumed>) = 0 [pid 5085] getdents64(4, [pid 6000] <... openat resumed>) = 4 [pid 5996] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... close resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6000] ioctl(4, LOOP_SET_FD, 3 [pid 5996] <... openat resumed>) = 3 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] close(4 [pid 6001] <... write resumed>) = 2097152 [pid 5996] chdir("./file0" [pid 6001] munmap(0x7f1df2200000, 138412032 [pid 5085] <... close resumed>) = 0 [pid 5996] <... chdir resumed>) = 0 [pid 5085] rmdir("./89/file0" [pid 5996] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6001] <... munmap resumed>) = 0 [pid 6000] <... ioctl resumed>) = 0 [pid 5996] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] <... rmdir resumed>) = 0 [pid 5996] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5994] <... futex resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6002 [pid 5085] getdents64(3, [pid 5996] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6001] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6000] close(3 [pid 5994] exit_group(0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6002 attached [pid 6001] <... openat resumed>) = 4 [pid 6000] <... close resumed>) = 0 [pid 5996] <... futex resumed>) = ? [pid 5994] <... exit_group resumed>) = ? [pid 5085] close(3 [pid 6002] set_robust_list(0x555580b0d6a0, 24 [pid 6001] ioctl(4, LOOP_SET_FD, 3 [pid 6000] close(4 [pid 5996] +++ exited with 0 +++ [pid 5085] <... close resumed>) = 0 [pid 6002] <... set_robust_list resumed>) = 0 [pid 6002] chdir("./90" [pid 5085] rmdir("./89" [pid 6002] <... chdir resumed>) = 0 [pid 6002] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6000] <... close resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 6002] <... prctl resumed>) = 0 [pid 5994] +++ exited with 0 +++ [pid 6000] mkdir("./file0", 0777 [pid 5085] mkdir("./90", 0777 [pid 6002] setpgid(0, 0) = 0 [pid 6002] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5994, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5085] <... mkdir resumed>) = 0 [pid 6002] <... openat resumed>) = 3 [pid 6000] <... mkdir resumed>) = 0 [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6000] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... restart_syscall resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [ 148.611188][ T5996] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 148.625832][ T6000] loop3: detected capacity change from 0 to 4096 [ 148.650215][ T6001] loop4: detected capacity change from 0 to 4096 [pid 6002] write(3, "1000", 4executing program [pid 5086] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6002] <... write resumed>) = 4 [pid 6002] close(3) = 0 [pid 6002] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6002] write(1, "executing program\n", 18) = 18 [pid 6002] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6002] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6002] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6002] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6002] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6002] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6002] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6002] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5086] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 6003 attached [pid 6002] <... clone3 resumed> => {parent_tid=[6003]}, 88) = 6003 [pid 5086] newfstatat(3, "", [pid 6003] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6001] <... ioctl resumed>) = 0 [pid 6003] <... rseq resumed>) = 0 [pid 6003] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6002] rt_sigprocmask(SIG_SETMASK, [], [pid 6001] close(3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6003] rt_sigprocmask(SIG_SETMASK, [], [pid 6001] <... close resumed>) = 0 [pid 6003] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6002] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6001] close(4 [pid 5086] getdents64(3, [pid 6003] memfd_create("syzkaller", 0 [pid 6002] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6001] <... close resumed>) = 0 [pid 6002] <... futex resumed>) = 0 [pid 6001] mkdir("./file0", 0777 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6003] <... memfd_create resumed>) = 3 [pid 6002] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6001] <... mkdir resumed>) = 0 [pid 5086] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6003] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6001] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6003] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./89/binderfs") = 0 [ 148.669579][ T6000] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 148.704538][ T6001] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5086] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5086] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] close(3 [pid 5086] newfstatat(AT_FDCWD, "./89/file0", [pid 5085] <... close resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6004 attached [pid 6004] set_robust_list(0x555580b0d6a0, 24 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6004 [pid 6004] <... set_robust_list resumed>) = 0 [pid 6004] chdir("./90" [pid 5086] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6003] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] newfstatat(4, "", [pid 6004] <... chdir resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6004] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6004] <... prctl resumed>) = 0 [pid 6004] setpgid(0, 0 [pid 5086] getdents64(4, [pid 6004] <... setpgid resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4 [pid 6004] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./89/file0") = 0 [pid 5086] getdents64(3, [pid 6004] <... openat resumed>) = 3 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6004] write(3, "1000", 4 [pid 5086] close(3 [pid 6004] <... write resumed>) = 4 [pid 5086] <... close resumed>) = 0 [pid 6004] close(3 [pid 5086] rmdir("./89" [pid 6004] <... close resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 6004] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6004] write(1, "executing program\n", 18 [pid 5086] mkdir("./90", 0777 [pid 6004] <... write resumed>) = 18 [pid 6004] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... mkdir resumed>) = 0 [pid 6004] <... futex resumed>) = 0 [pid 6004] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6004] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6000] <... mount resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6004] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6000] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... openat resumed>) = 3 [pid 6004] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6000] <... openat resumed>) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6004] <... mmap resumed>) = 0x7f1dfa693000 [pid 6003] <... write resumed>) = 2097152 [pid 6000] chdir("./file0" [pid 6004] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6003] munmap(0x7f1df2200000, 138412032 [pid 6000] <... chdir resumed>) = 0 [pid 6004] <... mprotect resumed>) = 0 [pid 6003] <... munmap resumed>) = 0 [pid 6000] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6004] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6000] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6004] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6000] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6004] <... clone3 resumed> => {parent_tid=[6005]}, 88) = 6005 [pid 6000] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6004] rt_sigprocmask(SIG_SETMASK, [], [pid 5998] <... futex resumed>) = 0 [pid 6004] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5998] exit_group(0 [pid 6004] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6000] <... futex resumed>) = ? [pid 5998] <... exit_group resumed>) = ? [pid 6004] <... futex resumed>) = 0 [pid 6000] +++ exited with 0 +++ [pid 6004] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5998] +++ exited with 0 +++ [pid 6003] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 6005 attached [pid 6001] <... mount resumed>) = 0 [pid 6005] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5998, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6005] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5088] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6005] <... set_robust_list resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6005] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6005] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6003] <... openat resumed>) = 4 [ 148.812487][ T6000] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 148.846577][ T6001] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6001] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6003] ioctl(4, LOOP_SET_FD, 3 [pid 6001] <... openat resumed>) = 3 [pid 6005] memfd_create("syzkaller", 0 [pid 6001] chdir("./file0" [pid 5088] <... openat resumed>) = 3 [pid 6005] <... memfd_create resumed>) = 3 [pid 5088] newfstatat(3, "", [pid 6005] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6005] <... mmap resumed>) = 0x7f1df2200000 [pid 6003] <... ioctl resumed>) = 0 [pid 6001] <... chdir resumed>) = 0 [pid 5088] getdents64(3, [pid 6003] close(3 [pid 6001] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6003] <... close resumed>) = 0 [pid 6001] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6003] close(4 [pid 6001] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6001] <... futex resumed>) = 1 [pid 5088] newfstatat(AT_FDCWD, "./89/binderfs", [pid 6001] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6003] <... close resumed>) = 0 [pid 5999] <... futex resumed>) = 0 [pid 6003] mkdir("./file0", 0777 [pid 5999] exit_group(0 [pid 5088] unlink("./89/binderfs" [pid 6001] <... futex resumed>) = ? [pid 5999] <... exit_group resumed>) = ? [pid 5088] <... unlink resumed>) = 0 [pid 6001] +++ exited with 0 +++ [pid 6003] <... mkdir resumed>) = 0 [pid 5999] +++ exited with 0 +++ [pid 5088] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5999, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5089] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 148.876136][ T6003] loop2: detected capacity change from 0 to 4096 [pid 6003] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] umount2("./89", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./89", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./89/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./89/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./89/binderfs") = 0 [pid 5089] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... umount2 resumed>) = 0 [pid 5088] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./89/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./89/file0") = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./89") = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5088] mkdir("./90", 0777 [pid 5089] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... mkdir resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./89/file0", [pid 5086] close(3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./89/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6006 attached [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] openat(AT_FDCWD, "./89/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", [pid 5088] <... openat resumed>) = 3 [pid 6006] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6006 [pid 6006] chdir("./90" [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6006] <... chdir resumed>) = 0 [pid 5089] getdents64(4, [pid 6006] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6006] setpgid(0, 0) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 6005] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 148.921192][ T6003] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5089] rmdir("./89/file0" [pid 6006] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... rmdir resumed>) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6006] <... openat resumed>) = 3 [pid 5089] close(3 [pid 6006] write(3, "1000", 4 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./89" [pid 6006] <... write resumed>) = 4 [pid 6006] close(3) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 6006] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5089] mkdir("./90", 0777 [pid 6006] write(1, "executing program\n", 18executing program ) = 18 [pid 6006] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... mkdir resumed>) = 0 [pid 6006] <... futex resumed>) = 0 [pid 6006] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6006] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6006] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6006] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6003] <... mount resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6006] <... mprotect resumed>) = 0 [pid 6006] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6006] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6007]}, 88) = 6007 ./strace-static-x86_64: Process 6007 attached [pid 6006] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... openat resumed>) = 3 [pid 6006] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6006] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6006] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6007] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6005] <... write resumed>) = 2097152 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6007] <... rseq resumed>) = 0 [pid 6003] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6007] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6003] <... openat resumed>) = 3 [pid 6007] rt_sigprocmask(SIG_SETMASK, [], [pid 6003] chdir("./file0" [pid 6007] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6003] <... chdir resumed>) = 0 [pid 6003] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6003] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6005] munmap(0x7f1df2200000, 138412032 [pid 6002] <... futex resumed>) = 0 [pid 6003] <... futex resumed>) = 1 [pid 6002] exit_group(0 [pid 6007] memfd_create("syzkaller", 0 [pid 6002] <... exit_group resumed>) = ? [pid 6005] <... munmap resumed>) = 0 [pid 6007] <... memfd_create resumed>) = 3 [pid 6003] +++ exited with 0 +++ [pid 6002] +++ exited with 0 +++ [pid 5088] <... ioctl resumed>) = 0 [pid 6005] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6007] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6005] <... openat resumed>) = 4 [pid 5088] close(3 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6002, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [ 149.012254][ T6003] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6007] <... mmap resumed>) = 0x7f1df2200000 [pid 6005] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] newfstatat(3, "", ./strace-static-x86_64: Process 6008 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6005] <... ioctl resumed>) = 0 [pid 6005] close(3) = 0 [pid 6005] close(4) = 0 [pid 5087] getdents64(3, [pid 6005] mkdir("./file0", 0777) = 0 [pid 6005] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6008 [pid 5087] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6008] set_robust_list(0x555580b0d6a0, 24 [pid 5087] newfstatat(AT_FDCWD, "./90/binderfs", [pid 6008] <... set_robust_list resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6008] chdir("./90" [pid 5087] unlink("./90/binderfs") = 0 [pid 6008] <... chdir resumed>) = 0 [pid 5087] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6008] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6008] setpgid(0, 0) = 0 [pid 6008] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] <... umount2 resumed>) = 0 [pid 6008] <... openat resumed>) = 3 [pid 5089] <... ioctl resumed>) = 0 [ 149.066014][ T6005] loop0: detected capacity change from 0 to 4096 [ 149.103752][ T6005] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5087] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6008] write(3, "1000", 4 [pid 6007] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] close(3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6008] <... write resumed>) = 4 [pid 6008] close(3 [pid 5089] <... close resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./90/file0", [pid 6008] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6008] symlink("/dev/binderfs", "./binderfs" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 executing program ./strace-static-x86_64: Process 6009 attached [pid 6008] <... symlink resumed>) = 0 [pid 5087] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6008] write(1, "executing program\n", 18 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6009] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6009 [pid 6008] <... write resumed>) = 18 [pid 5087] newfstatat(4, "", [pid 6009] <... set_robust_list resumed>) = 0 [pid 6008] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6009] chdir("./90" [pid 6008] <... futex resumed>) = 0 [pid 5087] getdents64(4, [pid 6009] <... chdir resumed>) = 0 [pid 6008] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6009] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6008] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6009] <... prctl resumed>) = 0 [pid 6008] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6009] setpgid(0, 0 [pid 6008] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] close(4 [pid 6009] <... setpgid resumed>) = 0 [pid 6008] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] <... close resumed>) = 0 [pid 6009] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6008] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] rmdir("./90/file0" [pid 6009] <... openat resumed>) = 3 [pid 6008] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] <... rmdir resumed>) = 0 [pid 6007] <... write resumed>) = 2097152 [pid 6008] <... mprotect resumed>) = 0 [pid 6009] write(3, "1000", 4 [pid 6008] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6007] munmap(0x7f1df2200000, 138412032 [pid 6005] <... mount resumed>) = 0 [pid 5087] getdents64(3, [pid 6009] <... write resumed>) = 4 [pid 6008] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 6009] close(3 [pid 5087] rmdir("./90") = 0 [pid 6008] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] mkdir("./91", 0777) = 0 [pid 6009] <... close resumed>) = 0 [pid 6008] <... clone3 resumed> => {parent_tid=[6010]}, 88) = 6010 [pid 6009] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 6010 attached [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWRexecuting program [pid 6010] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6009] <... symlink resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 6010] <... rseq resumed>) = 0 [pid 6008] rt_sigprocmask(SIG_SETMASK, [], [pid 6007] <... munmap resumed>) = 0 [pid 6010] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6009] write(1, "executing program\n", 18 [pid 6008] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6007] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6010] <... set_robust_list resumed>) = 0 [pid 6009] <... write resumed>) = 18 [pid 6008] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6007] <... openat resumed>) = 4 [pid 6010] rt_sigprocmask(SIG_SETMASK, [], [pid 6009] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6008] <... futex resumed>) = 0 [pid 6007] ioctl(4, LOOP_SET_FD, 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6010] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6009] <... futex resumed>) = 0 [pid 6008] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6010] memfd_create("syzkaller", 0 [pid 6005] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6010] <... memfd_create resumed>) = 3 [pid 6005] <... openat resumed>) = 3 [pid 6010] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6009] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6007] <... ioctl resumed>) = 0 [pid 6005] chdir("./file0" [pid 6010] <... mmap resumed>) = 0x7f1df2200000 [pid 6009] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6007] close(3 [pid 6005] <... chdir resumed>) = 0 [pid 6009] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6007] <... close resumed>) = 0 [pid 6007] close(4 [pid 6009] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6005] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6007] <... close resumed>) = 0 [pid 6009] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6007] mkdir("./file0", 0777 [pid 6005] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6009] <... mmap resumed>) = 0x7f1dfa693000 [pid 6007] <... mkdir resumed>) = 0 [ 149.212473][ T6005] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 149.243011][ T6007] loop1: detected capacity change from 0 to 4096 [pid 6009] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6007] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6005] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6009] <... mprotect resumed>) = 0 [pid 6005] <... futex resumed>) = 1 [pid 6004] <... futex resumed>) = 0 [pid 6004] exit_group(0) = ? [pid 6009] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... ioctl resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6009] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6010] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6009] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6005] +++ exited with 0 +++ [pid 6004] +++ exited with 0 +++ ./strace-static-x86_64: Process 6011 attached [pid 6011] set_robust_list(0x555580b0d6a0, 24 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6004, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6011 [pid 5085] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6012 attached ) = -1 EINVAL (Invalid argument) [pid 6012] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5085] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6012] <... rseq resumed>) = 0 [pid 6009] <... clone3 resumed> => {parent_tid=[6012]}, 88) = 6012 [pid 6012] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6011] <... set_robust_list resumed>) = 0 [pid 6009] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] <... openat resumed>) = 3 [pid 6012] <... set_robust_list resumed>) = 0 [pid 6009] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] newfstatat(3, "", [pid 6012] rt_sigprocmask(SIG_SETMASK, [], [pid 6009] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6012] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6009] <... futex resumed>) = 0 [pid 6011] chdir("./91" [pid 6009] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5085] getdents64(3, [pid 6012] memfd_create("syzkaller", 0 [pid 6011] <... chdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6011] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6011] setpgid(0, 0 [pid 5085] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6012] <... memfd_create resumed>) = 3 [pid 6011] <... setpgid resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6011] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] newfstatat(AT_FDCWD, "./90/binderfs", [pid 6012] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6011] <... openat resumed>) = 3 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6012] <... mmap resumed>) = 0x7f1df2200000 [pid 6011] write(3, "1000", 4 [pid 5085] unlink("./90/binderfs" [pid 6011] <... write resumed>) = 4 [ 149.301071][ T6007] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 6011] close(3 [pid 5085] <... unlink resumed>) = 0 [pid 6011] <... close resumed>) = 0 [pid 6011] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5085] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6011] write(1, "executing program\n", 18) = 18 [pid 6011] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6011] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6011] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6011] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6010] <... write resumed>) = 2097152 [pid 6011] <... mmap resumed>) = 0x7f1dfa693000 [pid 6011] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6011] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6011] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6010] munmap(0x7f1df2200000, 138412032./strace-static-x86_64: Process 6013 attached [pid 6011] <... clone3 resumed> => {parent_tid=[6013]}, 88) = 6013 [pid 6013] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6013] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6011] rt_sigprocmask(SIG_SETMASK, [], [pid 6013] <... set_robust_list resumed>) = 0 [pid 6011] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6013] rt_sigprocmask(SIG_SETMASK, [], [pid 6011] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6013] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6011] <... futex resumed>) = 0 [pid 6013] memfd_create("syzkaller", 0 [pid 6011] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5085] <... umount2 resumed>) = 0 [pid 6013] <... memfd_create resumed>) = 3 [pid 6013] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6010] <... munmap resumed>) = 0 [pid 6007] <... mount resumed>) = 0 [pid 5085] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6010] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6007] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6010] <... openat resumed>) = 4 [pid 6007] <... openat resumed>) = 3 [pid 5085] newfstatat(AT_FDCWD, "./90/file0", [pid 6012] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6010] ioctl(4, LOOP_SET_FD, 3 [pid 6007] chdir("./file0" [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6007] <... chdir resumed>) = 0 [pid 5085] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6007] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6007] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6007] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6007] <... futex resumed>) = 1 [pid 6006] <... futex resumed>) = 0 [pid 6007] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6006] exit_group(0 [pid 6007] <... futex resumed>) = ? [pid 6006] <... exit_group resumed>) = ? [pid 6007] +++ exited with 0 +++ [pid 6006] +++ exited with 0 +++ [pid 5085] getdents64(4, [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6006, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 6010] <... ioctl resumed>) = 0 [pid 5086] <... restart_syscall resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6010] close(3 [pid 5085] close(4 [pid 6010] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 6010] close(4 [pid 5086] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] rmdir("./90/file0" [pid 6010] <... close resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6010] mkdir("./file0", 0777 [pid 5086] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... rmdir resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5085] getdents64(3, [pid 6010] <... mkdir resumed>) = 0 [pid 5086] newfstatat(3, "", [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6012] <... write resumed>) = 2097152 [pid 6010] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6012] munmap(0x7f1df2200000, 138412032 [ 149.405538][ T6007] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 149.427418][ T6010] loop3: detected capacity change from 0 to 4096 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] close(3) = 0 [pid 6013] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] getdents64(3, [pid 5085] rmdir("./90" [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6012] <... munmap resumed>) = 0 [pid 5086] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... rmdir resumed>) = 0 [pid 6012] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5085] mkdir("./91", 0777 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6012] <... openat resumed>) = 4 [pid 5086] newfstatat(AT_FDCWD, "./90/binderfs", [pid 6012] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 6012] <... ioctl resumed>) = 0 [pid 5086] unlink("./90/binderfs" [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] <... unlink resumed>) = 0 [pid 5086] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6012] close(3 [pid 5086] <... umount2 resumed>) = 0 [pid 5086] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./90/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6012] <... close resumed>) = 0 [pid 5086] <... openat resumed>) = 4 [pid 6012] close(4 [pid 5086] newfstatat(4, "", [pid 6012] <... close resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6012] mkdir("./file0", 0777 [pid 5086] getdents64(4, [pid 6012] <... mkdir resumed>) = 0 [pid 6012] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./90/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [ 149.496556][ T6010] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 149.511895][ T6012] loop4: detected capacity change from 0 to 4096 [pid 5086] close(3) = 0 [pid 5086] rmdir("./90") = 0 [pid 5086] mkdir("./91", 0777) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6013] <... write resumed>) = 2097152 [pid 5085] <... ioctl resumed>) = 0 [pid 6013] munmap(0x7f1df2200000, 138412032) = 0 [ 149.554274][ T6012] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5085] close(3) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 6014 ./strace-static-x86_64: Process 6014 attached [pid 6014] set_robust_list(0x555580b0d6a0, 24 [pid 6013] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6014] <... set_robust_list resumed>) = 0 [pid 6013] <... openat resumed>) = 4 [pid 6013] ioctl(4, LOOP_SET_FD, 3 [pid 6014] chdir("./91" [pid 5086] <... ioctl resumed>) = 0 [pid 6014] <... chdir resumed>) = 0 [pid 6010] <... mount resumed>) = 0 [pid 6014] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6013] <... ioctl resumed>) = 0 [pid 6014] setpgid(0, 0 [pid 6013] close(3 [pid 6010] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6014] <... setpgid resumed>) = 0 [pid 6013] <... close resumed>) = 0 [pid 6013] close(4 [pid 6014] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6013] <... close resumed>) = 0 [pid 6010] <... openat resumed>) = 3 [pid 6013] mkdir("./file0", 0777) = 0 [pid 5086] close(3 [pid 6014] <... openat resumed>) = 3 [pid 6010] chdir("./file0" [pid 6013] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6010] <... chdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6014] write(3, "1000", 4 [pid 6010] openat(AT_FDCWD, "/dev/loop3", O_RDWR [ 149.632632][ T6013] loop2: detected capacity change from 0 to 4096 [ 149.653194][ T6010] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 6014] <... write resumed>) = 4 [pid 6010] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6010] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6014] close(3 [pid 6010] <... futex resumed>) = 1 [pid 6008] <... futex resumed>) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6015 [pid 6014] <... close resumed>) = 0 [pid 6010] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6008] exit_group(0) = ? [pid 6014] symlink("/dev/binderfs", "./binderfs" [pid 6010] <... futex resumed>) = ? ./strace-static-x86_64: Process 6015 attached [pid 6015] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6015] chdir("./91" [pid 6014] <... symlink resumed>) = 0 [pid 6010] +++ exited with 0 +++ [pid 6008] +++ exited with 0 +++ [pid 6015] <... chdir resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6008, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 6014] write(1, "executing program\n", 18executing program [pid 6015] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6014] <... write resumed>) = 18 [pid 6015] setpgid(0, 0 [pid 6014] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6015] <... setpgid resumed>) = 0 [pid 6014] <... futex resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6015] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6014] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6015] <... openat resumed>) = 3 [pid 6014] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] <... openat resumed>) = 3 [pid 6015] write(3, "1000", 4 [pid 6014] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] newfstatat(3, "", [pid 6015] <... write resumed>) = 4 [pid 6014] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6015] close(3 [pid 6014] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] getdents64(3, [pid 6015] <... close resumed>) = 0 [ 149.682052][ T6013] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 6014] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6015] symlink("/dev/binderfs", "./binderfs" [pid 5088] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6014] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6015] <... symlink resumed>) = 0 [pid 6014] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] newfstatat(AT_FDCWD, "./90/binderfs", [pid 6014] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6014] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}executing program [pid 5088] unlink("./90/binderfs" [pid 6014] <... clone3 resumed> => {parent_tid=[6016]}, 88) = 6016 [pid 5088] <... unlink resumed>) = 0 [pid 6015] write(1, "executing program\n", 18 [pid 6014] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6016 attached [pid 6015] <... write resumed>) = 18 [pid 6014] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6016] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6015] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6014] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6016] <... rseq resumed>) = 0 [pid 6015] <... futex resumed>) = 0 [pid 6014] <... futex resumed>) = 0 [pid 6016] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6015] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6014] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6016] <... set_robust_list resumed>) = 0 [pid 6015] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6016] rt_sigprocmask(SIG_SETMASK, [], [pid 6015] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6016] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6015] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6015] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6016] memfd_create("syzkaller", 0 [pid 6015] <... mmap resumed>) = 0x7f1dfa693000 [pid 6012] <... mount resumed>) = 0 [pid 6015] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6012] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... umount2 resumed>) = 0 [pid 6016] <... memfd_create resumed>) = 3 [pid 6015] <... mprotect resumed>) = 0 [pid 6012] <... openat resumed>) = 3 [pid 5088] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6016] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6015] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6016] <... mmap resumed>) = 0x7f1df2200000 [pid 6015] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6012] chdir("./file0" [pid 5088] newfstatat(AT_FDCWD, "./90/file0", [pid 6012] <... chdir resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6017 attached [pid 5088] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6017] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6012] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6017] <... rseq resumed>) = 0 [pid 6015] <... clone3 resumed> => {parent_tid=[6017]}, 88) = 6017 [pid 6012] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6017] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6015] rt_sigprocmask(SIG_SETMASK, [], [pid 6017] <... set_robust_list resumed>) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5088] newfstatat(4, "", [pid 6017] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6017] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] getdents64(4, [pid 6017] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6012] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6015] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6015] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6012] <... futex resumed>) = 1 [pid 5088] getdents64(4, [pid 6017] <... futex resumed>) = 0 [pid 6015] <... futex resumed>) = 1 [pid 6012] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6017] memfd_create("syzkaller", 0 [pid 6009] <... futex resumed>) = 0 [pid 6017] <... memfd_create resumed>) = 3 [ 149.724453][ T6012] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6015] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] close(4 [pid 6009] exit_group(0 [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./90/file0" [pid 6017] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5088] <... rmdir resumed>) = 0 [pid 5088] getdents64(3, [pid 6012] <... futex resumed>) = ? [pid 6009] <... exit_group resumed>) = ? [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6012] +++ exited with 0 +++ [pid 5088] close(3) = 0 [pid 5088] rmdir("./90") = 0 [pid 5088] mkdir("./91", 0777 [pid 6009] +++ exited with 0 +++ [pid 5088] <... mkdir resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6009, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] umount2("./90", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] <... openat resumed>) = 3 [pid 5089] openat(AT_FDCWD, "./90", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6016] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6013] <... mount resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 6013] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 6013] <... openat resumed>) = 3 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./90/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6013] chdir("./file0" [pid 5089] newfstatat(AT_FDCWD, "./90/binderfs", [pid 6013] <... chdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./90/binderfs") = 0 [pid 5089] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6013] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [ 149.805373][ T6013] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6013] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6017] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6013] <... futex resumed>) = 1 [pid 6011] <... futex resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 6013] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6011] exit_group(0 [pid 6016] <... write resumed>) = 2097152 [pid 6013] <... futex resumed>) = ? [pid 6011] <... exit_group resumed>) = ? [pid 5088] <... ioctl resumed>) = 0 [pid 6013] +++ exited with 0 +++ [pid 6011] +++ exited with 0 +++ [pid 5089] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./90/file0", [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6011, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./90/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6016] munmap(0x7f1df2200000, 138412032 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] close(3 [pid 5087] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] openat(AT_FDCWD, "./90/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] newfstatat(3, "", [pid 5088] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] newfstatat(4, "", [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6018 attached [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6018 [pid 5089] getdents64(4, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./91/binderfs", [pid 6018] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6018] <... set_robust_list resumed>) = 0 [pid 5089] getdents64(4, [pid 5087] unlink("./91/binderfs" [pid 6018] chdir("./91" [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5089] close(4 [pid 5087] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6016] <... munmap resumed>) = 0 [pid 6018] <... chdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./90/file0" [pid 6018] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 6018] setpgid(0, 0) = 0 [pid 5089] getdents64(3, [pid 6016] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6018] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6016] <... openat resumed>) = 4 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5087] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6018] <... openat resumed>) = 3 [pid 6017] <... write resumed>) = 2097152 [pid 6016] ioctl(4, LOOP_SET_FD, 3 [pid 5089] close(3 [pid 6018] write(3, "1000", 4 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./90" [pid 5087] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6017] munmap(0x7f1df2200000, 138412032 [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, [pid 6018] <... write resumed>) = 4 [pid 5089] <... rmdir resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, [pid 6018] close(3 [pid 6017] <... munmap resumed>) = 0 [pid 6016] <... ioctl resumed>) = 0 [pid 5089] mkdir("./91", 0777 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6018] <... close resumed>) = 0 [pid 6017] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6016] close(3 [pid 5089] <... mkdir resumed>) = 0 [pid 5087] close(4 [pid 6018] symlink("/dev/binderfs", "./binderfs" [pid 6016] <... close resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... close resumed>) = 0 [pid 6018] <... symlink resumed>) = 0 [pid 6017] <... openat resumed>) = 4 [pid 6016] close(4 [pid 5089] <... openat resumed>) = 3 [pid 6018] write(1, "executing program\n", 18 [pid 6017] ioctl(4, LOOP_SET_FD, 3 [pid 6016] <... close resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5087] rmdir("./91/file0" [pid 6017] <... ioctl resumed>) = 0 [pid 6016] mkdir("./file0", 0777executing program [pid 6018] <... write resumed>) = 18 [pid 6016] <... mkdir resumed>) = 0 [pid 6016] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6018] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... rmdir resumed>) = 0 [pid 6017] close(3 [pid 6018] <... futex resumed>) = 0 [pid 5087] getdents64(3, [pid 6018] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6018] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6018] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] close(3 [pid 6018] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6018] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6017] <... close resumed>) = 0 [pid 6017] close(4) = 0 [pid 6018] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... close resumed>) = 0 [pid 6018] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] rmdir("./91" [pid 6017] mkdir("./file0", 0777 [pid 6018] <... mprotect resumed>) = 0 [pid 6017] <... mkdir resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [ 149.936863][ T6016] loop0: detected capacity change from 0 to 4096 [ 149.961621][ T6017] loop1: detected capacity change from 0 to 4096 [ 149.973342][ T6016] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 6017] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6018] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] mkdir("./92", 0777) = 0 [pid 6018] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6018] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6019 attached [pid 6018] <... clone3 resumed> => {parent_tid=[6019]}, 88) = 6019 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6019] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6018] rt_sigprocmask(SIG_SETMASK, [], [pid 6019] <... rseq resumed>) = 0 [pid 6018] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6019] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6018] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6019] <... set_robust_list resumed>) = 0 [pid 6019] rt_sigprocmask(SIG_SETMASK, [], [pid 6018] <... futex resumed>) = 0 [ 149.991372][ T6017] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 6018] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6019] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6019] memfd_create("syzkaller", 0) = 3 [pid 6019] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5087] <... ioctl resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6020 attached [pid 6016] <... mount resumed>) = 0 [pid 5087] close(3 [pid 6020] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6016] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6020 [pid 6020] chdir("./91" [pid 6016] <... openat resumed>) = 3 [pid 5087] <... close resumed>) = 0 [pid 6016] chdir("./file0" [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6020] <... chdir resumed>) = 0 [pid 6016] <... chdir resumed>) = 0 [pid 6020] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6016] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6020] <... prctl resumed>) = 0 [pid 6016] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6020] setpgid(0, 0 [pid 6016] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6020] <... setpgid resumed>) = 0 [pid 6016] <... futex resumed>) = 1 [pid 6014] <... futex resumed>) = 0 [pid 6020] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6016] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6014] exit_group(0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6021 [pid 6014] <... exit_group resumed>) = ? [pid 6016] <... futex resumed>) = ? ./strace-static-x86_64: Process 6021 attached [pid 6020] <... openat resumed>) = 3 [ 150.088363][ T6016] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6019] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6021] set_robust_list(0x555580b0d6a0, 24 [pid 6016] +++ exited with 0 +++ [pid 6014] +++ exited with 0 +++ [pid 6020] write(3, "1000", 4) = 4 [pid 6020] close(3) = 0 [pid 6020] symlink("/dev/binderfs", "./binderfs" [pid 6021] <... set_robust_list resumed>) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6014, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- executing program [pid 6020] <... symlink resumed>) = 0 [pid 6021] chdir("./92") = 0 [pid 6020] write(1, "executing program\n", 18) = 18 [pid 6020] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6020] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6020] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6021] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6020] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6021] <... prctl resumed>) = 0 [pid 6021] setpgid(0, 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6021] <... setpgid resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6021] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6020] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] <... openat resumed>) = 3 [pid 6021] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 6021] write(3, "1000", 4 [pid 6020] <... mmap resumed>) = 0x7f1dfa693000 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6021] <... write resumed>) = 4 [pid 6021] close(3 [pid 6020] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5085] getdents64(3, [pid 6021] <... close resumed>) = 0 [pid 6021] symlink("/dev/binderfs", "./binderfs" [pid 6020] <... mprotect resumed>) = 0 [pid 6020] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6020] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6022 attached [pid 6022] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6020] <... clone3 resumed> => {parent_tid=[6022]}, 88) = 6022 [pid 6020] rt_sigprocmask(SIG_SETMASK, [], [pid 6017] <... mount resumed>) = 0 [pid 6020] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6017] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6020] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6020] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6022] <... rseq resumed>) = 0 [pid 6017] chdir("./file0" [pid 6022] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6017] <... chdir resumed>) = 0 [pid 6022] <... set_robust_list resumed>) = 0 [pid 6017] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6022] rt_sigprocmask(SIG_SETMASK, [], [pid 6017] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6022] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6017] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6022] memfd_create("syzkaller", 0 [pid 6017] <... futex resumed>) = 1 [pid 6015] <... futex resumed>) = 0 [pid 6017] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6015] exit_group(0 [pid 6017] <... futex resumed>) = ? [pid 6015] <... exit_group resumed>) = ? [pid 6022] <... memfd_create resumed>) = 3 [pid 6017] +++ exited with 0 +++ [pid 6022] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6015] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6015, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5086] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6021] <... symlink resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6021] write(1, "executing program\n", 18 [pid 5085] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6021] <... write resumed>) = 18 [pid 5086] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6021] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] newfstatat(AT_FDCWD, "./91/binderfs", [pid 6021] <... futex resumed>) = 0 [pid 6021] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6019] <... write resumed>) = 2097152 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6021] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5086] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 150.164709][ T6017] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6021] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5085] unlink("./91/binderfs" [pid 5086] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6021] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./91/binderfs", [pid 6021] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6019] munmap(0x7f1df2200000, 138412032 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 6021] <... mmap resumed>) = 0x7f1dfa693000 [pid 5086] unlink("./91/binderfs" [pid 6021] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] <... unlink resumed>) = 0 [pid 5086] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6021] <... mprotect resumed>) = 0 [pid 6021] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6021] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6019] <... munmap resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 6021] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6023 attached [pid 6023] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6021] <... clone3 resumed> => {parent_tid=[6023]}, 88) = 6023 [pid 6023] <... rseq resumed>) = 0 [pid 6023] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6021] rt_sigprocmask(SIG_SETMASK, [], [pid 6023] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6023] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6021] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6021] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6023] <... futex resumed>) = 0 [pid 6021] <... futex resumed>) = 1 [pid 6021] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5086] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6019] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... umount2 resumed>) = 0 [pid 5085] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6019] <... openat resumed>) = 4 [pid 5086] newfstatat(AT_FDCWD, "./91/file0", [pid 6019] ioctl(4, LOOP_SET_FD, 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./91/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6023] memfd_create("syzkaller", 0 [pid 6022] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6019] <... ioctl resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6023] <... memfd_create resumed>) = 3 [pid 6019] close(3 [pid 5086] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6023] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6019] <... close resumed>) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5085] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6023] <... mmap resumed>) = 0x7f1df2200000 [pid 6019] close(4 [pid 5086] newfstatat(4, "", [pid 5085] <... openat resumed>) = 4 [pid 6019] <... close resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] newfstatat(4, "", [pid 5086] getdents64(4, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, [pid 6019] mkdir("./file0", 0777 [pid 5086] getdents64(4, [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6019] <... mkdir resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5086] close(4 [pid 5085] rmdir("./91/file0" [pid 5086] <... close resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5086] rmdir("./91/file0" [pid 5085] getdents64(3, [pid 6019] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3 [pid 5086] getdents64(3, [pid 5085] <... close resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] rmdir("./91" [pid 5086] close(3 [pid 5085] <... rmdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./91") = 0 [pid 5085] mkdir("./92", 0777 [pid 5086] mkdir("./92", 0777 [pid 5085] <... mkdir resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] <... openat resumed>) = 3 [pid 5086] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [ 150.248383][ T6019] loop3: detected capacity change from 0 to 4096 [ 150.287212][ T6019] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6022] <... write resumed>) = 2097152 [pid 6022] munmap(0x7f1df2200000, 138412032 [pid 6023] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6022] <... munmap resumed>) = 0 [pid 6022] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6019] <... mount resumed>) = 0 [pid 6022] <... openat resumed>) = 4 [pid 6022] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... ioctl resumed>) = 0 [pid 6019] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... ioctl resumed>) = 0 [pid 6019] <... openat resumed>) = 3 [pid 5086] close(3) = 0 [pid 6019] chdir("./file0" [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6019] <... chdir resumed>) = 0 [pid 6019] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6019] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6018] <... futex resumed>) = 0 [pid 6022] <... ioctl resumed>) = 0 [pid 6019] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6018] exit_group(0./strace-static-x86_64: Process 6024 attached [pid 6019] <... futex resumed>) = ? [pid 6018] <... exit_group resumed>) = ? [pid 5085] close(3 [pid 6024] set_robust_list(0x555580b0d6a0, 24 [pid 6022] close(3 [pid 6019] +++ exited with 0 +++ [pid 6018] +++ exited with 0 +++ [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6024 [pid 5085] <... close resumed>) = 0 [pid 6024] <... set_robust_list resumed>) = 0 [pid 6022] <... close resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6018, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 6024] chdir("./92" [pid 6022] close(4 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6022] <... close resumed>) = 0 [pid 6022] mkdir("./file0", 0777) = 0 ./strace-static-x86_64: Process 6025 attached [pid 6024] <... chdir resumed>) = 0 [pid 6023] <... write resumed>) = 2097152 [ 150.362390][ T6019] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 150.382436][ T6022] loop4: detected capacity change from 0 to 4096 [pid 6022] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6025] set_robust_list(0x555580b0d6a0, 24 [pid 6024] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6025] <... set_robust_list resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 6025] chdir("./92" [pid 5088] newfstatat(3, "", [pid 6024] <... prctl resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6025] <... chdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6025 [pid 6025] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6024] setpgid(0, 0 [pid 6025] setpgid(0, 0 [pid 6024] <... setpgid resumed>) = 0 [pid 6025] <... setpgid resumed>) = 0 [pid 6024] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6025] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6024] <... openat resumed>) = 3 [pid 6024] write(3, "1000", 4) = 4 [pid 6024] close(3) = 0 [pid 5088] newfstatat(AT_FDCWD, "./91/binderfs", [pid 6024] symlink("/dev/binderfs", "./binderfs" [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6024] <... symlink resumed>) = 0 [pid 5088] unlink("./91/binderfs" [pid 6025] <... openat resumed>) = 3 executing program [pid 6024] write(1, "executing program\n", 18 [pid 6025] write(3, "1000", 4 [pid 6024] <... write resumed>) = 18 [pid 5088] <... unlink resumed>) = 0 [pid 6025] <... write resumed>) = 4 [pid 6024] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6025] close(3 [pid 6024] <... futex resumed>) = 0 [pid 6025] <... close resumed>) = 0 [pid 6024] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6025] symlink("/dev/binderfs", "./binderfs" [pid 6024] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6025] <... symlink resumed>) = 0 [pid 6024] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], executing program [pid 6025] write(1, "executing program\n", 18 [pid 6024] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6023] munmap(0x7f1df2200000, 138412032 [pid 6025] <... write resumed>) = 18 [pid 6024] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] <... umount2 resumed>) = 0 [pid 6025] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6024] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6025] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6024] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6024] <... mprotect resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./91/file0", [pid 6025] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6024] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6025] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6025] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6025] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6024] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6025] <... mmap resumed>) = 0x7f1dfa693000 [pid 6024] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6025] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 6026 attached ) = 0 [pid 6024] <... clone3 resumed> => {parent_tid=[6026]}, 88) = 6026 [pid 6023] <... munmap resumed>) = 0 [pid 5088] <... openat resumed>) = 4 [pid 6026] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6025] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6024] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] newfstatat(4, "", [pid 6026] <... rseq resumed>) = 0 [pid 6025] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6024] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6023] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6026] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6025] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6024] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6023] <... openat resumed>) = 4 [pid 5088] getdents64(4, [pid 6026] <... set_robust_list resumed>) = 0 [pid 6024] <... futex resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6027 attached [pid 6026] rt_sigprocmask(SIG_SETMASK, [], [ 150.436614][ T6022] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 6024] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6023] ioctl(4, LOOP_SET_FD, 3 [pid 5088] getdents64(4, [pid 6027] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6026] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6025] <... clone3 resumed> => {parent_tid=[6027]}, 88) = 6027 [pid 6025] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6025] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6025] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6023] <... ioctl resumed>) = 0 [pid 6027] <... rseq resumed>) = 0 [pid 6026] memfd_create("syzkaller", 0 [pid 6022] <... mount resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6026] <... memfd_create resumed>) = 3 [pid 6022] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6026] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6022] <... openat resumed>) = 3 [pid 6027] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6026] <... mmap resumed>) = 0x7f1df2200000 [pid 6023] close(3 [pid 5088] close(4 [pid 6023] <... close resumed>) = 0 [pid 6027] <... set_robust_list resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 6027] rt_sigprocmask(SIG_SETMASK, [], [pid 6023] close(4 [pid 5088] rmdir("./91/file0" [pid 6027] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6023] <... close resumed>) = 0 [pid 6027] memfd_create("syzkaller", 0 [pid 6023] mkdir("./file0", 0777 [pid 6022] chdir("./file0") = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5088] getdents64(3, [pid 6022] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3 [pid 6022] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6022] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6023] <... mkdir resumed>) = 0 [pid 6022] <... futex resumed>) = 1 [pid 6020] <... futex resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 6020] exit_group(0) = ? [pid 5088] rmdir("./91" [pid 6027] <... memfd_create resumed>) = 3 [pid 6023] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... rmdir resumed>) = 0 [ 150.489347][ T6023] loop2: detected capacity change from 0 to 4096 [ 150.495572][ T6022] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6027] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5088] mkdir("./92", 0777) = 0 [pid 6022] +++ exited with 0 +++ [pid 6020] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6020, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5089] umount2("./91", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./91", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./91/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... openat resumed>) = 3 [pid 5089] newfstatat(AT_FDCWD, "./91/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./91/binderfs") = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5089] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6026] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... umount2 resumed>) = 0 [pid 5089] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6027] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 150.538847][ T6023] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5089] newfstatat(AT_FDCWD, "./91/file0", [pid 6027] <... write resumed>) = 2097152 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./91/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./91/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./91/file0" [pid 6027] munmap(0x7f1df2200000, 138412032 [pid 5089] <... rmdir resumed>) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./91") = 0 [pid 5089] mkdir("./92", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6026] <... write resumed>) = 2097152 [pid 6027] <... munmap resumed>) = 0 [pid 6027] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6027] ioctl(4, LOOP_SET_FD, 3 [pid 6026] munmap(0x7f1df2200000, 138412032 [pid 6027] <... ioctl resumed>) = 0 [pid 6027] close(3 [pid 5088] <... ioctl resumed>) = 0 [pid 6027] <... close resumed>) = 0 [pid 6026] <... munmap resumed>) = 0 [pid 5088] close(3 [pid 6027] close(4 [pid 5088] <... close resumed>) = 0 [pid 6027] <... close resumed>) = 0 [pid 6026] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6027] mkdir("./file0", 0777 [ 150.644077][ T6027] loop0: detected capacity change from 0 to 4096 [ 150.673846][ T6023] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6027] <... mkdir resumed>) = 0 [pid 6026] <... openat resumed>) = 4 [pid 6026] ioctl(4, LOOP_SET_FD, 3 [pid 6023] <... mount resumed>) = 0 ./strace-static-x86_64: Process 6028 attached [pid 6027] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... ioctl resumed>) = 0 [pid 6028] set_robust_list(0x555580b0d6a0, 24 [pid 6023] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6028] <... set_robust_list resumed>) = 0 [pid 6023] <... openat resumed>) = 3 [pid 6028] chdir("./92" [pid 6023] chdir("./file0" [pid 5089] close(3 [pid 6023] <... chdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6023] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6029 attached [pid 6028] <... chdir resumed>) = 0 [pid 6023] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6029] set_robust_list(0x555580b0d6a0, 24 [pid 6028] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6023] <... futex resumed>) = 1 [pid 6029] <... set_robust_list resumed>) = 0 [pid 6028] <... prctl resumed>) = 0 [pid 6023] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6029 [pid 6029] chdir("./92" [pid 6028] setpgid(0, 0 [pid 6021] <... futex resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6028 [pid 6021] exit_group(0 [pid 6028] <... setpgid resumed>) = 0 [pid 6028] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6021] <... exit_group resumed>) = ? [pid 6029] <... chdir resumed>) = 0 [pid 6028] <... openat resumed>) = 3 [pid 6029] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6028] write(3, "1000", 4 [pid 6029] <... prctl resumed>) = 0 [pid 6028] <... write resumed>) = 4 [pid 6029] setpgid(0, 0 [pid 6028] close(3 [pid 6029] <... setpgid resumed>) = 0 [pid 6028] <... close resumed>) = 0 [pid 6023] <... futex resumed>) = ? [pid 6023] +++ exited with 0 +++ [pid 6021] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6021, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5087] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6029] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6028] symlink("/dev/binderfs", "./binderfs" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6029] <... openat resumed>) = 3 [pid 6028] <... symlink resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6028] write(1, "executing program\n", 18 [pid 6026] <... ioctl resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 6028] <... write resumed>) = 18 [pid 6026] close(3 [pid 6028] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] newfstatat(3, "", [pid 6029] write(3, "1000", 4 [pid 6028] <... futex resumed>) = 0 [pid 6026] <... close resumed>) = 0 [pid 6029] <... write resumed>) = 4 [pid 6028] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6029] close(3 [pid 6026] close(4 [pid 6029] <... close resumed>) = 0 [pid 6028] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] getdents64(3, [pid 6029] symlink("/dev/binderfs", "./binderfs" [pid 6028] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6026] <... close resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6029] <... symlink resumed>) = 0 [pid 6028] <... rt_sigprocmask resumed>NULL, 8) = 0 executing program [pid 6026] mkdir("./file0", 0777 [pid 6029] write(1, "executing program\n", 18 [pid 6028] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6029] <... write resumed>) = 18 [pid 6028] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6029] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6028] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6026] <... mkdir resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./92/binderfs", [pid 6029] <... futex resumed>) = 0 [pid 6028] <... mprotect resumed>) = 0 [ 150.691767][ T6026] loop1: detected capacity change from 0 to 4096 [ 150.706941][ T6027] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 6026] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6029] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6028] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] unlink("./92/binderfs" [pid 6029] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6028] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6029] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 6029] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6029] <... mmap resumed>) = 0x7f1dfa693000 [pid 6028] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6030 attached [pid 6029] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] <... umount2 resumed>) = 0 [pid 6030] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6029] <... mprotect resumed>) = 0 [pid 6028] <... clone3 resumed> => {parent_tid=[6030]}, 88) = 6030 [pid 6029] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6028] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6030] <... rseq resumed>) = 0 [pid 6029] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6028] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6030] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6029] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6028] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] newfstatat(AT_FDCWD, "./92/file0", [pid 6030] <... set_robust_list resumed>) = 0 [pid 6028] <... futex resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6031 attached [pid 6030] rt_sigprocmask(SIG_SETMASK, [], [pid 6029] <... clone3 resumed> => {parent_tid=[6031]}, 88) = 6031 [pid 6028] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6031] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6030] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6029] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6031] <... rseq resumed>) = 0 [pid 6029] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6031] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6029] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6031] <... set_robust_list resumed>) = 0 [pid 6029] <... futex resumed>) = 0 [pid 5087] <... openat resumed>) = 4 [pid 6031] rt_sigprocmask(SIG_SETMASK, [], [pid 6030] memfd_create("syzkaller", 0 [pid 6029] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] newfstatat(4, "", [pid 6031] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6030] <... memfd_create resumed>) = 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6031] memfd_create("syzkaller", 0 [pid 6030] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] getdents64(4, [pid 6030] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [ 150.750257][ T6026] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5087] getdents64(4, [pid 6031] <... memfd_create resumed>) = 3 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5087] rmdir("./92/file0") = 0 [pid 6031] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./92") = 0 [pid 6031] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] mkdir("./93", 0777) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6026] <... mount resumed>) = 0 [pid 6026] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6026] chdir("./file0") = 0 [pid 6026] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6027] <... mount resumed>) = 0 [pid 6026] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6026] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6026] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6030] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6027] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6024] <... futex resumed>) = 0 [pid 6031] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6027] <... openat resumed>) = 3 [pid 6027] chdir("./file0" [pid 6024] exit_group(0 [pid 6027] <... chdir resumed>) = 0 [pid 6024] <... exit_group resumed>) = ? [pid 6027] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6026] <... futex resumed>) = ? [ 150.844280][ T6026] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 150.852284][ T6027] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6026] +++ exited with 0 +++ [pid 6024] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6024, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6027] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5086] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", [pid 6027] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6027] <... futex resumed>) = 1 [pid 5086] newfstatat(AT_FDCWD, "./92/binderfs", [pid 6025] <... futex resumed>) = 0 [pid 6027] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5087] <... ioctl resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6025] exit_group(0 [pid 6027] <... futex resumed>) = ? [pid 6025] <... exit_group resumed>) = ? [pid 5086] unlink("./92/binderfs") = 0 [pid 5086] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6027] +++ exited with 0 +++ [pid 6025] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6025, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5085] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6030] <... write resumed>) = 2097152 [pid 5086] <... umount2 resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6032 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6030] munmap(0x7f1df2200000, 138412032 [pid 5085] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./92/binderfs", ./strace-static-x86_64: Process 6032 attached {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./92/binderfs" [pid 6032] set_robust_list(0x555580b0d6a0, 24 [pid 5085] <... unlink resumed>) = 0 [pid 6032] <... set_robust_list resumed>) = 0 [pid 6032] chdir("./93" [pid 6031] <... write resumed>) = 2097152 [pid 5086] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6032] <... chdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6032] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5086] newfstatat(AT_FDCWD, "./92/file0", [pid 6032] <... prctl resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6032] setpgid(0, 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6032] <... setpgid resumed>) = 0 [pid 6031] munmap(0x7f1df2200000, 138412032 [pid 5086] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6032] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6031] <... munmap resumed>) = 0 [pid 5086] <... openat resumed>) = 4 [pid 6032] <... openat resumed>) = 3 [pid 6032] write(3, "1000", 4 [pid 5086] newfstatat(4, "", [pid 6032] <... write resumed>) = 4 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 6032] close(3 [pid 5086] getdents64(4, [pid 6032] <... close resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6032] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6032] write(1, "executing program\n", 18) = 18 [pid 6032] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6032] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6032] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6032] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6030] <... munmap resumed>) = 0 [pid 6032] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5086] getdents64(4, [pid 6032] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6032] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5086] close(4 [pid 6032] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6031] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] <... close resumed>) = 0 ./strace-static-x86_64: Process 6033 attached [pid 6031] <... openat resumed>) = 4 [pid 5086] rmdir("./92/file0" [pid 5085] <... umount2 resumed>) = 0 [pid 6033] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6032] <... clone3 resumed> => {parent_tid=[6033]}, 88) = 6033 [pid 6030] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6033] <... rseq resumed>) = 0 [pid 6032] rt_sigprocmask(SIG_SETMASK, [], [pid 6031] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... rmdir resumed>) = 0 [pid 6033] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6032] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6033] <... set_robust_list resumed>) = 0 [pid 6030] <... openat resumed>) = 4 [pid 5086] getdents64(3, [pid 5085] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6033] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6033] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6030] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] newfstatat(AT_FDCWD, "./92/file0", [pid 5086] close(3) = 0 [pid 5086] rmdir("./92") = 0 [pid 6032] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] mkdir("./93", 0777 [pid 6033] <... futex resumed>) = 0 [pid 6032] <... futex resumed>) = 1 [pid 5086] <... mkdir resumed>) = 0 [pid 6033] memfd_create("syzkaller", 0 [pid 6032] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6030] <... ioctl resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6033] <... memfd_create resumed>) = 3 [pid 6033] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5085] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6031] <... ioctl resumed>) = 0 [ 150.963255][ T6031] loop4: detected capacity change from 0 to 4096 [ 150.973204][ T6030] loop3: detected capacity change from 0 to 4096 [pid 6030] close(3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6030] <... close resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6030] close(4 [pid 6031] close(3 [pid 5085] <... openat resumed>) = 4 [pid 6031] <... close resumed>) = 0 [pid 6030] <... close resumed>) = 0 [pid 6031] close(4) = 0 [pid 5085] newfstatat(4, "", [pid 6030] mkdir("./file0", 0777 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6031] mkdir("./file0", 0777) = 0 [pid 6030] <... mkdir resumed>) = 0 [pid 5085] getdents64(4, [pid 6030] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6031] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6033] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./92/file0" [pid 6030] <... mount resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 6030] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6030] chdir("./file0") = 0 [pid 6030] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6030] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6028] <... futex resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6030] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5085] close(3) = 0 [pid 5085] rmdir("./92") = 0 [pid 5085] mkdir("./93", 0777) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6028] exit_group(0 [pid 6030] <... futex resumed>) = ? [pid 6028] <... exit_group resumed>) = ? [pid 6030] +++ exited with 0 +++ [pid 6028] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6028, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5088] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./92/binderfs") = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5088] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 151.004976][ T6030] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 151.019943][ T6031] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 151.032724][ T6030] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 6034 attached [pid 6033] <... write resumed>) = 2097152 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6034 [pid 6034] set_robust_list(0x555580b0d6a0, 24 [pid 6033] munmap(0x7f1df2200000, 138412032 [pid 6034] <... set_robust_list resumed>) = 0 [pid 6034] chdir("./93") = 0 [pid 5088] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./92/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6034] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6034] <... prctl resumed>) = 0 [pid 6033] <... munmap resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6034] setpgid(0, 0) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6034] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4 [pid 6034] <... openat resumed>) = 3 [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./92/file0" [pid 6034] write(3, "1000", 4 [pid 6033] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... rmdir resumed>) = 0 [pid 6034] <... write resumed>) = 4 [pid 6034] close(3 [pid 6033] <... openat resumed>) = 4 [pid 6034] <... close resumed>) = 0 [pid 6033] ioctl(4, LOOP_SET_FD, 3 [pid 6034] symlink("/dev/binderfs", "./binderfs" [pid 5085] <... ioctl resumed>) = 0 [pid 6034] <... symlink resumed>) = 0 [pid 6033] <... ioctl resumed>) = 0 [pid 5088] getdents64(3, [pid 5085] close(3executing program [pid 6034] write(1, "executing program\n", 18 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... close resumed>) = 0 [pid 5088] close(3 [pid 6034] <... write resumed>) = 18 [pid 6033] close(3 [pid 5088] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6034] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6035 attached ) = 0 [pid 6033] <... close resumed>) = 0 [pid 5088] rmdir("./92" [pid 6035] set_robust_list(0x555580b0d6a0, 24 [pid 6034] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6033] close(4 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6035 [pid 6035] <... set_robust_list resumed>) = 0 [pid 6034] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6033] <... close resumed>) = 0 [pid 5088] mkdir("./93", 0777 [pid 6035] chdir("./93" [pid 6034] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6033] mkdir("./file0", 0777 [pid 5088] <... mkdir resumed>) = 0 [pid 6035] <... chdir resumed>) = 0 [pid 6034] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6033] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6035] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6034] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6033] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... openat resumed>) = 3 [ 151.144164][ T6033] loop2: detected capacity change from 0 to 4096 [ 151.183203][ T6033] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 6035] <... prctl resumed>) = 0 [pid 6034] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6035] setpgid(0, 0) = 0 [pid 6034] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6034] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6035] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6035] write(3, "1000", 4 [pid 6034] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6035] <... write resumed>) = 4 [pid 6034] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6035] close(3 [pid 6031] <... mount resumed>) = 0 ./strace-static-x86_64: Process 6036 attached [pid 6035] <... close resumed>) = 0 [pid 6034] <... clone3 resumed> => {parent_tid=[6036]}, 88) = 6036 [pid 6031] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6035] symlink("/dev/binderfs", "./binderfs" [pid 6034] rt_sigprocmask(SIG_SETMASK, [], [pid 6036] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6031] <... openat resumed>) = 3 [pid 6036] <... rseq resumed>) = 0 [pid 6035] <... symlink resumed>) = 0 [pid 6034] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6036] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6035] write(1, "executing program\n", 18 [pid 6034] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000executing program [pid 6031] chdir("./file0" [pid 6035] <... write resumed>) = 18 [ 151.189467][ T6031] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6036] <... set_robust_list resumed>) = 0 [pid 6035] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6034] <... futex resumed>) = 0 [pid 6031] <... chdir resumed>) = 0 [pid 6035] <... futex resumed>) = 0 [pid 6034] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6035] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6036] rt_sigprocmask(SIG_SETMASK, [], [pid 6035] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6031] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6035] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6035] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6036] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6035] <... mmap resumed>) = 0x7f1dfa693000 [pid 6031] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6036] memfd_create("syzkaller", 0 [pid 6031] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6031] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6035] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6029] <... futex resumed>) = 0 [pid 6035] <... mprotect resumed>) = 0 [pid 6029] exit_group(0 [pid 6035] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6031] <... futex resumed>) = ? [pid 6029] <... exit_group resumed>) = ? [pid 5088] <... ioctl resumed>) = 0 [pid 6036] <... memfd_create resumed>) = 3 [pid 6035] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6035] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6037 attached => {parent_tid=[6037]}, 88) = 6037 [pid 6037] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6036] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6035] rt_sigprocmask(SIG_SETMASK, [], [pid 6031] +++ exited with 0 +++ [pid 6029] +++ exited with 0 +++ [pid 6037] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6036] <... mmap resumed>) = 0x7f1df2200000 [pid 6035] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6029, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5088] close(3 [pid 6037] <... set_robust_list resumed>) = 0 [pid 6035] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6037] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... close resumed>) = 0 [pid 6037] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6035] <... futex resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6037] memfd_create("syzkaller", 0 [pid 6035] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] umount2("./92", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./92", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6038 ./strace-static-x86_64: Process 6038 attached [pid 6037] <... memfd_create resumed>) = 3 [pid 5089] <... openat resumed>) = 3 [pid 6038] set_robust_list(0x555580b0d6a0, 24 [pid 6037] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] newfstatat(3, "", [pid 6038] <... set_robust_list resumed>) = 0 [pid 6038] chdir("./93" [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6038] <... chdir resumed>) = 0 [pid 6037] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] getdents64(3, [pid 6038] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./92/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6038] <... prctl resumed>) = 0 [pid 6038] setpgid(0, 0) = 0 [pid 6038] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6038] write(3, "1000", 4) = 4 [pid 6038] close(3) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6038] symlink("/dev/binderfs", "./binderfs" [pid 5089] newfstatat(AT_FDCWD, "./92/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./92/binderfs" [pid 6038] <... symlink resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5089] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW executing program [pid 6038] write(1, "executing program\n", 18) = 18 [pid 6038] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6038] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 6038] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5089] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6038] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6038] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] newfstatat(AT_FDCWD, "./92/file0", [pid 6038] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6038] <... mprotect resumed>) = 0 [pid 5089] umount2("./92/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6038] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6037] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6036] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6033] <... mount resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6038] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] openat(AT_FDCWD, "./92/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6033] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] newfstatat(4, "", ./strace-static-x86_64: Process 6039 attached [pid 6033] <... openat resumed>) = 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6039] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6033] chdir("./file0" [pid 5089] getdents64(4, [pid 6039] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6033] <... chdir resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6039] <... set_robust_list resumed>) = 0 [pid 6033] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] getdents64(4, [pid 6039] rt_sigprocmask(SIG_SETMASK, [], [pid 6038] <... clone3 resumed> => {parent_tid=[6039]}, 88) = 6039 [pid 6033] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6039] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6038] rt_sigprocmask(SIG_SETMASK, [], [pid 6033] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] close(4 [pid 6039] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6038] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6033] <... futex resumed>) = 1 [pid 6032] <... futex resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 6038] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6033] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6032] exit_group(0 [pid 5089] rmdir("./92/file0" [pid 6039] <... futex resumed>) = 0 [pid 6038] <... futex resumed>) = 1 [pid 6033] <... futex resumed>) = ? [pid 6032] <... exit_group resumed>) = ? [pid 5089] <... rmdir resumed>) = 0 [pid 6038] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6033] +++ exited with 0 +++ [pid 5089] getdents64(3, [pid 6039] memfd_create("syzkaller", 0 [pid 6032] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6032, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5087] <... restart_syscall resumed>) = 0 [pid 5087] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6039] <... memfd_create resumed>) = 3 [pid 6039] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6037] <... write resumed>) = 2097152 [pid 6036] <... write resumed>) = 2097152 [pid 5089] <... close resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 151.330299][ T6033] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6039] <... mmap resumed>) = 0x7f1df2200000 [pid 6036] munmap(0x7f1df2200000, 138412032 [pid 5089] rmdir("./92" [pid 5087] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6037] munmap(0x7f1df2200000, 138412032 [pid 5087] <... openat resumed>) = 3 [pid 5087] newfstatat(3, "", [pid 5089] <... rmdir resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] mkdir("./93", 0777 [pid 5087] getdents64(3, [pid 5089] <... mkdir resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6037] <... munmap resumed>) = 0 [pid 6036] <... munmap resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./93/binderfs") = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5087] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6037] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6036] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5087] <... umount2 resumed>) = 0 [pid 5087] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6039] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6037] <... openat resumed>) = 4 [pid 6036] <... openat resumed>) = 4 [pid 6037] ioctl(4, LOOP_SET_FD, 3 [pid 6036] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6037] <... ioctl resumed>) = 0 [pid 5087] close(4 [pid 6037] close(3 [pid 5087] <... close resumed>) = 0 [pid 6037] <... close resumed>) = 0 [pid 5087] rmdir("./93/file0") = 0 [pid 6037] close(4) = 0 [pid 6037] mkdir("./file0", 0777) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./93") = 0 [pid 5087] mkdir("./94", 0777) = 0 [pid 6037] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6036] <... ioctl resumed>) = 0 [pid 6036] close(3) = 0 [pid 6036] close(4) = 0 [pid 6036] mkdir("./file0", 0777) = 0 [ 151.428868][ T6037] loop0: detected capacity change from 0 to 4096 [ 151.438217][ T6036] loop1: detected capacity change from 0 to 4096 [ 151.459752][ T6037] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 6036] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6039] <... write resumed>) = 2097152 [pid 6039] munmap(0x7f1df2200000, 138412032 [pid 5089] <... ioctl resumed>) = 0 [pid 5089] close(3) = 0 [ 151.474729][ T6036] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6040 attached [pid 6039] <... munmap resumed>) = 0 [pid 6039] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6040] set_robust_list(0x555580b0d6a0, 24 [pid 6039] <... openat resumed>) = 4 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6040 [pid 6039] ioctl(4, LOOP_SET_FD, 3 [pid 6040] <... set_robust_list resumed>) = 0 [pid 6039] <... ioctl resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 6040] chdir("./93" [pid 6039] close(3 [pid 5087] close(3 [pid 6040] <... chdir resumed>) = 0 [pid 6039] <... close resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 6040] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6039] close(4 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6040] <... prctl resumed>) = 0 [pid 6039] <... close resumed>) = 0 [pid 6040] setpgid(0, 0 [pid 6039] mkdir("./file0", 0777 [pid 6040] <... setpgid resumed>) = 0 [pid 6040] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6039] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6041 attached [pid 6040] <... openat resumed>) = 3 [ 151.527166][ T6039] loop3: detected capacity change from 0 to 4096 [ 151.528617][ T6037] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6039] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6041] set_robust_list(0x555580b0d6a0, 24 [pid 6040] write(3, "1000", 4 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6041 [pid 6041] <... set_robust_list resumed>) = 0 [pid 6040] <... write resumed>) = 4 [pid 6041] chdir("./94") = 0 [pid 6040] close(3 [pid 6041] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6040] <... close resumed>) = 0 [pid 6041] <... prctl resumed>) = 0 [pid 6040] symlink("/dev/binderfs", "./binderfs" [pid 6041] setpgid(0, 0) = 0 [pid 6040] <... symlink resumed>) = 0 [pid 6041] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6040] write(1, "executing program\n", 18executing program [pid 6041] <... openat resumed>) = 3 [pid 6040] <... write resumed>) = 18 [pid 6037] <... mount resumed>) = 0 [pid 6041] write(3, "1000", 4 [pid 6040] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6037] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6041] <... write resumed>) = 4 [pid 6040] <... futex resumed>) = 0 [pid 6037] <... openat resumed>) = 3 [pid 6041] close(3 [pid 6040] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6037] chdir("./file0" [pid 6041] <... close resumed>) = 0 [pid 6040] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6037] <... chdir resumed>) = 0 [pid 6041] symlink("/dev/binderfs", "./binderfs" [pid 6040] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6037] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6041] <... symlink resumed>) = 0 [pid 6040] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6037] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6040] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 executing program [pid 6041] write(1, "executing program\n", 18 [pid 6040] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6037] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6041] <... write resumed>) = 18 [pid 6040] <... mprotect resumed>) = 0 [pid 6037] <... futex resumed>) = 1 [pid 6041] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6040] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6037] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6035] <... futex resumed>) = 0 [pid 6041] <... futex resumed>) = 0 [pid 6035] exit_group(0 [pid 6041] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6040] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6041] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6040] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6041] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6035] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 6042 attached [pid 6041] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6040] <... clone3 resumed> => {parent_tid=[6042]}, 88) = 6042 [pid 6037] <... futex resumed>) = ? [pid 6042] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6041] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6040] rt_sigprocmask(SIG_SETMASK, [], [pid 6037] +++ exited with 0 +++ [pid 6035] +++ exited with 0 +++ [pid 6042] <... rseq resumed>) = 0 [pid 6041] <... mmap resumed>) = 0x7f1dfa693000 [pid 6040] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6035, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6042] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6041] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6040] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6042] <... set_robust_list resumed>) = 0 [pid 6041] <... mprotect resumed>) = 0 [pid 6040] <... futex resumed>) = 0 [pid 6036] <... mount resumed>) = 0 [pid 6042] rt_sigprocmask(SIG_SETMASK, [], [pid 6041] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6040] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6036] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6042] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6041] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6036] <... openat resumed>) = 3 [ 151.572582][ T6039] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 151.601451][ T6036] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 6036] chdir("./file0" [pid 6042] memfd_create("syzkaller", 0 [pid 6041] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6036] <... chdir resumed>) = 0 [pid 5085] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6036] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6043 attached [pid 6036] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6043] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6042] <... memfd_create resumed>) = 3 [pid 6041] <... clone3 resumed> => {parent_tid=[6043]}, 88) = 6043 [pid 6036] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... openat resumed>) = 3 [pid 6043] <... rseq resumed>) = 0 [pid 6042] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6041] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] newfstatat(3, "", [pid 6043] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6042] <... mmap resumed>) = 0x7f1df2200000 [pid 6041] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6043] <... set_robust_list resumed>) = 0 [pid 6041] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6036] <... futex resumed>) = 1 [pid 6034] <... futex resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6034] exit_group(0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6034] <... exit_group resumed>) = ? [pid 5085] newfstatat(AT_FDCWD, "./93/binderfs", [pid 6036] +++ exited with 0 +++ [pid 6043] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6043] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] unlink("./93/binderfs" [pid 6043] memfd_create("syzkaller", 0 [pid 6039] <... mount resumed>) = 0 [pid 6034] +++ exited with 0 +++ [pid 5085] <... unlink resumed>) = 0 [pid 6039] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6041] <... futex resumed>) = 0 [pid 6039] <... openat resumed>) = 3 [pid 5085] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6041] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6039] chdir("./file0" [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6034, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6039] <... chdir resumed>) = 0 [pid 5086] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6039] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6043] <... memfd_create resumed>) = 3 [pid 5086] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6043] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6039] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = 0 [pid 6043] <... mmap resumed>) = 0x7f1df2200000 [pid 6039] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6039] <... futex resumed>) = 1 [pid 6038] <... futex resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6042] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6039] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6038] exit_group(0 [pid 5085] newfstatat(AT_FDCWD, "./93/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6038] <... exit_group resumed>) = ? [pid 6039] <... futex resumed>) = ? [pid 5085] <... openat resumed>) = 4 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(4, [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] newfstatat(AT_FDCWD, "./93/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./93/binderfs") = 0 [pid 5085] getdents64(4, [pid 5086] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./93/file0" [pid 5086] <... umount2 resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5086] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(3, [pid 6039] +++ exited with 0 +++ [pid 6038] +++ exited with 0 +++ [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6038, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [ 151.666999][ T6039] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5085] close(3 [pid 6043] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(AT_FDCWD, "./93/file0", [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... close resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] rmdir("./93" [pid 5088] <... openat resumed>) = 3 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(3, "", [pid 5086] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5088] getdents64(3, [pid 5086] newfstatat(4, "", [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5088] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(4, [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] mkdir("./94", 0777 [pid 6042] <... write resumed>) = 2097152 [pid 5088] newfstatat(AT_FDCWD, "./93/binderfs", [pid 5086] getdents64(4, [pid 5085] <... mkdir resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] unlink("./93/binderfs") = 0 [pid 5086] close(4 [pid 5088] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... close resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6042] munmap(0x7f1df2200000, 138412032 [pid 5088] <... umount2 resumed>) = 0 [pid 5086] rmdir("./93/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./93" [pid 6042] <... munmap resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./93/file0", [pid 6042] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6043] <... write resumed>) = 2097152 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5088] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6043] munmap(0x7f1df2200000, 138412032 [pid 6042] <... openat resumed>) = 4 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6042] ioctl(4, LOOP_SET_FD, 3 [pid 5086] mkdir("./94", 0777 [pid 5088] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] <... mkdir resumed>) = 0 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5088] close(4 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5088] <... close resumed>) = 0 [pid 6043] <... munmap resumed>) = 0 [pid 6042] <... ioctl resumed>) = 0 [pid 6043] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] rmdir("./93/file0" [pid 6043] <... openat resumed>) = 4 [pid 6042] close(3 [pid 6043] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... rmdir resumed>) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./93" [pid 6043] <... ioctl resumed>) = 0 [pid 6042] <... close resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 6043] close(3 [pid 6042] close(4 [pid 5088] mkdir("./94", 0777 [pid 6043] <... close resumed>) = 0 [pid 6042] <... close resumed>) = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 6043] close(4 [pid 6042] mkdir("./file0", 0777 [pid 6043] <... close resumed>) = 0 [pid 6042] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6043] mkdir("./file0", 0777 [pid 5088] <... openat resumed>) = 3 [pid 6043] <... mkdir resumed>) = 0 [pid 6042] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5085] <... ioctl resumed>) = 0 [ 151.769478][ T6042] loop4: detected capacity change from 0 to 4096 [ 151.780837][ T6043] loop2: detected capacity change from 0 to 4096 [pid 6043] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] close(3) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 6044 ./strace-static-x86_64: Process 6044 attached [pid 5086] <... ioctl resumed>) = 0 [pid 5086] close(3 [pid 6044] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6044] chdir("./94") = 0 [pid 6044] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5086] <... close resumed>) = 0 [pid 6044] setpgid(0, 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6044] <... setpgid resumed>) = 0 [pid 6044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6044] write(3, "1000", 4) = 4 [pid 6044] close(3) = 0 [ 151.813782][ T6042] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 151.832264][ T6043] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). ./strace-static-x86_64: Process 6045 attached [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6045 [pid 6045] set_robust_list(0x555580b0d6a0, 24 [pid 6044] symlink("/dev/binderfs", "./binderfs" [pid 6045] <... set_robust_list resumed>) = 0 [pid 6045] chdir("./94" [pid 6044] <... symlink resumed>) = 0 [pid 6045] <... chdir resumed>) = 0 [pid 6045] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6044] write(1, "executing program\n", 18executing program [pid 6045] <... prctl resumed>) = 0 [pid 6044] <... write resumed>) = 18 [pid 6045] setpgid(0, 0) = 0 [pid 6044] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6045] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6044] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6045] <... openat resumed>) = 3 [pid 6044] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6044] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6045] write(3, "1000", 4) = 4 [pid 6044] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... ioctl resumed>) = 0 [pid 6045] close(3 [pid 6044] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6045] <... close resumed>) = 0 [pid 6044] <... mprotect resumed>) = 0 [pid 6045] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6044] rt_sigprocmask(SIG_BLOCK, ~[], executing program [pid 5088] close(3 [pid 6045] write(1, "executing program\n", 18 [pid 6044] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6045] <... write resumed>) = 18 [pid 6044] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6045] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6045] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6045] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 ./strace-static-x86_64: Process 6046 attached [pid 5088] <... close resumed>) = 0 [pid 6046] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6045] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6044] <... clone3 resumed> => {parent_tid=[6046]}, 88) = 6046 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6046] <... rseq resumed>) = 0 [pid 6045] <... mmap resumed>) = 0x7f1dfa693000 [pid 6044] rt_sigprocmask(SIG_SETMASK, [], [pid 6046] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6045] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6044] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6046] <... set_robust_list resumed>) = 0 [pid 6045] <... mprotect resumed>) = 0 [pid 6044] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6047 attached [pid 6046] rt_sigprocmask(SIG_SETMASK, [], [pid 6045] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6044] <... futex resumed>) = 0 [pid 6047] set_robust_list(0x555580b0d6a0, 24 [pid 6046] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6045] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6044] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6047 [pid 6047] <... set_robust_list resumed>) = 0 [pid 6046] memfd_create("syzkaller", 0 [pid 6045] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6047] chdir("./94" [pid 6046] <... memfd_create resumed>) = 3 [pid 6046] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 6048 attached ) = 0x7f1df2200000 [pid 6047] <... chdir resumed>) = 0 [pid 6048] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6045] <... clone3 resumed> => {parent_tid=[6048]}, 88) = 6048 [pid 6043] <... mount resumed>) = 0 [pid 6042] <... mount resumed>) = 0 [pid 6048] <... rseq resumed>) = 0 [pid 6045] rt_sigprocmask(SIG_SETMASK, [], [pid 6048] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6047] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6045] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6043] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6042] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6048] <... set_robust_list resumed>) = 0 [pid 6047] <... prctl resumed>) = 0 [pid 6045] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6043] <... openat resumed>) = 3 [pid 6042] <... openat resumed>) = 3 [pid 6048] rt_sigprocmask(SIG_SETMASK, [], [pid 6047] setpgid(0, 0 [pid 6045] <... futex resumed>) = 0 [pid 6043] chdir("./file0" [pid 6048] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6047] <... setpgid resumed>) = 0 [pid 6045] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6043] <... chdir resumed>) = 0 [pid 6042] chdir("./file0" [pid 6048] memfd_create("syzkaller", 0 [pid 6046] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6042] <... chdir resumed>) = 0 [pid 6043] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6048] <... memfd_create resumed>) = 3 [pid 6047] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6042] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6048] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6043] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6047] <... openat resumed>) = 3 [pid 6042] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6048] <... mmap resumed>) = 0x7f1df2200000 [pid 6043] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6041] <... futex resumed>) = 0 [ 151.955671][ T6042] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 151.967276][ T6043] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6043] <... futex resumed>) = 1 [pid 6041] exit_group(0 [pid 6043] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6042] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6043] <... futex resumed>) = ? [pid 6041] <... exit_group resumed>) = ? [pid 6040] <... futex resumed>) = 0 [pid 6042] <... futex resumed>) = 1 [pid 6040] exit_group(0) = ? [pid 6047] write(3, "1000", 4) = 4 [pid 6047] close(3) = 0 [pid 6046] <... write resumed>) = 2097152 [pid 6047] symlink("/dev/binderfs", "./binderfs" [pid 6046] munmap(0x7f1df2200000, 138412032 [pid 6047] <... symlink resumed>) = 0 [pid 6043] +++ exited with 0 +++ [pid 6042] +++ exited with 0 +++ [pid 6041] +++ exited with 0 +++ [pid 6040] +++ exited with 0 +++ executing program [pid 6047] write(1, "executing program\n", 18 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6040, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6041, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 6047] <... write resumed>) = 18 [pid 6047] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5087] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6047] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6047] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6047] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] umount2("./93", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... openat resumed>) = 3 [pid 6047] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(3, "", [pid 6047] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] openat(AT_FDCWD, "./93", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6047] <... mmap resumed>) = 0x7f1dfa693000 [pid 6046] <... munmap resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5087] getdents64(3, [pid 6048] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6047] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6046] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] newfstatat(3, "", [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6047] <... mprotect resumed>) = 0 [pid 6046] <... openat resumed>) = 4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6047] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] getdents64(3, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6047] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] umount2("./93/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(AT_FDCWD, "./94/binderfs", [pid 6047] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6049 attached [pid 6046] ioctl(4, LOOP_SET_FD, 3 [pid 5089] newfstatat(AT_FDCWD, "./93/binderfs", [pid 5087] unlink("./94/binderfs" [pid 6049] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6047] <... clone3 resumed> => {parent_tid=[6049]}, 88) = 6049 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 6049] <... rseq resumed>) = 0 [pid 6047] rt_sigprocmask(SIG_SETMASK, [], [pid 6049] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6047] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] unlink("./93/binderfs" [pid 6049] <... set_robust_list resumed>) = 0 [pid 6047] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... unlink resumed>) = 0 [pid 5087] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6049] rt_sigprocmask(SIG_SETMASK, [], [pid 6047] <... futex resumed>) = 0 [pid 6049] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6047] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = 0 [pid 5087] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5087] newfstatat(4, "", [pid 6046] <... ioctl resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6049] memfd_create("syzkaller", 0 [pid 6046] close(3 [pid 5089] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(4, [pid 6049] <... memfd_create resumed>) = 3 [pid 6046] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6049] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6046] close(4 [pid 5089] newfstatat(AT_FDCWD, "./93/file0", [pid 5087] getdents64(4, [pid 6049] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] umount2("./93/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] close(4 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... close resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./93/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] rmdir("./94/file0" [pid 6046] <... close resumed>) = 0 [pid 6046] mkdir("./file0", 0777 [pid 5089] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4 [pid 6046] <... mkdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./93/file0") = 0 [pid 5089] getdents64(3, [pid 5087] <... rmdir resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5087] getdents64(3, [pid 5089] <... close resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] rmdir("./93" [pid 5087] close(3 [pid 5089] <... rmdir resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./94" [pid 6048] <... write resumed>) = 2097152 [pid 5087] <... rmdir resumed>) = 0 [pid 5087] mkdir("./95", 0777 [pid 6046] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] mkdir("./94", 0777 [pid 5087] <... mkdir resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [ 152.056056][ T6046] loop0: detected capacity change from 0 to 4096 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 6048] munmap(0x7f1df2200000, 138412032 [pid 5089] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6048] <... munmap resumed>) = 0 [pid 6048] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6048] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6048] close(3) = 0 [pid 6048] close(4) = 0 [pid 6048] mkdir("./file0", 0777) = 0 [pid 6049] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 152.105188][ T6046] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 152.134270][ T6048] loop1: detected capacity change from 0 to 4096 [ 152.157965][ T6048] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 152.176521][ T6046] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6048] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6049] <... write resumed>) = 2097152 [pid 6046] <... mount resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 6049] munmap(0x7f1df2200000, 138412032 [pid 6046] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6049] <... munmap resumed>) = 0 [pid 6046] <... openat resumed>) = 3 [pid 6046] chdir("./file0") = 0 [pid 6049] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6046] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6049] <... openat resumed>) = 4 [pid 6046] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6049] ioctl(4, LOOP_SET_FD, 3 [pid 6044] <... futex resumed>) = 0 [pid 6046] <... futex resumed>) = 1 [pid 6044] exit_group(0 [pid 6046] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL) = ? [pid 6044] <... exit_group resumed>) = ? [pid 5087] <... ioctl resumed>) = 0 [pid 6046] +++ exited with 0 +++ [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6044] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6044, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5089] close(3 [pid 6049] <... ioctl resumed>) = 0 [pid 6049] close(3 [pid 5089] <... close resumed>) = 0 [pid 5085] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6049] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6051 attached [pid 5085] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6051] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6051 [pid 5085] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6050 attached [pid 6051] <... set_robust_list resumed>) = 0 [pid 6049] close(4 [pid 5085] newfstatat(3, "", [pid 6051] chdir("./94" [pid 6050] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6050 [pid 6050] <... set_robust_list resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6050] chdir("./95" [pid 5085] getdents64(3, [pid 6050] <... chdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6050] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6051] <... chdir resumed>) = 0 [pid 6050] <... prctl resumed>) = 0 [pid 6049] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6049] mkdir("./file0", 0777 [pid 6050] setpgid(0, 0 [pid 5085] newfstatat(AT_FDCWD, "./94/binderfs", [pid 6050] <... setpgid resumed>) = 0 [pid 6049] <... mkdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 152.225996][ T6049] loop3: detected capacity change from 0 to 4096 [pid 6051] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6050] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6049] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] unlink("./94/binderfs" [pid 6051] <... prctl resumed>) = 0 executing program [pid 6051] setpgid(0, 0 [pid 5085] <... unlink resumed>) = 0 [pid 6051] <... setpgid resumed>) = 0 [pid 5085] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6050] <... openat resumed>) = 3 [pid 6050] write(3, "1000", 4) = 4 [pid 6050] close(3) = 0 [pid 6050] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6050] write(1, "executing program\n", 18 [pid 6051] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6050] <... write resumed>) = 18 [pid 6051] <... openat resumed>) = 3 [pid 6050] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6050] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6050] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6050] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6050] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6051] write(3, "1000", 4) = 4 [pid 6050] <... mprotect resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 6051] close(3 [pid 6050] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6051] <... close resumed>) = 0 [pid 6051] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6050] <... rt_sigprocmask resumed>[], 8) = 0 executing program [pid 6051] write(1, "executing program\n", 18) = 18 [pid 6050] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6051] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6051] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 ./strace-static-x86_64: Process 6052 attached [pid 6051] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6050] <... clone3 resumed> => {parent_tid=[6052]}, 88) = 6052 [pid 6048] <... mount resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./94/file0", [pid 6052] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6050] rt_sigprocmask(SIG_SETMASK, [], [pid 6052] <... rseq resumed>) = 0 [pid 6051] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6050] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6052] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6051] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6050] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6048] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6052] <... set_robust_list resumed>) = 0 [pid 6051] <... mmap resumed>) = 0x7f1dfa693000 [pid 6050] <... futex resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6052] rt_sigprocmask(SIG_SETMASK, [], [pid 6051] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6050] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6048] <... openat resumed>) = 3 [pid 5085] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6052] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6051] <... mprotect resumed>) = 0 [pid 5085] <... openat resumed>) = 4 [pid 6052] memfd_create("syzkaller", 0 [pid 6048] chdir("./file0" [pid 5085] newfstatat(4, "", [pid 6052] <... memfd_create resumed>) = 3 [pid 6051] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6048] <... chdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6052] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6051] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6048] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] getdents64(4, [pid 6052] <... mmap resumed>) = 0x7f1df2200000 [pid 6051] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6048] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6053 attached [pid 6048] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6053] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6051] <... clone3 resumed> => {parent_tid=[6053]}, 88) = 6053 [pid 5085] getdents64(4, [pid 6053] <... rseq resumed>) = 0 [pid 6048] <... futex resumed>) = 1 [pid 6045] <... futex resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6053] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6051] rt_sigprocmask(SIG_SETMASK, [], [pid 6048] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6053] <... set_robust_list resumed>) = 0 [pid 6051] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6045] exit_group(0 [pid 5085] close(4 [pid 6053] rt_sigprocmask(SIG_SETMASK, [], [pid 6051] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6048] <... futex resumed>) = ? [pid 6045] <... exit_group resumed>) = ? [pid 5085] <... close resumed>) = 0 [pid 6053] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6051] <... futex resumed>) = 0 [pid 6051] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5085] rmdir("./94/file0" [pid 6053] memfd_create("syzkaller", 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 6053] <... memfd_create resumed>) = 3 [pid 5085] rmdir("./94" [pid 6053] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [ 152.273441][ T6049] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 152.299375][ T6048] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5085] <... rmdir resumed>) = 0 [pid 6048] +++ exited with 0 +++ [pid 6045] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6045, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5085] mkdir("./95", 0777) = 0 [pid 5086] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5086] getdents64(3, [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./94/binderfs") = 0 [pid 5086] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6049] <... mount resumed>) = 0 [pid 6049] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6049] chdir("./file0" [pid 6053] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6052] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... umount2 resumed>) = 0 [pid 6049] <... chdir resumed>) = 0 [pid 5086] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6049] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6049] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] newfstatat(AT_FDCWD, "./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6049] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6049] <... futex resumed>) = 1 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6049] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", [pid 6047] <... futex resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6047] exit_group(0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, [pid 6049] <... futex resumed>) = ? [pid 6047] <... exit_group resumed>) = ? [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6049] +++ exited with 0 +++ [pid 6047] +++ exited with 0 +++ [pid 5086] close(4 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6047, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [ 152.370412][ T6049] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./94/file0") = 0 [pid 5086] getdents64(3, [pid 5088] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] close(3 [pid 5088] <... openat resumed>) = 3 [pid 5086] <... close resumed>) = 0 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] rmdir("./94" [pid 5088] getdents64(3, [pid 5086] <... rmdir resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] mkdir("./95", 0777 [pid 5088] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... mkdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./94/binderfs", [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5088] unlink("./94/binderfs" [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5088] <... unlink resumed>) = 0 [pid 5088] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5088] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./94/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] close(3 [pid 6053] <... write resumed>) = 2097152 [pid 5088] getdents64(4, [pid 5085] <... close resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6054 attached [pid 6053] munmap(0x7f1df2200000, 138412032 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./94/file0" [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6054 [pid 5088] <... rmdir resumed>) = 0 [pid 6054] set_robust_list(0x555580b0d6a0, 24 [pid 6053] <... munmap resumed>) = 0 [pid 6052] <... write resumed>) = 2097152 [pid 6054] <... set_robust_list resumed>) = 0 [pid 6053] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6052] munmap(0x7f1df2200000, 138412032 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6052] <... munmap resumed>) = 0 [pid 5088] close(3 [pid 6054] chdir("./95" [pid 5088] <... close resumed>) = 0 [pid 6054] <... chdir resumed>) = 0 [pid 6053] <... openat resumed>) = 4 [pid 6052] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] rmdir("./94" [pid 6054] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6053] ioctl(4, LOOP_SET_FD, 3 [pid 6052] <... openat resumed>) = 4 [pid 5088] <... rmdir resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 6054] <... prctl resumed>) = 0 [pid 5088] mkdir("./95", 0777 [pid 6054] setpgid(0, 0 [pid 5088] <... mkdir resumed>) = 0 [pid 6054] <... setpgid resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] close(3 [pid 6054] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... openat resumed>) = 3 [pid 5086] <... close resumed>) = 0 [pid 6054] <... openat resumed>) = 3 [pid 6052] ioctl(4, LOOP_SET_FD, 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6054] write(3, "1000", 4) = 4 [pid 6054] close(3) = 0 [pid 6054] symlink("/dev/binderfs", "./binderfs" [pid 6053] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6055 attached [pid 6054] <... symlink resumed>) = 0 [pid 6053] close(3 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6055 [pid 6055] set_robust_list(0x555580b0d6a0, 24 [pid 6053] <... close resumed>) = 0 [pid 6053] close(4) = 0 [pid 6053] mkdir("./file0", 0777) = 0 [pid 6054] write(1, "executing program\n", 18 [pid 6053] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, ""executing program [pid 6055] <... set_robust_list resumed>) = 0 [pid 6054] <... write resumed>) = 18 [pid 6054] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6055] chdir("./95" [pid 6054] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6054] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6054] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6052] <... ioctl resumed>) = 0 [pid 6055] <... chdir resumed>) = 0 [pid 6055] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6052] close(3 [pid 6054] <... mmap resumed>) = 0x7f1dfa693000 [pid 6052] <... close resumed>) = 0 [pid 6052] close(4 [pid 6054] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6052] <... close resumed>) = 0 [pid 6055] <... prctl resumed>) = 0 [pid 6054] <... mprotect resumed>) = 0 [pid 6052] mkdir("./file0", 0777 [pid 6055] setpgid(0, 0 [pid 6052] <... mkdir resumed>) = 0 [pid 6052] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6055] <... setpgid resumed>) = 0 [ 152.498740][ T6053] loop4: detected capacity change from 0 to 4096 [ 152.510512][ T6052] loop2: detected capacity change from 0 to 4096 [ 152.529853][ T6053] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 6055] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6054] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6054] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6056]}, 88) = 6056 [pid 6055] <... openat resumed>) = 3 [pid 6054] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6054] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6056 attached ) = 0 [pid 6056] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6054] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6056] <... rseq resumed>) = 0 [pid 6056] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6055] write(3, "1000", 4 [pid 6056] <... set_robust_list resumed>) = 0 [pid 6056] rt_sigprocmask(SIG_SETMASK, [], [pid 6055] <... write resumed>) = 4 [pid 6056] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6055] close(3 [pid 6056] memfd_create("syzkaller", 0 [pid 6055] <... close resumed>) = 0 [pid 6055] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6055] write(1, "executing program\n", 18) = 18 [pid 6055] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6055] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] <... ioctl resumed>) = 0 [pid 6055] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6056] <... memfd_create resumed>) = 3 [pid 6055] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6056] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6055] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6056] <... mmap resumed>) = 0x7f1df2200000 [ 152.546029][ T6052] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 6055] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] close(3 [pid 6055] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6057 attached [pid 6055] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6057 [pid 6055] <... mprotect resumed>) = 0 [pid 6057] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6057] chdir("./95") = 0 [pid 6057] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6056] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6057] setpgid(0, 0) = 0 executing program [pid 6057] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6055] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6057] write(3, "1000", 4) = 4 [pid 6057] close(3) = 0 [pid 6057] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6057] write(1, "executing program\n", 18 [pid 6053] <... mount resumed>) = 0 [pid 6057] <... write resumed>) = 18 [pid 6053] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6057] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6053] <... openat resumed>) = 3 [pid 6057] <... futex resumed>) = 0 [pid 6053] chdir("./file0" [pid 6057] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6053] <... chdir resumed>) = 0 [pid 6057] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6055] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6053] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6057] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6055] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6053] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6057] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6053] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6057] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6053] <... futex resumed>) = 1 [pid 6051] <... futex resumed>) = 0 [pid 6057] <... mmap resumed>) = 0x7f1dfa693000 [pid 6053] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6051] exit_group(0 [pid 6057] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6053] <... futex resumed>) = ? [pid 6051] <... exit_group resumed>) = ? [pid 6057] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6055] <... clone3 resumed> => {parent_tid=[6058]}, 88) = 6058 [pid 6053] +++ exited with 0 +++ [pid 6057] <... rt_sigprocmask resumed>[], 8) = 0 ./strace-static-x86_64: Process 6058 attached [pid 6057] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6055] rt_sigprocmask(SIG_SETMASK, [], [pid 6058] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6055] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 6059 attached [pid 6058] <... rseq resumed>) = 0 [pid 6057] <... clone3 resumed> => {parent_tid=[6059]}, 88) = 6059 [pid 6055] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [ 152.618725][ T6053] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6059] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6058] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6057] rt_sigprocmask(SIG_SETMASK, [], [pid 6051] +++ exited with 0 +++ [pid 6059] <... rseq resumed>) = 0 [pid 6058] <... set_robust_list resumed>) = 0 [pid 6057] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6055] <... futex resumed>) = 0 [pid 6052] <... mount resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6051, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6059] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6058] rt_sigprocmask(SIG_SETMASK, [], [pid 6057] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6055] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6059] <... set_robust_list resumed>) = 0 [pid 6058] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6057] <... futex resumed>) = 0 [pid 6059] rt_sigprocmask(SIG_SETMASK, [], [pid 6058] memfd_create("syzkaller", 0 [pid 6057] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6059] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6059] memfd_create("syzkaller", 0 [pid 5089] umount2("./94", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6059] <... memfd_create resumed>) = 3 [pid 5089] openat(AT_FDCWD, "./94", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6059] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... openat resumed>) = 3 [pid 6059] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] newfstatat(3, "", [pid 6056] <... write resumed>) = 2097152 [pid 6052] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 6056] munmap(0x7f1df2200000, 138412032 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./94/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./94/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./94/binderfs" [pid 6058] <... memfd_create resumed>) = 3 [pid 6056] <... munmap resumed>) = 0 [pid 6052] <... openat resumed>) = 3 [pid 5089] <... unlink resumed>) = 0 [pid 6058] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6058] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... umount2 resumed>) = 0 [pid 6052] chdir("./file0") = 0 [pid 6052] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5089] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6059] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6056] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6052] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] newfstatat(AT_FDCWD, "./94/file0", [pid 6056] <... openat resumed>) = 4 [pid 6052] <... futex resumed>) = 1 [pid 6050] <... futex resumed>) = 0 [ 152.672318][ T6052] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6056] ioctl(4, LOOP_SET_FD, 3 [pid 6052] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6050] exit_group(0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./94/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./94/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, [pid 6056] <... ioctl resumed>) = 0 [pid 6052] <... futex resumed>) = ? [pid 6050] <... exit_group resumed>) = ? [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6052] +++ exited with 0 +++ [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./94/file0") = 0 [pid 6056] close(3) = 0 [pid 6050] +++ exited with 0 +++ [pid 5089] getdents64(3, [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6050, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./94" [pid 5087] <... restart_syscall resumed>) = 0 [pid 6058] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6056] close(4 [pid 5089] <... rmdir resumed>) = 0 [pid 5089] mkdir("./95", 0777 [pid 6056] <... close resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5087] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6056] mkdir("./file0", 0777 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6056] <... mkdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6056] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6059] <... write resumed>) = 2097152 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... openat resumed>) = 3 [pid 5087] newfstatat(3, "", [pid 6059] munmap(0x7f1df2200000, 138412032 [pid 5089] <... openat resumed>) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./95/binderfs") = 0 [pid 6059] <... munmap resumed>) = 0 [pid 6058] <... write resumed>) = 2097152 [ 152.731298][ T6056] loop0: detected capacity change from 0 to 4096 [ 152.765067][ T6056] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5087] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6059] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6058] munmap(0x7f1df2200000, 138412032 [pid 6059] <... openat resumed>) = 4 [pid 6059] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... umount2 resumed>) = 0 [pid 6058] <... munmap resumed>) = 0 [pid 6058] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6058] ioctl(4, LOOP_SET_FD, 3 [pid 5087] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6059] <... ioctl resumed>) = 0 [pid 6059] close(3) = 0 [pid 6059] close(4) = 0 [pid 6059] mkdir("./file0", 0777) = 0 [pid 6059] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] newfstatat(AT_FDCWD, "./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6058] <... ioctl resumed>) = 0 [pid 5087] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6058] close(3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6058] <... close resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6058] close(4) = 0 [pid 6058] mkdir("./file0", 0777 [pid 5087] <... openat resumed>) = 4 [pid 6058] <... mkdir resumed>) = 0 [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, [ 152.803678][ T6059] loop3: detected capacity change from 0 to 4096 [ 152.818136][ T6058] loop1: detected capacity change from 0 to 4096 [ 152.837562][ T6059] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6058] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... ioctl resumed>) = 0 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5087] rmdir("./95/file0" [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6060 [pid 5087] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6060 attached [pid 6060] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6060] chdir("./95" [pid 5087] close(3) = 0 [pid 5087] rmdir("./95" [pid 6060] <... chdir resumed>) = 0 [pid 6060] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6060] setpgid(0, 0 [pid 5087] <... rmdir resumed>) = 0 [pid 6060] <... setpgid resumed>) = 0 [pid 6060] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5087] mkdir("./96", 0777 [pid 6060] write(3, "1000", 4) = 4 [pid 6060] close(3) = 0 [pid 6060] symlink("/dev/binderfs", "./binderfs" [pid 5087] <... mkdir resumed>) = 0 [pid 6060] <... symlink resumed>) = 0 [pid 6056] <... mount resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6056] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... openat resumed>) = 3 [pid 6056] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FDexecuting program [pid 6060] write(1, "executing program\n", 18) = 18 [pid 6060] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6056] chdir("./file0" [pid 6060] <... futex resumed>) = 0 [pid 6056] <... chdir resumed>) = 0 [pid 6056] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 152.863472][ T6058] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 152.887925][ T6056] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6056] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6060] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6056] <... futex resumed>) = 1 [pid 6054] <... futex resumed>) = 0 [pid 6056] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6060] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6054] exit_group(0 [pid 6060] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6056] <... futex resumed>) = ? [pid 6054] <... exit_group resumed>) = ? [pid 6060] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6060] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6060] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6060] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6060] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6061]}, 88) = 6061 [pid 6056] +++ exited with 0 +++ [pid 6054] +++ exited with 0 +++ ./strace-static-x86_64: Process 6061 attached [pid 6060] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6054, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6060] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6061] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6060] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6061] <... rseq resumed>) = 0 [pid 6060] <... futex resumed>) = 0 [pid 6061] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6060] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6061] <... set_robust_list resumed>) = 0 [pid 6061] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6061] memfd_create("syzkaller", 0 [pid 6059] <... mount resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 6061] <... memfd_create resumed>) = 3 [pid 6059] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6061] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6059] <... openat resumed>) = 3 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6062 [pid 5085] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6062 attached [pid 6061] <... mmap resumed>) = 0x7f1df2200000 [pid 6059] chdir("./file0" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6062] set_robust_list(0x555580b0d6a0, 24 [pid 6059] <... chdir resumed>) = 0 [pid 6058] <... mount resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6059] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6058] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 6058] <... openat resumed>) = 3 [pid 6059] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6058] chdir("./file0" [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6057] <... futex resumed>) = 0 [pid 5085] getdents64(3, [pid 6058] <... chdir resumed>) = 0 [pid 6058] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6057] exit_group(0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6058] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6057] <... exit_group resumed>) = ? [pid 5085] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6062] <... set_robust_list resumed>) = 0 [pid 6058] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6058] <... futex resumed>) = 1 [pid 6055] <... futex resumed>) = 0 [pid 6062] chdir("./96" [pid 6058] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6055] exit_group(0 [pid 5085] newfstatat(AT_FDCWD, "./95/binderfs", [pid 6059] <... futex resumed>) = ? [pid 6058] <... futex resumed>) = ? [pid 6055] <... exit_group resumed>) = ? [pid 6062] <... chdir resumed>) = 0 [pid 6059] +++ exited with 0 +++ [pid 6057] +++ exited with 0 +++ [pid 6058] +++ exited with 0 +++ [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6057, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5085] unlink("./95/binderfs") = 0 [pid 5085] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6062] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6062] <... prctl resumed>) = 0 [pid 6055] +++ exited with 0 +++ [pid 5088] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = 0 [pid 6062] setpgid(0, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6062] <... setpgid resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./95/binderfs", [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6055, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5086] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 152.973071][ T6059] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 152.984164][ T6058] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] unlink("./95/binderfs" [pid 5086] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... unlink resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5085] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6062] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./95/binderfs", [pid 5085] newfstatat(AT_FDCWD, "./95/file0", [pid 6062] write(3, "1000", 4 [pid 5088] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6062] <... write resumed>) = 4 [pid 5086] unlink("./95/binderfs" [pid 5085] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6062] close(3 [pid 5086] <... unlink resumed>) = 0 [pid 6062] <... close resumed>) = 0 [pid 6062] symlink("/dev/binderfs", "./binderfs" [pid 5086] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6062] <... symlink resumed>) = 0 executing program [pid 5085] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6062] write(1, "executing program\n", 18 [pid 5085] <... openat resumed>) = 4 [pid 6062] <... write resumed>) = 18 [pid 5085] newfstatat(4, "", [pid 6062] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6062] <... futex resumed>) = 0 [pid 5085] getdents64(4, [pid 6062] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6062] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5085] getdents64(4, [pid 6062] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6062] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 6062] <... mmap resumed>) = 0x7f1dfa693000 [pid 5085] <... close resumed>) = 0 [pid 6062] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5085] rmdir("./95/file0" [pid 6062] <... mprotect resumed>) = 0 [pid 5088] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6062] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... rmdir resumed>) = 0 [pid 6062] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6062] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] newfstatat(AT_FDCWD, "./95/file0", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] getdents64(3, ./strace-static-x86_64: Process 6063 attached [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] newfstatat(AT_FDCWD, "./95/file0", [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6063] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6062] <... clone3 resumed> => {parent_tid=[6063]}, 88) = 6063 [pid 5088] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] close(3 [pid 6063] <... rseq resumed>) = 0 [pid 6062] rt_sigprocmask(SIG_SETMASK, [], [pid 6061] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... close resumed>) = 0 [pid 6062] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6062] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6063] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6062] <... futex resumed>) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] rmdir("./95" [pid 6063] <... set_robust_list resumed>) = 0 [pid 6062] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] newfstatat(4, "", [pid 6063] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6063] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] getdents64(4, [pid 5086] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... rmdir resumed>) = 0 [pid 6063] memfd_create("syzkaller", 0 [pid 5086] <... openat resumed>) = 4 [pid 5085] mkdir("./96", 0777 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, [pid 5086] getdents64(4, [pid 5085] <... mkdir resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6063] <... memfd_create resumed>) = 3 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6063] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] close(4 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5086] close(4 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./95/file0") = 0 [pid 5086] getdents64(3, [pid 5088] <... close resumed>) = 0 [pid 6063] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] rmdir("./95/file0" [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./95" [pid 5088] <... rmdir resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5086] mkdir("./96", 0777) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./95") = 0 [pid 5088] mkdir("./96", 0777) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6061] <... write resumed>) = 2097152 [pid 5086] <... ioctl resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5085] close(3 [pid 6061] munmap(0x7f1df2200000, 138412032 [pid 5085] <... close resumed>) = 0 [pid 6063] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] close(3) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6064 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 6065 ./strace-static-x86_64: Process 6065 attached ./strace-static-x86_64: Process 6064 attached [pid 6065] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6065] chdir("./96" [pid 6064] set_robust_list(0x555580b0d6a0, 24 [pid 6061] <... munmap resumed>) = 0 [pid 6064] <... set_robust_list resumed>) = 0 [pid 6064] chdir("./96" [pid 6065] <... chdir resumed>) = 0 [pid 6061] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6065] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6061] <... openat resumed>) = 4 [pid 6065] <... prctl resumed>) = 0 [pid 6061] ioctl(4, LOOP_SET_FD, 3 [pid 6065] setpgid(0, 0 [pid 6061] <... ioctl resumed>) = 0 [pid 6065] <... setpgid resumed>) = 0 [pid 6064] <... chdir resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 6065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6064] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6061] close(3executing program [pid 6065] <... openat resumed>) = 3 [pid 6064] <... prctl resumed>) = 0 [pid 6061] <... close resumed>) = 0 [pid 6065] write(3, "1000", 4) = 4 [pid 6065] close(3) = 0 [pid 6065] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6065] write(1, "executing program\n", 18) = 18 [pid 6065] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6065] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6065] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6063] <... write resumed>) = 2097152 [pid 6065] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6064] setpgid(0, 0 [pid 6061] close(4 [pid 5088] close(3 [pid 6065] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6065] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6064] <... setpgid resumed>) = 0 [ 153.174557][ T6061] loop4: detected capacity change from 0 to 4096 [pid 6063] munmap(0x7f1df2200000, 138412032 [pid 6061] <... close resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 6065] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6063] <... munmap resumed>) = 0 [pid 6061] mkdir("./file0", 0777 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6064] <... openat resumed>) = 3 [pid 6061] <... mkdir resumed>) = 0 [pid 6064] write(3, "1000", 4 [pid 6061] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, ""./strace-static-x86_64: Process 6066 attached [pid 6065] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6064] <... write resumed>) = 4 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6066 [pid 6066] set_robust_list(0x555580b0d6a0, 24 [pid 6065] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6064] close(3./strace-static-x86_64: Process 6067 attached [pid 6066] <... set_robust_list resumed>) = 0 [pid 6064] <... close resumed>) = 0 [pid 6067] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6066] chdir("./96" [pid 6065] <... clone3 resumed> => {parent_tid=[6067]}, 88) = 6067 [pid 6064] symlink("/dev/binderfs", "./binderfs" [pid 6067] <... rseq resumed>) = 0 [pid 6066] <... chdir resumed>) = 0 [pid 6065] rt_sigprocmask(SIG_SETMASK, [], [pid 6064] <... symlink resumed>) = 0 [pid 6067] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6066] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6065] <... rt_sigprocmask resumed>NULL, 8) = 0 executing program [pid 6066] <... prctl resumed>) = 0 [pid 6065] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6064] write(1, "executing program\n", 18 [pid 6067] <... set_robust_list resumed>) = 0 [pid 6067] rt_sigprocmask(SIG_SETMASK, [], [pid 6066] setpgid(0, 0 [pid 6065] <... futex resumed>) = 0 [pid 6064] <... write resumed>) = 18 [pid 6063] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6067] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6066] <... setpgid resumed>) = 0 [pid 6065] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6064] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6064] <... futex resumed>) = 0 [pid 6066] <... openat resumed>) = 3 [pid 6064] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6063] <... openat resumed>) = 4 [pid 6066] write(3, "1000", 4 [pid 6064] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6063] ioctl(4, LOOP_SET_FD, 3 [pid 6067] memfd_create("syzkaller", 0 [pid 6066] <... write resumed>) = 4 [pid 6064] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6067] <... memfd_create resumed>) = 3 [pid 6066] close(3 [pid 6064] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6063] <... ioctl resumed>) = 0 [pid 6066] <... close resumed>) = 0 [pid 6064] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6067] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6066] symlink("/dev/binderfs", "./binderfs" [pid 6064] <... mmap resumed>) = 0x7f1dfa693000 [pid 6067] <... mmap resumed>) = 0x7f1df2200000 [pid 6066] <... symlink resumed>) = 0 [pid 6064] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6063] close(3executing program [pid 6066] write(1, "executing program\n", 18 [pid 6064] <... mprotect resumed>) = 0 [pid 6063] <... close resumed>) = 0 [pid 6066] <... write resumed>) = 18 [pid 6064] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6066] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6064] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6064] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6066] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, ./strace-static-x86_64: Process 6068 attached NULL, 8) = 0 [pid 6063] close(4 [pid 6068] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6066] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6064] <... clone3 resumed> => {parent_tid=[6068]}, 88) = 6068 [pid 6063] <... close resumed>) = 0 [ 153.245428][ T6061] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 153.266590][ T6063] loop2: detected capacity change from 0 to 4096 [pid 6068] <... rseq resumed>) = 0 [pid 6066] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6064] rt_sigprocmask(SIG_SETMASK, [], [pid 6063] mkdir("./file0", 0777 [pid 6068] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6066] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6064] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6063] <... mkdir resumed>) = 0 [pid 6061] <... mount resumed>) = 0 [pid 6068] <... set_robust_list resumed>) = 0 [pid 6066] <... mmap resumed>) = 0x7f1dfa693000 [pid 6064] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6061] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6066] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6064] <... futex resumed>) = 0 [pid 6066] <... mprotect resumed>) = 0 [pid 6064] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6063] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6068] rt_sigprocmask(SIG_SETMASK, [], [pid 6061] <... openat resumed>) = 3 [pid 6068] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6061] chdir("./file0" [pid 6066] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6061] <... chdir resumed>) = 0 [pid 6066] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6061] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6066] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6061] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6061] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6069 attached [pid 6066] <... clone3 resumed> => {parent_tid=[6069]}, 88) = 6069 [pid 6061] <... futex resumed>) = 1 [pid 6069] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6068] memfd_create("syzkaller", 0 [pid 6066] rt_sigprocmask(SIG_SETMASK, [], [pid 6061] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6060] <... futex resumed>) = 0 [pid 6069] <... rseq resumed>) = 0 [pid 6068] <... memfd_create resumed>) = 3 [pid 6066] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6060] exit_group(0 [pid 6069] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6068] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6067] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6066] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6061] <... futex resumed>) = ? [pid 6060] <... exit_group resumed>) = ? [pid 6069] <... set_robust_list resumed>) = 0 [pid 6068] <... mmap resumed>) = 0x7f1df2200000 [pid 6061] +++ exited with 0 +++ [pid 6069] rt_sigprocmask(SIG_SETMASK, [], [pid 6066] <... futex resumed>) = 0 [pid 6069] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6069] memfd_create("syzkaller", 0 [pid 6066] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6060] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6060, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 6069] <... memfd_create resumed>) = 3 [pid 6069] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5089] umount2("./95", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./95", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6069] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./95/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./95/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./95/binderfs") = 0 [pid 5089] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5089] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./95/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./95/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./95/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 153.293980][ T6061] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 153.313926][ T6063] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./95/file0") = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./95") = 0 [pid 5089] mkdir("./96", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6067] <... write resumed>) = 2097152 [pid 6067] munmap(0x7f1df2200000, 138412032 [pid 6068] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6069] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6067] <... munmap resumed>) = 0 [pid 6067] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6067] ioctl(4, LOOP_SET_FD, 3 [pid 6063] <... mount resumed>) = 0 [pid 6063] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6063] chdir("./file0" [pid 6069] <... write resumed>) = 2097152 [pid 6067] <... ioctl resumed>) = 0 [pid 6063] <... chdir resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 6069] munmap(0x7f1df2200000, 138412032 [pid 6067] close(3 [pid 6063] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6063] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6067] <... close resumed>) = 0 [pid 6063] <... futex resumed>) = 1 [pid 6062] <... futex resumed>) = 0 [pid 6067] close(4 [pid 6063] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6062] exit_group(0 [pid 6067] <... close resumed>) = 0 [pid 6067] mkdir("./file0", 0777) = 0 [pid 6063] <... futex resumed>) = ? [pid 6062] <... exit_group resumed>) = ? [pid 6068] <... write resumed>) = 2097152 [pid 6063] +++ exited with 0 +++ [pid 5089] close(3 [pid 6067] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6062] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6062, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [ 153.445486][ T6063] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 153.445771][ T6067] loop1: detected capacity change from 0 to 4096 [pid 5087] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6069] <... munmap resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... openat resumed>) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 6070 attached [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6070 [pid 5087] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6070] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6070] <... set_robust_list resumed>) = 0 [pid 6068] munmap(0x7f1df2200000, 138412032 [pid 5087] newfstatat(AT_FDCWD, "./96/binderfs", [pid 6070] chdir("./96" [pid 6069] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./96/binderfs" [pid 6069] <... openat resumed>) = 4 [pid 6070] <... chdir resumed>) = 0 [pid 6070] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] <... unlink resumed>) = 0 [pid 6070] <... prctl resumed>) = 0 [pid 6070] setpgid(0, 0) = 0 [pid 5087] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6068] <... munmap resumed>) = 0 [pid 6070] <... openat resumed>) = 3 [pid 6069] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 6069] close(3 [pid 6070] write(3, "1000", 4 [pid 6069] <... close resumed>) = 0 [pid 6068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6070] <... write resumed>) = 4 [pid 6069] close(4 [pid 6070] close(3 [pid 6069] <... close resumed>) = 0 [pid 6070] <... close resumed>) = 0 [pid 6070] symlink("/dev/binderfs", "./binderfs" [pid 6069] mkdir("./file0", 0777 [pid 6068] <... openat resumed>) = 4 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6069] <... mkdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5087] rmdir("./96/file0") = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./96" [pid 6069] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 153.498328][ T6067] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 153.521852][ T6069] loop3: detected capacity change from 0 to 4096 [pid 6068] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... rmdir resumed>) = 0 [pid 6070] <... symlink resumed>) = 0 [pid 6070] write(1, "executing program\n", 18executing program ) = 18 [pid 6070] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6070] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5087] mkdir("./97", 0777 [pid 6070] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] <... mkdir resumed>) = 0 [pid 6070] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6070] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6070] <... mmap resumed>) = 0x7f1dfa693000 [pid 6070] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6068] <... ioctl resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6068] close(3) = 0 [pid 6068] close(4) = 0 [pid 6068] mkdir("./file0", 0777) = 0 [pid 6068] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6070] <... mprotect resumed>) = 0 [pid 6070] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6070] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6071]}, 88) = 6071 [pid 6070] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6070] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 6071 attached [pid 6070] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6071] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6071] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6071] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 153.553499][ T6068] loop0: detected capacity change from 0 to 4096 [ 153.562197][ T6069] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 153.592586][ T6068] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 6071] memfd_create("syzkaller", 0) = 3 [pid 6071] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6067] <... mount resumed>) = 0 [pid 6067] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6067] chdir("./file0") = 0 [pid 6069] <... mount resumed>) = 0 [pid 6067] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5087] <... ioctl resumed>) = 0 [pid 6067] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6067] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6065] <... futex resumed>) = 0 [pid 6065] exit_group(0 [pid 6067] <... futex resumed>) = ? [pid 6065] <... exit_group resumed>) = ? [pid 6067] +++ exited with 0 +++ [pid 6065] +++ exited with 0 +++ [pid 5087] close(3) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6065, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 6072 attached [pid 6069] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6072] set_robust_list(0x555580b0d6a0, 24 [pid 6071] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6069] <... openat resumed>) = 3 [pid 6072] <... set_robust_list resumed>) = 0 [pid 6069] chdir("./file0" [pid 5086] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6072] chdir("./97" [pid 6069] <... chdir resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6072 [pid 6072] <... chdir resumed>) = 0 [pid 6069] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6072] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6069] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 153.625072][ T6067] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 153.661430][ T6069] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5086] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6072] <... prctl resumed>) = 0 [pid 6069] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... openat resumed>) = 3 [pid 6072] setpgid(0, 0 [pid 6069] <... futex resumed>) = 1 [pid 6066] <... futex resumed>) = 0 [pid 6072] <... setpgid resumed>) = 0 [pid 5086] newfstatat(3, "", [pid 6072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6066] exit_group(0 [pid 5086] getdents64(3, [pid 6066] <... exit_group resumed>) = ? [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6072] <... openat resumed>) = 3 [pid 6071] <... write resumed>) = 2097152 [pid 6068] <... mount resumed>) = 0 [pid 5086] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6072] write(3, "1000", 4 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./96/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6072] <... write resumed>) = 4 [pid 5086] unlink("./96/binderfs" [pid 6072] close(3 [pid 6068] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... unlink resumed>) = 0 [pid 6072] <... close resumed>) = 0 [pid 6071] munmap(0x7f1df2200000, 138412032 [pid 6068] <... openat resumed>) = 3 [pid 5086] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6072] symlink("/dev/binderfs", "./binderfs" [pid 6068] chdir("./file0" [pid 6072] <... symlink resumed>) = 0 [pid 6068] <... chdir resumed>) = 0 [pid 6072] write(1, "executing program\n", 18 [pid 6071] <... munmap resumed>) = 0 [pid 6069] +++ exited with 0 +++ [pid 6068] openat(AT_FDCWD, "/dev/loop0", O_RDWRexecuting program [pid 6066] +++ exited with 0 +++ [pid 5086] <... umount2 resumed>) = 0 [pid 6072] <... write resumed>) = 18 [pid 6071] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6068] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6072] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6071] <... openat resumed>) = 4 [pid 6068] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6072] <... futex resumed>) = 0 [pid 6071] ioctl(4, LOOP_SET_FD, 3 [pid 6068] <... futex resumed>) = 1 [pid 6072] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6064] <... futex resumed>) = 0 [pid 5086] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6064] exit_group(0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6066, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6064] <... exit_group resumed>) = ? [pid 5088] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(AT_FDCWD, "./96/file0", [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", [pid 5086] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6072] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6072] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6071] <... ioctl resumed>) = 0 [pid 5088] getdents64(3, [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... openat resumed>) = 4 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./96/binderfs", [pid 6072] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6071] close(3 [pid 6068] +++ exited with 0 +++ [pid 6064] +++ exited with 0 +++ [pid 5086] newfstatat(4, "", [pid 6072] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6071] <... close resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6064, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6071] close(4 [pid 5088] unlink("./96/binderfs" [pid 6072] <... mmap resumed>) = 0x7f1dfa693000 [pid 6071] <... close resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5086] getdents64(4, [pid 6072] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6071] mkdir("./file0", 0777 [pid 6072] <... mprotect resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4 [pid 6072] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6071] <... mkdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 6072] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6072] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6071] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] rmdir("./96/file0" [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... rmdir resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 153.716300][ T6068] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 153.750554][ T6071] loop4: detected capacity change from 0 to 4096 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6073 attached [pid 5088] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6073] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5086] close(3 [pid 5085] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6073] <... rseq resumed>) = 0 [pid 6072] <... clone3 resumed> => {parent_tid=[6073]}, 88) = 6073 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 6073] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6072] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] rmdir("./96" [pid 5085] newfstatat(3, "", [pid 6073] <... set_robust_list resumed>) = 0 [pid 6072] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6073] rt_sigprocmask(SIG_SETMASK, [], [pid 6072] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... openat resumed>) = 4 [pid 5086] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, [pid 6073] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6072] <... futex resumed>) = 0 [pid 5088] newfstatat(4, "", [pid 5086] mkdir("./97", 0777 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6072] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(4, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./96/binderfs", [pid 6073] memfd_create("syzkaller", 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./96/binderfs" [pid 5088] getdents64(4, [pid 5086] <... mkdir resumed>) = 0 [pid 6073] <... memfd_create resumed>) = 3 [pid 5085] <... unlink resumed>) = 0 [pid 6073] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] close(4 [pid 5086] <... openat resumed>) = 3 [pid 6073] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] rmdir("./96/file0" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 153.788222][ T6071] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5085] newfstatat(AT_FDCWD, "./96/file0", [pid 5088] <... rmdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, [pid 5085] getdents64(4, [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] close(3 [pid 5085] getdents64(4, [pid 5088] <... close resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] rmdir("./96" [pid 5085] close(4) = 0 [pid 5085] rmdir("./96/file0" [pid 5088] <... rmdir resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./96" [pid 5088] mkdir("./97", 0777 [pid 5085] <... rmdir resumed>) = 0 [pid 5085] mkdir("./97", 0777 [pid 5088] <... mkdir resumed>) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6071] <... mount resumed>) = 0 [pid 6071] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6071] chdir("./file0") = 0 [pid 6071] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6073] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6071] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6071] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6070] <... futex resumed>) = 0 [pid 6070] exit_group(0) = ? [pid 6071] +++ exited with 0 +++ [pid 6070] +++ exited with 0 +++ [pid 5086] <... ioctl resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6070, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [ 153.830065][ T6071] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5089] umount2("./96", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./96", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./96/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./96/binderfs", [pid 5086] close(3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... close resumed>) = 0 [pid 5089] unlink("./96/binderfs") = 0 [pid 5089] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6073] <... write resumed>) = 2097152 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6074 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./96/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./96/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./96/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6074 attached [pid 5089] getdents64(4, [pid 6074] set_robust_list(0x555580b0d6a0, 24 [pid 6073] munmap(0x7f1df2200000, 138412032 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6074] <... set_robust_list resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 6073] <... munmap resumed>) = 0 [pid 5089] getdents64(4, [pid 5088] close(3 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] <... close resumed>) = 0 [pid 5089] close(4 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6074] chdir("./97" [pid 5089] <... close resumed>) = 0 ./strace-static-x86_64: Process 6075 attached [pid 6074] <... chdir resumed>) = 0 [pid 5089] rmdir("./96/file0" [pid 6075] set_robust_list(0x555580b0d6a0, 24 [pid 6074] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... rmdir resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6075 [pid 6074] <... prctl resumed>) = 0 [pid 6074] setpgid(0, 0) = 0 [pid 5089] getdents64(3, [pid 6075] <... set_robust_list resumed>) = 0 [pid 6075] chdir("./97" [pid 6074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 6075] <... chdir resumed>) = 0 [pid 6073] <... openat resumed>) = 4 [pid 5085] close(3 [pid 6075] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6074] <... openat resumed>) = 3 [pid 6073] ioctl(4, LOOP_SET_FD, 3 [pid 5089] close(3 [pid 5085] <... close resumed>) = 0 [pid 6075] <... prctl resumed>) = 0 [pid 6074] write(3, "1000", 4 [pid 5089] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6075] setpgid(0, 0 [pid 6074] <... write resumed>) = 4 [pid 5089] rmdir("./96" [pid 6075] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 6076 attached [pid 6075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6074] close(3 [pid 6073] <... ioctl resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6076 [pid 6076] set_robust_list(0x555580b0d6a0, 24 [pid 6074] <... close resumed>) = 0 [pid 6073] close(3 [pid 6074] symlink("/dev/binderfs", "./binderfs" [pid 6076] <... set_robust_list resumed>) = 0 [pid 6075] <... openat resumed>) = 3 [pid 6074] <... symlink resumed>) = 0 [pid 6073] <... close resumed>) = 0 executing program [pid 5089] mkdir("./97", 0777 [pid 6076] chdir("./97" [pid 6075] write(3, "1000", 4 [pid 6074] write(1, "executing program\n", 18 [pid 6073] close(4 [pid 6076] <... chdir resumed>) = 0 [pid 6075] <... write resumed>) = 4 [pid 6076] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6075] close(3 [pid 6076] <... prctl resumed>) = 0 [pid 6075] <... close resumed>) = 0 [pid 6076] setpgid(0, 0 [pid 6075] symlink("/dev/binderfs", "./binderfs" [pid 6076] <... setpgid resumed>) = 0 [pid 6076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6075] <... symlink resumed>) = 0 [pid 6074] <... write resumed>) = 18 [pid 6073] <... close resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 executing program [pid 6076] <... openat resumed>) = 3 [pid 6075] write(1, "executing program\n", 18 [pid 6074] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6073] mkdir("./file0", 0777 [pid 6076] write(3, "1000", 4 [pid 6075] <... write resumed>) = 18 [pid 6074] <... futex resumed>) = 0 [pid 6076] <... write resumed>) = 4 [pid 6075] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6074] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6076] close(3 [pid 6075] <... futex resumed>) = 0 [pid 6074] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6073] <... mkdir resumed>) = 0 [pid 6076] <... close resumed>) = 0 [pid 6075] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, executing program [pid 6076] symlink("/dev/binderfs", "./binderfs" [pid 6075] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6074] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6073] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6076] <... symlink resumed>) = 0 [pid 6075] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] <... openat resumed>) = 3 [pid 6074] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6075] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6074] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6076] write(1, "executing program\n", 18 [pid 6075] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6076] <... write resumed>) = 18 [pid 6075] <... mmap resumed>) = 0x7f1dfa693000 [pid 6076] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6074] <... mmap resumed>) = 0x7f1dfa693000 [pid 6076] <... futex resumed>) = 0 [pid 6075] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6074] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6076] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6075] <... mprotect resumed>) = 0 [pid 6076] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6076] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6075] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6076] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6076] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6075] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6075] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6076] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6074] <... mprotect resumed>) = 0 [pid 6076] <... mprotect resumed>) = 0 [pid 6074] rt_sigprocmask(SIG_BLOCK, ~[], ./strace-static-x86_64: Process 6077 attached [], 8) = 0 [pid 6077] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6076] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6074] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6078 attached [pid 6077] <... rseq resumed>) = 0 [pid 6075] <... clone3 resumed> => {parent_tid=[6077]}, 88) = 6077 [pid 6078] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6077] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6074] <... clone3 resumed> => {parent_tid=[6078]}, 88) = 6078 [pid 6078] <... rseq resumed>) = 0 [pid 6077] <... set_robust_list resumed>) = 0 [pid 6074] rt_sigprocmask(SIG_SETMASK, [], [pid 6078] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6077] rt_sigprocmask(SIG_SETMASK, [], [pid 6076] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6075] rt_sigprocmask(SIG_SETMASK, [], [pid 6074] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6078] <... set_robust_list resumed>) = 0 [pid 6077] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6076] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6075] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6074] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6079 attached [pid 6078] rt_sigprocmask(SIG_SETMASK, [], [pid 6077] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6075] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6074] <... futex resumed>) = 0 [pid 6079] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6078] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6077] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6076] <... clone3 resumed> => {parent_tid=[6079]}, 88) = 6079 [pid 6075] <... futex resumed>) = 0 [pid 6074] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6079] <... rseq resumed>) = 0 [pid 6076] rt_sigprocmask(SIG_SETMASK, [], [pid 6075] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6079] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6076] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6079] <... set_robust_list resumed>) = 0 [pid 6077] memfd_create("syzkaller", 0 [pid 6079] rt_sigprocmask(SIG_SETMASK, [], [pid 6077] <... memfd_create resumed>) = 3 [pid 6076] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6079] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6076] <... futex resumed>) = 0 [pid 6079] memfd_create("syzkaller", 0 [pid 6078] memfd_create("syzkaller", 0 [pid 6077] <... mmap resumed>) = 0x7f1df2200000 [pid 6076] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6078] <... memfd_create resumed>) = 3 [ 153.982325][ T6073] loop2: detected capacity change from 0 to 4096 [ 154.012789][ T6073] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 6079] <... memfd_create resumed>) = 3 [pid 6078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6073] <... mount resumed>) = 0 [pid 6078] <... mmap resumed>) = 0x7f1df2200000 [pid 6077] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6073] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... ioctl resumed>) = 0 [pid 6073] <... openat resumed>) = 3 [pid 6073] chdir("./file0") = 0 [pid 5089] close(3 [pid 6073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... close resumed>) = 0 [pid 6073] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6080 attached [pid 6073] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6080 [pid 6073] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6080] set_robust_list(0x555580b0d6a0, 24 [pid 6078] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6072] <... futex resumed>) = 0 [pid 6080] <... set_robust_list resumed>) = 0 [pid 6080] chdir("./97" [pid 6072] exit_group(0 [pid 6073] <... futex resumed>) = ? [pid 6080] <... chdir resumed>) = 0 [pid 6072] <... exit_group resumed>) = ? [pid 6080] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6073] +++ exited with 0 +++ [pid 6072] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6072, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6080] <... prctl resumed>) = 0 [ 154.071301][ T6073] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6080] setpgid(0, 0 [pid 5087] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6080] <... setpgid resumed>) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6080] <... openat resumed>) = 3 [pid 5087] newfstatat(AT_FDCWD, "./97/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6080] write(3, "1000", 4 [pid 5087] unlink("./97/binderfs" [pid 6080] <... write resumed>) = 4 [pid 6080] close(3 [pid 5087] <... unlink resumed>) = 0 [pid 6080] <... close resumed>) = 0 [pid 6078] <... write resumed>) = 2097152 [pid 5087] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6080] symlink("/dev/binderfs", "./binderfs" [pid 6078] munmap(0x7f1df2200000, 138412032 [pid 6080] <... symlink resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5087] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6080] write(1, "executing program\n", 18 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6080] <... write resumed>) = 18 [pid 5087] newfstatat(AT_FDCWD, "./97/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6080] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6080] <... futex resumed>) = 0 [pid 6078] <... munmap resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6080] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6078] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6077] <... write resumed>) = 2097152 [pid 5087] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6080] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6078] <... openat resumed>) = 4 [pid 6077] munmap(0x7f1df2200000, 138412032 [pid 5087] <... openat resumed>) = 4 [pid 6080] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] newfstatat(4, "", [pid 6080] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6078] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5087] rmdir("./97/file0" [pid 6080] <... mmap resumed>) = 0x7f1dfa693000 [pid 6080] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6080] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6079] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6080] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 6080] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6081 attached [pid 5087] getdents64(3, [pid 6081] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6080] <... clone3 resumed> => {parent_tid=[6081]}, 88) = 6081 [pid 6077] <... munmap resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6081] <... rseq resumed>) = 0 [pid 6080] rt_sigprocmask(SIG_SETMASK, [], [pid 6081] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6080] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] close(3 [pid 6081] <... set_robust_list resumed>) = 0 [pid 6077] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6081] rt_sigprocmask(SIG_SETMASK, [], [pid 6080] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6078] <... ioctl resumed>) = 0 [pid 6077] <... openat resumed>) = 4 [pid 5087] <... close resumed>) = 0 [pid 6081] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6080] <... futex resumed>) = 0 [pid 6078] close(3 [pid 6077] ioctl(4, LOOP_SET_FD, 3 [pid 5087] rmdir("./97" [pid 6078] <... close resumed>) = 0 [pid 6081] memfd_create("syzkaller", 0 [pid 6080] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] <... rmdir resumed>) = 0 [pid 6078] close(4) = 0 [pid 5087] mkdir("./98", 0777 [pid 6081] <... memfd_create resumed>) = 3 [pid 6078] mkdir("./file0", 0777 [pid 5087] <... mkdir resumed>) = 0 [pid 6081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6078] <... mkdir resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6079] <... write resumed>) = 2097152 [pid 6078] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6077] <... ioctl resumed>) = 0 [pid 6077] close(3 [pid 6081] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6077] <... close resumed>) = 0 [ 154.176310][ T6078] loop1: detected capacity change from 0 to 4096 [ 154.203653][ T6077] loop3: detected capacity change from 0 to 4096 [pid 6077] close(4) = 0 [pid 6077] mkdir("./file0", 0777) = 0 [pid 6077] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6079] munmap(0x7f1df2200000, 138412032) = 0 [pid 6079] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 154.246751][ T6078] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 154.261070][ T6077] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6079] ioctl(4, LOOP_SET_FD, 3 [pid 6081] <... write resumed>) = 2097152 [pid 6081] munmap(0x7f1df2200000, 138412032 [pid 6079] <... ioctl resumed>) = 0 [pid 6079] close(3) = 0 [pid 6081] <... munmap resumed>) = 0 [pid 6079] close(4 [pid 6081] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6079] <... close resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 6081] <... openat resumed>) = 4 [pid 6079] mkdir("./file0", 0777 [pid 5087] close(3 [pid 6081] ioctl(4, LOOP_SET_FD, 3 [pid 6079] <... mkdir resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6082 attached [pid 6082] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6082] chdir("./98" [pid 6079] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6082 [pid 6082] <... chdir resumed>) = 0 [pid 6082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 154.297691][ T6079] loop0: detected capacity change from 0 to 4096 [ 154.336331][ T6081] loop4: detected capacity change from 0 to 4096 [pid 6082] setpgid(0, 0) = 0 [pid 6082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6081] <... ioctl resumed>) = 0 [pid 6082] <... openat resumed>) = 3 [pid 6081] close(3) = 0 [pid 6081] close(4 [pid 6082] write(3, "1000", 4 [pid 6081] <... close resumed>) = 0 [pid 6082] <... write resumed>) = 4 [ 154.357976][ T6079] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 154.359593][ T6077] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 154.390175][ T6078] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 6081] mkdir("./file0", 0777executing program [pid 6082] close(3) = 0 [pid 6081] <... mkdir resumed>) = 0 [pid 6082] symlink("/dev/binderfs", "./binderfs" [pid 6081] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6082] <... symlink resumed>) = 0 [pid 6082] write(1, "executing program\n", 18) = 18 [pid 6077] <... mount resumed>) = 0 [pid 6082] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6078] <... mount resumed>) = 0 [pid 6082] <... futex resumed>) = 0 [pid 6082] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6077] <... openat resumed>) = 3 [pid 6082] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6077] chdir("./file0" [pid 6082] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6077] <... chdir resumed>) = 0 [pid 6082] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6077] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6082] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6077] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6082] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6077] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6082] <... mprotect resumed>) = 0 [pid 6078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6077] <... futex resumed>) = 1 [pid 6075] <... futex resumed>) = 0 [pid 6082] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6077] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6075] exit_group(0 [pid 6082] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6078] <... openat resumed>) = 3 [pid 6077] <... futex resumed>) = ? [pid 6075] <... exit_group resumed>) = ? [pid 6077] +++ exited with 0 +++ [pid 6082] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6083]}, 88) = 6083 [pid 6082] rt_sigprocmask(SIG_SETMASK, [], [pid 6078] chdir("./file0" [pid 6082] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6082] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6078] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6083 attached [pid 6082] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6078] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6083] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6075] +++ exited with 0 +++ [pid 6078] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6083] <... rseq resumed>) = 0 [pid 6078] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6083] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6078] <... futex resumed>) = 1 [pid 6083] <... set_robust_list resumed>) = 0 [pid 6078] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6083] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6074] <... futex resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6075, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6074] exit_group(0 [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 6074] <... exit_group resumed>) = ? [pid 5088] <... restart_syscall resumed>) = 0 [pid 6083] memfd_create("syzkaller", 0 [pid 6078] <... futex resumed>) = ? [pid 5088] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, [pid 6078] +++ exited with 0 +++ [pid 6074] +++ exited with 0 +++ [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6083] <... memfd_create resumed>) = 3 [pid 5088] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6074, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6083] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5088] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5086] <... restart_syscall resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6079] <... mount resumed>) = 0 [pid 5088] unlink("./97/binderfs" [pid 6079] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... unlink resumed>) = 0 [pid 6079] <... openat resumed>) = 3 [pid 6079] chdir("./file0" [pid 5088] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6079] <... chdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6079] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5086] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 154.405867][ T6081] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 154.446468][ T6079] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6079] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... openat resumed>) = 3 [pid 6076] <... futex resumed>) = 0 [pid 6076] exit_group(0) = ? [pid 6079] <... futex resumed>) = ? [pid 6079] +++ exited with 0 +++ [pid 6076] +++ exited with 0 +++ [pid 5088] <... umount2 resumed>) = 0 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6076, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] newfstatat(AT_FDCWD, "./97/file0", [pid 5086] unlink("./97/binderfs" [pid 5085] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] newfstatat(3, "", [pid 5088] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... unlink resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] getdents64(3, [pid 5086] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... openat resumed>) = 4 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] newfstatat(4, "", [pid 5085] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... umount2 resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./97/file0" [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] unlink("./97/binderfs" [pid 5088] getdents64(3, [pid 5086] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6081] <... mount resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... unlink resumed>) = 0 [pid 5088] close(3 [pid 5085] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./97" [pid 5086] newfstatat(AT_FDCWD, "./97/file0", [pid 6081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... rmdir resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6081] <... openat resumed>) = 3 [pid 5088] mkdir("./98", 0777 [pid 6081] chdir("./file0" [pid 5088] <... mkdir resumed>) = 0 [pid 5086] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = 0 [pid 6081] <... chdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6083] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6081] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6081] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] <... openat resumed>) = 3 [pid 5086] <... openat resumed>) = 4 [pid 6081] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5086] newfstatat(4, "", [pid 6081] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6080] <... futex resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6080] exit_group(0 [pid 6081] <... futex resumed>) = ? [pid 6080] <... exit_group resumed>) = ? [pid 5086] getdents64(4, [pid 6081] +++ exited with 0 +++ [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 6080] +++ exited with 0 +++ [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6080, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5086] rmdir("./97/file0" [pid 5085] newfstatat(AT_FDCWD, "./97/file0", [pid 5086] <... rmdir resumed>) = 0 [pid 5089] umount2("./97", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./97", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... openat resumed>) = 3 [ 154.500093][ T6081] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5089] newfstatat(3, "", [pid 5086] getdents64(3, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] getdents64(3, [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6083] <... write resumed>) = 2097152 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... openat resumed>) = 4 [pid 5089] umount2("./97/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(3 [pid 5085] newfstatat(4, "", [pid 6083] munmap(0x7f1df2200000, 138412032 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./97/binderfs", [pid 5086] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] rmdir("./97" [pid 5089] unlink("./97/binderfs" [pid 5086] <... rmdir resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5089] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] mkdir("./98", 0777 [pid 6083] <... munmap resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5085] getdents64(4, [pid 5089] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... mkdir resumed>) = 0 [pid 6083] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./97/file0", [pid 6083] <... openat resumed>) = 4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6083] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] getdents64(4, [pid 5089] umount2("./97/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] close(4 [pid 5089] openat(AT_FDCWD, "./97/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [pid 5085] rmdir("./97/file0" [pid 5089] newfstatat(4, "", [pid 5085] <... rmdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6083] <... ioctl resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5085] getdents64(3, [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./97") = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 6083] close(3 [pid 5089] close(4 [pid 5085] mkdir("./98", 0777 [pid 5089] <... close resumed>) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5089] rmdir("./97/file0" [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6083] <... close resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 6083] close(4) = 0 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6083] mkdir("./file0", 0777 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6083] <... mkdir resumed>) = 0 [pid 6083] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] close(3) = 0 [pid 5089] rmdir("./97" [pid 5088] close(3 [pid 5089] <... rmdir resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] mkdir("./98", 0777) = 0 ./strace-static-x86_64: Process 6084 attached [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6084 [ 154.581485][ T6083] loop2: detected capacity change from 0 to 4096 [ 154.618152][ T6083] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 6084] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... openat resumed>) = 3 [pid 6084] <... set_robust_list resumed>) = 0 [pid 6084] chdir("./98" [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6084] <... chdir resumed>) = 0 [pid 6084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6083] <... mount resumed>) = 0 [pid 6084] setpgid(0, 0 [pid 6083] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6084] <... setpgid resumed>) = 0 [pid 6084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6083] <... openat resumed>) = 3 [pid 5086] <... ioctl resumed>) = 0 [pid 6083] chdir("./file0" [pid 5086] close(3 [pid 6083] <... chdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 6083] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6083] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6084] <... openat resumed>) = 3 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6085 [pid 6083] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6085 attached ) = 1 [pid 6085] set_robust_list(0x555580b0d6a0, 24 [pid 6084] write(3, "1000", 4 [pid 6083] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6085] <... set_robust_list resumed>) = 0 [pid 6084] <... write resumed>) = 4 [pid 6085] chdir("./98" [pid 6084] close(3) = 0 [pid 6085] <... chdir resumed>) = 0 [pid 6085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6085] setpgid(0, 0 [pid 6082] <... futex resumed>) = 0 [ 154.646370][ T6083] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6084] symlink("/dev/binderfs", "./binderfs" [pid 6085] <... setpgid resumed>) = 0 [pid 6082] exit_group(0 [pid 6084] <... symlink resumed>) = 0 [pid 6084] write(1, "executing program\n", 18 [pid 6085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program [pid 6083] <... futex resumed>) = ? [pid 6082] <... exit_group resumed>) = ? [pid 5085] <... ioctl resumed>) = 0 [pid 6085] <... openat resumed>) = 3 [pid 6084] <... write resumed>) = 18 [pid 6083] +++ exited with 0 +++ [pid 6082] +++ exited with 0 +++ [pid 6085] write(3, "1000", 4 [pid 6084] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6085] <... write resumed>) = 4 [pid 6084] <... futex resumed>) = 0 [pid 5085] close(3 [pid 6084] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6082, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5085] <... close resumed>) = 0 [pid 5087] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6086 attached [pid 6085] close(3 [pid 6084] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6085] <... close resumed>) = 0 executing program [pid 6085] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6085] write(1, "executing program\n", 18) = 18 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6086 [pid 6085] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6084] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] <... openat resumed>) = 3 [pid 6086] set_robust_list(0x555580b0d6a0, 24 [pid 6085] <... futex resumed>) = 0 [pid 6084] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] newfstatat(3, "", [pid 6085] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6084] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6085] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6084] <... mmap resumed>) = 0x7f1dfa693000 [pid 6086] <... set_robust_list resumed>) = 0 [pid 6085] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6084] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] getdents64(3, [pid 6086] chdir("./98" [pid 6085] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6084] <... mprotect resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6086] <... chdir resumed>) = 0 [pid 6086] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6086] <... prctl resumed>) = 0 [pid 6085] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6084] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] close(3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6086] setpgid(0, 0 [pid 6085] <... mmap resumed>) = 0x7f1dfa693000 [pid 6084] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] <... close resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./98/binderfs", [pid 6086] <... setpgid resumed>) = 0 [pid 6085] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6084] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6085] <... mprotect resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6087 attached [pid 6086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6085] rt_sigprocmask(SIG_BLOCK, ~[], ./strace-static-x86_64: Process 6088 attached [pid 6087] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6086] <... openat resumed>) = 3 [pid 6085] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] unlink("./98/binderfs" [pid 6087] <... rseq resumed>) = 0 [pid 6085] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6088 ./strace-static-x86_64: Process 6089 attached [pid 6087] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5087] <... unlink resumed>) = 0 [pid 6089] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6088] set_robust_list(0x555580b0d6a0, 24 [pid 6087] <... set_robust_list resumed>) = 0 [pid 6086] write(3, "1000", 4 [pid 6085] <... clone3 resumed> => {parent_tid=[6089]}, 88) = 6089 [pid 6084] <... clone3 resumed> => {parent_tid=[6087]}, 88) = 6087 [pid 5087] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6089] <... rseq resumed>) = 0 [pid 6088] <... set_robust_list resumed>) = 0 [pid 6087] rt_sigprocmask(SIG_SETMASK, [], [pid 6086] <... write resumed>) = 4 [pid 6085] rt_sigprocmask(SIG_SETMASK, [], [pid 6084] rt_sigprocmask(SIG_SETMASK, [], [pid 6089] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6088] chdir("./98" [pid 6087] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6085] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6084] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6086] close(3 [pid 6089] <... set_robust_list resumed>) = 0 [pid 6087] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6085] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6086] <... close resumed>) = 0 [pid 6084] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6089] rt_sigprocmask(SIG_SETMASK, [], [pid 6088] <... chdir resumed>) = 0 [pid 6087] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6086] symlink("/dev/binderfs", "./binderfs" [pid 6085] <... futex resumed>) = 0 [pid 6084] <... futex resumed>) = 0 [pid 6089] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6088] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] <... umount2 resumed>) = 0 [pid 6084] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6088] <... prctl resumed>) = 0 [pid 6089] memfd_create("syzkaller", 0 [pid 6088] setpgid(0, 0 [pid 6087] memfd_create("syzkaller", 0 [pid 6086] <... symlink resumed>) = 0 [pid 6085] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6088] <... setpgid resumed>) = 0 [pid 6089] <... memfd_create resumed>) = 3 [pid 6089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6087] <... memfd_create resumed>) = 3 [pid 6086] write(1, "executing program\n", 18 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./98/file0", executing program [pid 6089] <... mmap resumed>) = 0x7f1df2200000 [pid 6088] <... openat resumed>) = 3 [pid 6087] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6086] <... write resumed>) = 18 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6088] write(3, "1000", 4 [pid 6087] <... mmap resumed>) = 0x7f1df2200000 [pid 6086] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6088] <... write resumed>) = 4 [pid 6088] close(3 [pid 6086] <... futex resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6086] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6088] <... close resumed>) = 0 [pid 6086] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5087] newfstatat(4, "", [pid 6086] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6086] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6086] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6086] <... mmap resumed>) = 0x7f1dfa693000 [pid 6088] symlink("/dev/binderfs", "./binderfs" [pid 6086] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] getdents64(4, [pid 6088] <... symlink resumed>) = 0 [pid 6086] <... mprotect resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4 [pid 6086] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... close resumed>) = 0 [pid 6086] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] rmdir("./98/file0"executing program [pid 6088] write(1, "executing program\n", 18 [pid 6086] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] <... rmdir resumed>) = 0 [pid 6088] <... write resumed>) = 18 ./strace-static-x86_64: Process 6090 attached [pid 6088] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6090] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6088] <... futex resumed>) = 0 [pid 6086] <... clone3 resumed> => {parent_tid=[6090]}, 88) = 6090 [pid 6090] <... rseq resumed>) = 0 [pid 6088] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6086] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] getdents64(3, [pid 6090] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6088] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6086] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6090] <... set_robust_list resumed>) = 0 [pid 6086] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6090] rt_sigprocmask(SIG_SETMASK, [], [pid 6086] <... futex resumed>) = 0 [pid 6090] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6086] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6088] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6088] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6090] memfd_create("syzkaller", 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./98") = 0 [pid 6089] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6088] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] mkdir("./99", 0777 [pid 6090] <... memfd_create resumed>) = 3 [pid 5087] <... mkdir resumed>) = 0 [pid 6090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6088] <... mprotect resumed>) = 0 [pid 6088] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6088] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6088] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6091]}, 88) = 6091 ./strace-static-x86_64: Process 6091 attached [pid 6088] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6088] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6091] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6088] <... futex resumed>) = 0 [pid 6091] <... rseq resumed>) = 0 [pid 6088] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6091] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6091] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6091] memfd_create("syzkaller", 0) = 3 [pid 6091] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6087] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6090] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6089] <... write resumed>) = 2097152 [pid 6089] munmap(0x7f1df2200000, 138412032) = 0 [pid 6089] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6089] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6089] close(3) = 0 [pid 6089] close(4 [pid 6090] <... write resumed>) = 2097152 [pid 6089] <... close resumed>) = 0 [pid 6087] <... write resumed>) = 2097152 [pid 6090] munmap(0x7f1df2200000, 138412032 [pid 6089] mkdir("./file0", 0777 [pid 6087] munmap(0x7f1df2200000, 138412032 [pid 6089] <... mkdir resumed>) = 0 [pid 6087] <... munmap resumed>) = 0 [pid 6089] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6091] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6090] <... munmap resumed>) = 0 [pid 6087] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] <... ioctl resumed>) = 0 [pid 6090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6087] <... openat resumed>) = 4 [ 154.923686][ T6089] loop1: detected capacity change from 0 to 4096 [ 154.955143][ T6089] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5087] close(3 [pid 6087] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... close resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6087] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6092 attached [pid 6090] <... openat resumed>) = 4 [pid 6092] set_robust_list(0x555580b0d6a0, 24 [pid 6090] ioctl(4, LOOP_SET_FD, 3 [pid 6087] close(3 [pid 6092] <... set_robust_list resumed>) = 0 [pid 6092] chdir("./99") = 0 [pid 6090] <... ioctl resumed>) = 0 [pid 6087] <... close resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6092 [pid 6092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6092] setpgid(0, 0 [pid 6087] close(4 [pid 6092] <... setpgid resumed>) = 0 [pid 6087] <... close resumed>) = 0 [pid 6092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6087] mkdir("./file0", 0777 [pid 6092] <... openat resumed>) = 3 [pid 6087] <... mkdir resumed>) = 0 [pid 6087] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6092] write(3, "1000", 4) = 4 [ 154.981470][ T6087] loop3: detected capacity change from 0 to 4096 [ 155.001823][ T6090] loop0: detected capacity change from 0 to 4096 [pid 6092] close(3) = 0 [pid 6092] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6090] close(3) = 0 [pid 6090] close(4) = 0 executing program [pid 6090] mkdir("./file0", 0777 [pid 6092] write(1, "executing program\n", 18) = 18 [pid 6092] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6092] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6090] <... mkdir resumed>) = 0 [pid 6092] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6092] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6092] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6090] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6092] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6092] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6092] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6093 attached [pid 6093] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6092] <... clone3 resumed> => {parent_tid=[6093]}, 88) = 6093 [pid 6093] <... rseq resumed>) = 0 [pid 6092] rt_sigprocmask(SIG_SETMASK, [], [pid 6093] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6092] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6093] rt_sigprocmask(SIG_SETMASK, [], [pid 6092] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6091] <... write resumed>) = 2097152 [pid 6093] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6092] <... futex resumed>) = 0 [pid 6093] memfd_create("syzkaller", 0 [pid 6092] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6091] munmap(0x7f1df2200000, 138412032 [pid 6093] <... memfd_create resumed>) = 3 [pid 6093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6091] <... munmap resumed>) = 0 [ 155.031814][ T6087] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 155.055186][ T6090] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 155.067704][ T6089] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 6091] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6089] <... mount resumed>) = 0 [pid 6091] <... openat resumed>) = 4 [pid 6089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6091] ioctl(4, LOOP_SET_FD, 3 [pid 6089] chdir("./file0") = 0 [pid 6089] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6089] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6091] <... ioctl resumed>) = 0 [pid 6091] close(3 [pid 6089] <... futex resumed>) = 1 [pid 6085] <... futex resumed>) = 0 [pid 6091] <... close resumed>) = 0 [pid 6089] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6085] exit_group(0) = ? [pid 6089] <... futex resumed>) = ? [pid 6091] close(4 [pid 6089] +++ exited with 0 +++ [pid 6085] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6085, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5086] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 155.100458][ T6091] loop4: detected capacity change from 0 to 4096 [ 155.137242][ T6090] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6093] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6091] <... close resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6091] mkdir("./file0", 0777 [pid 6090] <... mount resumed>) = 0 [pid 6090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6091] <... mkdir resumed>) = 0 [pid 6090] <... openat resumed>) = 3 [pid 5086] <... openat resumed>) = 3 [pid 6091] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6090] chdir("./file0" [ 155.139410][ T6087] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6090] <... chdir resumed>) = 0 [pid 5086] getdents64(3, [pid 6090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./98/binderfs" [pid 6090] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] <... unlink resumed>) = 0 [pid 5086] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6087] <... mount resumed>) = 0 [pid 6090] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6087] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... umount2 resumed>) = 0 [pid 6090] <... futex resumed>) = 1 [pid 6087] <... openat resumed>) = 3 [pid 6086] <... futex resumed>) = 0 [pid 5086] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6087] chdir("./file0" [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6087] <... chdir resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./98/file0", [pid 6087] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6087] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6087] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6087] <... futex resumed>) = 1 [pid 6084] <... futex resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6087] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6084] exit_group(0 [pid 5086] <... openat resumed>) = 4 [pid 6087] <... futex resumed>) = ? [pid 6084] <... exit_group resumed>) = ? [pid 5086] newfstatat(4, "", [pid 6090] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6087] +++ exited with 0 +++ [pid 6086] exit_group(0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6090] <... futex resumed>) = ? [pid 6086] <... exit_group resumed>) = ? [pid 5086] getdents64(4, [pid 6090] +++ exited with 0 +++ [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6084] +++ exited with 0 +++ [pid 5086] close(4 [pid 6086] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6084, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5086] <... close resumed>) = 0 [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5086] rmdir("./98/file0" [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6086, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5088] <... restart_syscall resumed>) = 0 [pid 5085] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5088] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... openat resumed>) = 3 [pid 5085] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] newfstatat(3, "", [pid 5085] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] newfstatat(3, "", [pid 5088] getdents64(3, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, [pid 6093] <... write resumed>) = 2097152 [ 155.174489][ T6091] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 6093] munmap(0x7f1df2200000, 138412032) = 0 [pid 6091] <... mount resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6093] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6091] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(3, [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6093] <... openat resumed>) = 4 [pid 5088] newfstatat(AT_FDCWD, "./98/binderfs", [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6093] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] close(3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./98" [pid 5085] newfstatat(AT_FDCWD, "./98/binderfs", [pid 5086] <... rmdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6091] <... openat resumed>) = 3 [pid 6091] chdir("./file0" [pid 6093] <... ioctl resumed>) = 0 [pid 6091] <... chdir resumed>) = 0 [pid 5088] unlink("./98/binderfs" [pid 5086] mkdir("./99", 0777 [pid 5085] unlink("./98/binderfs" [pid 6093] close(3 [pid 6091] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6093] <... close resumed>) = 0 [pid 6093] close(4) = 0 [pid 6093] mkdir("./file0", 0777) = 0 [pid 6091] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] <... unlink resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 6091] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6088] <... futex resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6091] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6088] exit_group(0 [pid 5088] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6093] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6091] <... futex resumed>) = ? [pid 6088] <... exit_group resumed>) = ? [pid 5086] <... openat resumed>) = 3 [pid 6091] +++ exited with 0 +++ [pid 6088] +++ exited with 0 +++ [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6088, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=11 /* 0.11 s */} --- [pid 5089] umount2("./98", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 155.238517][ T6091] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 155.265051][ T6093] loop2: detected capacity change from 0 to 4096 [pid 5089] openat(AT_FDCWD, "./98", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... umount2 resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5088] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./98/file0", [pid 5089] umount2("./98/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./98/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./98/binderfs") = 0 [pid 5089] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... umount2 resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5089] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4 [pid 5088] <... openat resumed>) = 4 [pid 5085] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] newfstatat(4, "", [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./98/file0" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./98/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./98/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... rmdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./98/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] getdents64(3, [pid 5085] <... openat resumed>) = 4 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] newfstatat(4, "", [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] close(3 [pid 5088] getdents64(4, [pid 5089] <... close resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] rmdir("./98" [pid 5088] getdents64(4, [pid 5085] getdents64(4, [pid 5089] <... rmdir resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] mkdir("./99", 0777 [ 155.293404][ T6093] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5088] close(4 [pid 5089] <... mkdir resumed>) = 0 [pid 5085] getdents64(4, [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... close resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] rmdir("./98/file0" [pid 5089] <... openat resumed>) = 3 [pid 5085] close(4) = 0 [pid 5086] close(3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] <... rmdir resumed>) = 0 [pid 5085] rmdir("./98/file0" [pid 5088] getdents64(3, [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... rmdir resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3 [pid 5088] close(3 [pid 5085] <... close resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5085] rmdir("./98" [pid 5088] rmdir("./98" [pid 5085] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6094 attached [pid 5088] <... rmdir resumed>) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6094 [pid 5085] mkdir("./99", 0777) = 0 [pid 5088] mkdir("./99", 0777 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6094] set_robust_list(0x555580b0d6a0, 24 [pid 5085] <... openat resumed>) = 3 [pid 6094] <... set_robust_list resumed>) = 0 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5088] <... mkdir resumed>) = 0 [pid 6094] chdir("./99" [pid 6093] <... mount resumed>) = 0 [pid 6094] <... chdir resumed>) = 0 [pid 6094] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6094] <... prctl resumed>) = 0 [pid 6094] setpgid(0, 0) = 0 [pid 5088] <... openat resumed>) = 3 [pid 6094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6093] <... openat resumed>) = 3 [pid 6094] <... openat resumed>) = 3 [pid 6093] chdir("./file0" [pid 6094] write(3, "1000", 4 [pid 6093] <... chdir resumed>) = 0 [pid 6094] <... write resumed>) = 4 [pid 6093] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6094] close(3 [pid 6093] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6094] <... close resumed>) = 0 [pid 6093] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... ioctl resumed>) = 0 [pid 6094] symlink("/dev/binderfs", "./binderfs" [pid 6093] <... futex resumed>) = 1 [pid 6092] <... futex resumed>) = 0 [pid 6094] <... symlink resumed>) = 0 [pid 6092] exit_group(0 [pid 5089] close(3 [pid 6094] write(1, "executing program\n", 18 [pid 6092] <... exit_group resumed>) = ? [pid 5089] <... close resumed>) = 0 [ 155.367967][ T6093] ntfs3: loop2: Failed to initialize $Extend/$ObjId. executing program [pid 6094] <... write resumed>) = 18 [pid 6093] +++ exited with 0 +++ [pid 6092] +++ exited with 0 +++ [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6094] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6094] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6094] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6094] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6092, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5087] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6094] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6095 [pid 6094] <... mprotect resumed>) = 0 [pid 6094] rt_sigprocmask(SIG_BLOCK, ~[], ./strace-static-x86_64: Process 6095 attached [], 8) = 0 [pid 5087] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6094] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6094] <... clone3 resumed> => {parent_tid=[6096]}, 88) = 6096 [pid 6095] set_robust_list(0x555580b0d6a0, 24 [pid 6094] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6096 attached [pid 6095] <... set_robust_list resumed>) = 0 [pid 6094] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] newfstatat(3, "", [pid 6095] chdir("./99" [pid 6094] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6096] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6094] <... futex resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6094] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] getdents64(3, [pid 6095] <... chdir resumed>) = 0 [pid 6095] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6095] <... prctl resumed>) = 0 [pid 6095] setpgid(0, 0) = 0 [pid 6095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6095] write(3, "1000", 4 [pid 6096] <... rseq resumed>) = 0 [pid 6095] <... write resumed>) = 4 [pid 6096] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6095] close(3 [pid 6096] <... set_robust_list resumed>) = 0 [pid 6095] <... close resumed>) = 0 [pid 5087] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6095] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6096] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] newfstatat(AT_FDCWD, "./99/binderfs", [pid 6096] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6095] write(1, "executing program\n", 18) = 18 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6095] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 executing program [pid 6096] memfd_create("syzkaller", 0 [pid 6095] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] unlink("./99/binderfs" [pid 5085] <... ioctl resumed>) = 0 [pid 6095] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6095] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6095] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6095] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6095] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... unlink resumed>) = 0 [pid 6096] <... memfd_create resumed>) = 3 [pid 5087] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6095] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6096] <... mmap resumed>) = 0x7f1df2200000 [pid 6095] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] close(3 [pid 6095] <... clone3 resumed> => {parent_tid=[6097]}, 88) = 6097 [pid 6095] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6095] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 6097 attached [pid 6095] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5085] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6097] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6097] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6097] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6098 ./strace-static-x86_64: Process 6098 attached [pid 6098] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6098] chdir("./99") = 0 [pid 6097] memfd_create("syzkaller", 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 6097] <... memfd_create resumed>) = 3 [pid 6098] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] close(3 [pid 6098] <... prctl resumed>) = 0 [pid 6097] <... mmap resumed>) = 0x7f1df2200000 [pid 6096] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... close resumed>) = 0 [pid 5087] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6098] setpgid(0, 0) = 0 [pid 6098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6098] <... openat resumed>) = 3 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6098] write(3, "1000", 4 [pid 5087] newfstatat(AT_FDCWD, "./99/file0", [pid 6098] <... write resumed>) = 4 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6098] close(3 [pid 5087] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6098] <... close resumed>) = 0 ./strace-static-x86_64: Process 6099 attached [pid 6098] symlink("/dev/binderfs", "./binderfs" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6099] set_robust_list(0x555580b0d6a0, 24 [pid 6098] <... symlink resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6099] <... set_robust_list resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6099 [pid 6099] chdir("./99") = 0 [pid 6099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 executing program [pid 6098] write(1, "executing program\n", 18 [pid 6099] setpgid(0, 0 [pid 6098] <... write resumed>) = 18 [pid 6099] <... setpgid resumed>) = 0 [pid 6098] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... openat resumed>) = 4 [pid 6098] <... futex resumed>) = 0 [pid 6098] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6098] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6099] <... openat resumed>) = 3 [pid 6098] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] newfstatat(4, "", [pid 6099] write(3, "1000", 4 [pid 6098] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6099] <... write resumed>) = 4 [pid 6099] close(3) = 0 [pid 6099] symlink("/dev/binderfs", "./binderfs" [pid 6098] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6099] <... symlink resumed>) = 0 [pid 6099] write(1, "executing program\n", 18 [pid 6098] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 executing program [pid 6098] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6099] <... write resumed>) = 18 [pid 6099] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6099] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] getdents64(4, [pid 6099] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6099] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6099] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] getdents64(4, [pid 6099] <... mmap resumed>) = 0x7f1dfa693000 [pid 6098] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6099] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6098] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6099] <... mprotect resumed>) = 0 [pid 5087] close(4 [pid 6098] <... clone3 resumed> => {parent_tid=[6100]}, 88) = 6100 [pid 5087] <... close resumed>) = 0 ./strace-static-x86_64: Process 6100 attached [pid 6099] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6098] rt_sigprocmask(SIG_SETMASK, [], [pid 6100] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6099] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6098] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] rmdir("./99/file0" [pid 6100] <... rseq resumed>) = 0 [pid 6098] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6100] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6098] <... futex resumed>) = 0 [pid 6100] <... set_robust_list resumed>) = 0 [pid 6098] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6099] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] <... rmdir resumed>) = 0 [pid 6100] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 6101 attached NULL, 8) = 0 [pid 6101] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6099] <... clone3 resumed> => {parent_tid=[6101]}, 88) = 6101 [pid 6097] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6096] <... write resumed>) = 2097152 [pid 5087] getdents64(3, [pid 6101] <... rseq resumed>) = 0 [pid 6100] memfd_create("syzkaller", 0 [pid 6099] rt_sigprocmask(SIG_SETMASK, [], [pid 6101] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6101] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6101] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6100] <... memfd_create resumed>) = 3 [pid 6100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6099] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6099] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] close(3 [pid 6101] <... futex resumed>) = 0 [pid 6099] <... futex resumed>) = 1 [pid 6101] memfd_create("syzkaller", 0 [pid 6099] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] <... close resumed>) = 0 [pid 6101] <... memfd_create resumed>) = 3 [pid 5087] rmdir("./99" [pid 6101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5087] <... rmdir resumed>) = 0 [pid 5087] mkdir("./100", 0777 [pid 6096] munmap(0x7f1df2200000, 138412032) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6097] <... write resumed>) = 2097152 [pid 6096] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5087] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6097] munmap(0x7f1df2200000, 138412032 [pid 6096] <... openat resumed>) = 4 [pid 6096] ioctl(4, LOOP_SET_FD, 3 [pid 6097] <... munmap resumed>) = 0 [pid 6101] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6100] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6097] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6096] <... ioctl resumed>) = 0 [pid 6097] <... openat resumed>) = 4 [pid 6097] ioctl(4, LOOP_SET_FD, 3 [pid 6096] close(3) = 0 [pid 6096] close(4) = 0 [pid 6096] mkdir("./file0", 0777) = 0 [ 155.590981][ T6096] loop1: detected capacity change from 0 to 4096 [ 155.617979][ T6097] loop4: detected capacity change from 0 to 4096 [pid 6096] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6097] <... ioctl resumed>) = 0 [pid 6097] close(3) = 0 [pid 6097] close(4) = 0 [pid 6097] mkdir("./file0", 0777) = 0 [pid 6097] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6101] <... write resumed>) = 2097152 [pid 6100] <... write resumed>) = 2097152 [pid 6101] munmap(0x7f1df2200000, 138412032 [pid 6100] munmap(0x7f1df2200000, 138412032 [pid 5087] <... ioctl resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 6102 [ 155.642194][ T6096] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 155.671129][ T6097] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 6101] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6102 attached [pid 6101] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6100] <... munmap resumed>) = 0 [pid 6096] <... mount resumed>) = 0 [pid 6102] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6102] chdir("./100" [pid 6101] <... openat resumed>) = 4 [pid 6100] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6102] <... chdir resumed>) = 0 [pid 6101] ioctl(4, LOOP_SET_FD, 3 [pid 6100] <... openat resumed>) = 4 [pid 6096] <... openat resumed>) = 3 [pid 6102] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6096] chdir("./file0" [pid 6102] <... prctl resumed>) = 0 [pid 6101] <... ioctl resumed>) = 0 [pid 6100] ioctl(4, LOOP_SET_FD, 3 [pid 6096] <... chdir resumed>) = 0 [pid 6102] setpgid(0, 0 [pid 6101] close(3 [pid 6100] <... ioctl resumed>) = 0 [pid 6096] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6102] <... setpgid resumed>) = 0 [pid 6101] <... close resumed>) = 0 [pid 6102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6096] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6102] <... openat resumed>) = 3 [pid 6096] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6102] write(3, "1000", 4 [pid 6096] <... futex resumed>) = 1 [pid 6094] <... futex resumed>) = 0 [pid 6102] <... write resumed>) = 4 [pid 6096] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6094] exit_group(0 [pid 6102] close(3 [pid 6101] close(4 [pid 6096] <... futex resumed>) = ? [pid 6094] <... exit_group resumed>) = ? [pid 6102] <... close resumed>) = 0 [pid 6101] <... close resumed>) = 0 [pid 6096] +++ exited with 0 +++ [pid 6102] symlink("/dev/binderfs", "./binderfs" [pid 6101] mkdir("./file0", 0777 [pid 6094] +++ exited with 0 +++ [pid 6102] <... symlink resumed>) = 0 [pid 6101] <... mkdir resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6094, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 6102] write(1, "executing program\n", 18 [pid 6101] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, ""executing program [pid 6102] <... write resumed>) = 18 [pid 6102] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6102] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6102] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6102] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6102] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6102] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [ 155.720311][ T6096] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 155.740709][ T6101] loop3: detected capacity change from 0 to 4096 [ 155.752087][ T6100] loop0: detected capacity change from 0 to 4096 [pid 6102] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6103 attached => {parent_tid=[6103]}, 88) = 6103 [pid 6102] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6102] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6102] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6100] close(3) = 0 [pid 6100] close(4) = 0 [pid 6100] mkdir("./file0", 0777) = 0 [pid 6103] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6100] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6103] <... rseq resumed>) = 0 [pid 6103] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5086] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6103] <... set_robust_list resumed>) = 0 [pid 6097] <... mount resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6103] rt_sigprocmask(SIG_SETMASK, [], [pid 6097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6103] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6097] <... openat resumed>) = 3 [pid 5086] <... openat resumed>) = 3 [pid 6103] memfd_create("syzkaller", 0 [pid 6097] chdir("./file0" [pid 5086] newfstatat(3, "", [pid 6103] <... memfd_create resumed>) = 3 [pid 6097] <... chdir resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6097] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] getdents64(3, [pid 6103] <... mmap resumed>) = 0x7f1df2200000 [pid 6097] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6097] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6097] <... futex resumed>) = 1 [pid 6095] <... futex resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./99/binderfs", [pid 6097] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6095] exit_group(0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6097] <... futex resumed>) = ? [pid 6095] <... exit_group resumed>) = ? [pid 5086] unlink("./99/binderfs" [pid 6097] +++ exited with 0 +++ [pid 5086] <... unlink resumed>) = 0 [pid 6095] +++ exited with 0 +++ [pid 5086] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6095, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5089] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 155.779289][ T6101] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 155.783204][ T6097] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 155.799584][ T6100] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5089] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6103] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6101] <... mount resumed>) = 0 [pid 5089] newfstatat(3, "", [pid 5086] <... umount2 resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5089] getdents64(3, [pid 5086] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6101] chdir("./file0" [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6101] <... chdir resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./99/file0", [pid 6101] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6101] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6101] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] newfstatat(AT_FDCWD, "./99/binderfs", [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6101] <... futex resumed>) = 1 [pid 6099] <... futex resumed>) = 0 [pid 6101] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6099] exit_group(0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6101] <... futex resumed>) = ? [pid 6099] <... exit_group resumed>) = ? [pid 5089] unlink("./99/binderfs" [pid 5086] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6101] +++ exited with 0 +++ [pid 6099] +++ exited with 0 +++ [pid 5089] <... unlink resumed>) = 0 [pid 5086] <... openat resumed>) = 4 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6099, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5089] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(4, "", [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... restart_syscall resumed>) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [ 155.854410][ T6101] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5086] close(4) = 0 [pid 5086] rmdir("./99/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 6103] <... write resumed>) = 2097152 [pid 5086] <... close resumed>) = 0 [pid 6103] munmap(0x7f1df2200000, 138412032 [pid 5088] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] rmdir("./99" [pid 6103] <... munmap resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5086] mkdir("./100", 0777 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... mkdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6103] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6100] <... mount resumed>) = 0 [pid 5089] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6103] <... openat resumed>) = 4 [pid 6100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... openat resumed>) = 3 [pid 6103] ioctl(4, LOOP_SET_FD, 3 [pid 6100] <... openat resumed>) = 3 [pid 5089] newfstatat(AT_FDCWD, "./99/file0", [pid 5088] newfstatat(3, "", [pid 6100] chdir("./file0" [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6100] <... chdir resumed>) = 0 [pid 5089] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(3, [pid 6100] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6100] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6100] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... openat resumed>) = 4 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6100] <... futex resumed>) = 1 [pid 6098] <... futex resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 5088] newfstatat(AT_FDCWD, "./99/binderfs", [pid 6100] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6098] exit_group(0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6100] <... futex resumed>) = ? [pid 6098] <... exit_group resumed>) = ? [pid 5089] getdents64(4, [pid 5088] unlink("./99/binderfs" [pid 6103] <... ioctl resumed>) = 0 [pid 6100] +++ exited with 0 +++ [pid 6098] +++ exited with 0 +++ [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, [pid 5088] <... unlink resumed>) = 0 [pid 6103] close(3 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6098, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=7 /* 0.07 s */} --- [pid 5089] close(4) = 0 [pid 6103] <... close resumed>) = 0 [pid 5088] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... ioctl resumed>) = 0 [pid 6103] close(4) = 0 [pid 6103] mkdir("./file0", 0777) = 0 [pid 5089] rmdir("./99/file0" [pid 5085] umount2("./99", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6103] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... rmdir resumed>) = 0 [pid 5086] close(3 [ 155.928141][ T6100] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 155.946931][ T6103] loop2: detected capacity change from 0 to 4096 [pid 5085] openat(AT_FDCWD, "./99", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... close resumed>) = 0 [pid 5089] getdents64(3, [pid 5088] <... umount2 resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] <... openat resumed>) = 3 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] close(3 [pid 5085] getdents64(3, [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./99" [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] umount2("./99/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] mkdir("./100", 0777 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... mkdir resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./99/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./99/binderfs") = 0 [pid 5085] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6104 attached [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] newfstatat(AT_FDCWD, "./99/file0", [pid 5085] <... umount2 resumed>) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6104 [pid 5089] <... openat resumed>) = 3 [pid 6104] set_robust_list(0x555580b0d6a0, 24 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6104] <... set_robust_list resumed>) = 0 [pid 5088] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6104] chdir("./100" [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6104] <... chdir resumed>) = 0 [pid 6104] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6104] <... prctl resumed>) = 0 [pid 6104] setpgid(0, 0 [pid 5088] <... openat resumed>) = 4 [pid 6104] <... setpgid resumed>) = 0 [pid 6104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5088] newfstatat(4, "", [pid 5085] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6104] write(3, "1000", 4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6104] <... write resumed>) = 4 [pid 5085] newfstatat(AT_FDCWD, "./99/file0", [pid 6104] close(3 [pid 5088] getdents64(4, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6104] <... close resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] umount2("./99/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(4, [pid 6104] symlink("/dev/binderfs", "./binderfs" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6104] <... symlink resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] openat(AT_FDCWD, "./99/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORYexecuting program [pid 6104] write(1, "executing program\n", 18 [pid 5088] close(4 [pid 5085] <... openat resumed>) = 4 [ 155.985927][ T6103] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 6104] <... write resumed>) = 18 [pid 5088] <... close resumed>) = 0 [pid 5085] newfstatat(4, "", [pid 5088] rmdir("./99/file0") = 0 [pid 6104] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6103] <... mount resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6103] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6103] <... openat resumed>) = 3 [pid 6103] chdir("./file0" [pid 5088] close(3 [pid 6103] <... chdir resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 6103] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5088] rmdir("./99" [pid 6103] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... rmdir resumed>) = 0 [pid 6104] <... futex resumed>) = 0 [pid 6103] <... futex resumed>) = 1 [pid 6102] <... futex resumed>) = 0 [pid 5085] getdents64(4, [pid 6104] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6102] exit_group(0 [pid 6104] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6102] <... exit_group resumed>) = ? [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6104] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5085] getdents64(4, [pid 6104] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6103] +++ exited with 0 +++ [pid 6102] +++ exited with 0 +++ [pid 5088] mkdir("./100", 0777 [pid 6104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] <... mkdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6104] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6102, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5085] close(4 [pid 6104] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5085] <... close resumed>) = 0 [pid 6104] <... mprotect resumed>) = 0 [pid 5085] rmdir("./99/file0" [pid 6104] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] <... rmdir resumed>) = 0 [pid 6104] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5085] getdents64(3, [pid 6104] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6105 attached [pid 5085] close(3 [pid 6105] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6104] <... clone3 resumed> => {parent_tid=[6105]}, 88) = 6105 [pid 5085] <... close resumed>) = 0 [pid 6105] <... rseq resumed>) = 0 [pid 6104] rt_sigprocmask(SIG_SETMASK, [], [ 156.034936][ T6103] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5085] rmdir("./99" [pid 6105] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6104] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... rmdir resumed>) = 0 [pid 6105] <... set_robust_list resumed>) = 0 [pid 6104] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] mkdir("./100", 0777 [pid 6105] rt_sigprocmask(SIG_SETMASK, [], [pid 6104] <... futex resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5087] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... mkdir resumed>) = 0 [pid 6105] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6104] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6105] memfd_create("syzkaller", 0 [pid 5087] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... openat resumed>) = 3 [pid 6105] <... memfd_create resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] <... openat resumed>) = 3 [pid 6105] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... ioctl resumed>) = 0 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] close(3 [pid 5087] getdents64(3, [pid 5089] <... close resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6105] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 6106 attached [pid 5087] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6106] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6106 [pid 5087] newfstatat(AT_FDCWD, "./100/binderfs", [pid 6106] <... set_robust_list resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6106] chdir("./100") = 0 [pid 5087] unlink("./100/binderfs" [pid 6106] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] <... unlink resumed>) = 0 [pid 6106] <... prctl resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 6106] setpgid(0, 0 [pid 5087] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6106] <... setpgid resumed>) = 0 [pid 5088] close(3 [pid 6106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... close resumed>) = 0 [pid 6106] <... openat resumed>) = 3 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... umount2 resumed>) = 0 [pid 6106] write(3, "1000", 4 [pid 5087] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... ioctl resumed>) = 0 [pid 6106] <... write resumed>) = 4 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6107 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] close(3./strace-static-x86_64: Process 6107 attached ) = 0 [pid 5087] newfstatat(AT_FDCWD, "./100/file0", [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6107] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6107] <... set_robust_list resumed>) = 0 [pid 6107] chdir("./100" [pid 5087] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6106] close(3./strace-static-x86_64: Process 6108 attached [pid 6107] <... chdir resumed>) = 0 [pid 6106] <... close resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6108 [pid 6107] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6107] <... prctl resumed>) = 0 [pid 6107] setpgid(0, 0) = 0 [pid 6106] symlink("/dev/binderfs", "./binderfs" [pid 5087] <... openat resumed>) = 4 [pid 6107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] newfstatat(4, "", [pid 6108] set_robust_list(0x555580b0d6a0, 24 [pid 6107] <... openat resumed>) = 3 [pid 6106] <... symlink resumed>) = 0 [pid 6105] <... write resumed>) = 2097152 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6107] write(3, "1000", 4executing program [pid 6105] munmap(0x7f1df2200000, 138412032 [pid 6106] write(1, "executing program\n", 18 [pid 5087] getdents64(4, [pid 6108] <... set_robust_list resumed>) = 0 [pid 6107] <... write resumed>) = 4 [pid 6107] close(3 [pid 6108] chdir("./100" [pid 6107] <... close resumed>) = 0 [pid 6106] <... write resumed>) = 18 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6108] <... chdir resumed>) = 0 [pid 6107] symlink("/dev/binderfs", "./binderfs" [pid 6108] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6107] <... symlink resumed>) = 0 executing program [pid 6106] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] getdents64(4, [pid 6108] <... prctl resumed>) = 0 [pid 6107] write(1, "executing program\n", 18 [pid 6108] setpgid(0, 0 [pid 6107] <... write resumed>) = 18 [pid 6106] <... futex resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6108] <... setpgid resumed>) = 0 [pid 6107] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6106] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6105] <... munmap resumed>) = 0 [pid 5087] close(4 [pid 6108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6107] <... futex resumed>) = 0 [pid 6108] <... openat resumed>) = 3 [pid 6106] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6105] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5087] <... close resumed>) = 0 [pid 6108] write(3, "1000", 4 [pid 6107] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6106] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6105] <... openat resumed>) = 4 [pid 5087] rmdir("./100/file0" [pid 6108] <... write resumed>) = 4 [pid 6107] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6106] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6105] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... rmdir resumed>) = 0 [pid 6108] close(3 [pid 6107] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6106] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6108] <... close resumed>) = 0 [pid 6107] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6105] <... ioctl resumed>) = 0 [pid 5087] getdents64(3, [pid 6106] <... mmap resumed>) = 0x7f1dfa693000 [pid 6108] symlink("/dev/binderfs", "./binderfs" [pid 6107] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6106] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6105] close(3 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6107] <... mmap resumed>) = 0x7f1dfa693000 [pid 6106] <... mprotect resumed>) = 0 [pid 6105] <... close resumed>) = 0 [pid 5087] close(3 [pid 6108] <... symlink resumed>) = 0 [pid 6107] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6106] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6105] close(4 [pid 6108] write(1, "executing program\n", 18 [pid 6107] <... mprotect resumed>) = 0 [pid 6106] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6105] <... close resumed>) = 0 executing program [pid 5087] <... close resumed>) = 0 [pid 6108] <... write resumed>) = 18 [pid 6107] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6106] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6105] mkdir("./file0", 0777 [pid 5087] rmdir("./100" [pid 6108] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6107] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6105] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6109 attached [pid 6108] <... futex resumed>) = 0 [pid 6107] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6110 attached [pid 6109] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6108] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6106] <... clone3 resumed> => {parent_tid=[6109]}, 88) = 6109 [pid 5087] <... rmdir resumed>) = 0 [pid 6110] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6109] <... rseq resumed>) = 0 [pid 6108] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6107] <... clone3 resumed> => {parent_tid=[6110]}, 88) = 6110 [pid 6106] rt_sigprocmask(SIG_SETMASK, [], [pid 6105] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6110] <... rseq resumed>) = 0 [pid 6109] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6108] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6107] rt_sigprocmask(SIG_SETMASK, [], [pid 6106] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] mkdir("./101", 0777 [pid 6110] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6109] <... set_robust_list resumed>) = 0 [pid 6108] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6107] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6106] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6109] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... mkdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6108] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6106] <... futex resumed>) = 0 [pid 6106] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6110] <... set_robust_list resumed>) = 0 [pid 6109] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6108] <... mmap resumed>) = 0x7f1dfa693000 [pid 6107] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6108] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6110] rt_sigprocmask(SIG_SETMASK, [], [pid 6109] memfd_create("syzkaller", 0 [pid 6108] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6107] <... futex resumed>) = 0 [pid 6110] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6108] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6107] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6108] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6111]}, 88) = 6111 ./strace-static-x86_64: Process 6111 attached [pid 6110] memfd_create("syzkaller", 0 [pid 6108] rt_sigprocmask(SIG_SETMASK, [], [pid 6111] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6110] <... memfd_create resumed>) = 3 [pid 6108] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6111] <... rseq resumed>) = 0 [pid 6110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6108] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6111] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6110] <... mmap resumed>) = 0x7f1df2200000 [pid 6108] <... futex resumed>) = 0 [pid 6111] <... set_robust_list resumed>) = 0 [pid 6108] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6111] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6111] memfd_create("syzkaller", 0) = 3 [pid 6111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6109] <... memfd_create resumed>) = 3 [pid 6109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [ 156.225188][ T6105] loop1: detected capacity change from 0 to 4096 [ 156.251860][ T6105] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 6110] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] <... ioctl resumed>) = 0 [pid 6111] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6109] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 6112 ./strace-static-x86_64: Process 6112 attached [pid 6112] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6105] <... mount resumed>) = 0 [pid 6105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6105] chdir("./file0" [pid 6112] chdir("./101" [pid 6105] <... chdir resumed>) = 0 [pid 6112] <... chdir resumed>) = 0 [pid 6105] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6105] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6104] <... futex resumed>) = 0 [pid 6105] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6112] setpgid(0, 0 [pid 6104] exit_group(0 [pid 6112] <... setpgid resumed>) = 0 [pid 6112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6105] <... futex resumed>) = ? [pid 6104] <... exit_group resumed>) = ? [pid 6112] <... openat resumed>) = 3 [pid 6105] +++ exited with 0 +++ [pid 6112] write(3, "1000", 4) = 4 [pid 6112] close(3) = 0 [pid 6112] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 6104] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6104, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 6112] write(1, "executing program\n", 18) = 18 [pid 6112] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6112] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6112] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6112] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5086] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6112] <... mmap resumed>) = 0x7f1dfa693000 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6112] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6110] <... write resumed>) = 2097152 [pid 5086] <... openat resumed>) = 3 [pid 6112] <... mprotect resumed>) = 0 [pid 6110] munmap(0x7f1df2200000, 138412032 [pid 5086] newfstatat(3, "", [pid 6112] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6112] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5086] getdents64(3, [pid 6112] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [ 156.362867][ T6105] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6113 attached [pid 6112] <... clone3 resumed> => {parent_tid=[6113]}, 88) = 6113 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6113] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6112] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] newfstatat(AT_FDCWD, "./100/binderfs", [pid 6112] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6110] <... munmap resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6113] <... rseq resumed>) = 0 [pid 6112] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] unlink("./100/binderfs") = 0 [pid 5086] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6112] <... futex resumed>) = 0 [pid 6112] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6110] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6113] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6110] <... openat resumed>) = 4 [pid 6113] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6110] ioctl(4, LOOP_SET_FD, 3 [pid 6113] memfd_create("syzkaller", 0 [pid 5086] <... umount2 resumed>) = 0 [pid 6113] <... memfd_create resumed>) = 3 [pid 6113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6111] <... write resumed>) = 2097152 [pid 6113] <... mmap resumed>) = 0x7f1df2200000 [pid 6109] <... write resumed>) = 2097152 [pid 5086] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6110] <... ioctl resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6111] munmap(0x7f1df2200000, 138412032 [pid 6110] close(3 [pid 6109] munmap(0x7f1df2200000, 138412032 [pid 5086] newfstatat(AT_FDCWD, "./100/file0", [pid 6110] <... close resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6110] close(4 [pid 5086] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6110] <... close resumed>) = 0 [pid 5086] <... openat resumed>) = 4 [pid 6110] mkdir("./file0", 0777) = 0 [pid 6111] <... munmap resumed>) = 0 [pid 6109] <... munmap resumed>) = 0 [pid 5086] newfstatat(4, "", [pid 6111] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6109] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6111] <... openat resumed>) = 4 [pid 6110] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6109] <... openat resumed>) = 4 [pid 5086] getdents64(4, [ 156.442371][ T6110] loop3: detected capacity change from 0 to 4096 [ 156.481136][ T6110] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6113] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6111] ioctl(4, LOOP_SET_FD, 3 [pid 6109] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, [pid 6111] <... ioctl resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6111] close(3) = 0 [pid 6111] close(4) = 0 [pid 6111] mkdir("./file0", 0777 [pid 5086] close(4 [pid 6111] <... mkdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 6111] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6109] <... ioctl resumed>) = 0 [pid 5086] rmdir("./100/file0" [pid 6109] close(3 [pid 5086] <... rmdir resumed>) = 0 [pid 6113] <... write resumed>) = 2097152 [pid 5086] getdents64(3, [pid 6113] munmap(0x7f1df2200000, 138412032) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 6109] <... close resumed>) = 0 [pid 5086] rmdir("./100" [pid 6109] close(4 [pid 5086] <... rmdir resumed>) = 0 [pid 6109] <... close resumed>) = 0 [pid 5086] mkdir("./101", 0777 [pid 6109] mkdir("./file0", 0777 [pid 5086] <... mkdir resumed>) = 0 [pid 6109] <... mkdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6109] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... openat resumed>) = 3 [ 156.492080][ T6111] loop0: detected capacity change from 0 to 4096 [ 156.515724][ T6109] loop4: detected capacity change from 0 to 4096 [ 156.529981][ T6111] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6113] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6113] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6113] close(3) = 0 [pid 6113] close(4) = 0 [pid 6113] mkdir("./file0", 0777) = 0 [ 156.571345][ T6109] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 156.573128][ T6113] loop2: detected capacity change from 0 to 4096 [ 156.589756][ T6110] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 6113] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6110] <... mount resumed>) = 0 [pid 6110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6110] chdir("./file0") = 0 [pid 6110] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6110] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... ioctl resumed>) = 0 [pid 5086] close(3 [pid 6110] <... futex resumed>) = 1 [pid 6107] <... futex resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 6110] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6107] exit_group(0 [pid 6111] <... mount resumed>) = 0 [pid 6109] <... mount resumed>) = 0 [pid 6107] <... exit_group resumed>) = ? [pid 6110] <... futex resumed>) = ? [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6114 attached [pid 6111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6110] +++ exited with 0 +++ [pid 6109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6107] +++ exited with 0 +++ [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6114 [pid 6114] set_robust_list(0x555580b0d6a0, 24 [pid 6111] <... openat resumed>) = 3 [pid 6109] <... openat resumed>) = 3 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6107, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6114] <... set_robust_list resumed>) = 0 [pid 6109] chdir("./file0" [pid 6114] chdir("./101" [pid 6111] chdir("./file0" [pid 6109] <... chdir resumed>) = 0 [pid 6114] <... chdir resumed>) = 0 [pid 6111] <... chdir resumed>) = 0 [pid 6109] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6114] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6111] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6109] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6114] <... prctl resumed>) = 0 [pid 6111] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6109] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6114] setpgid(0, 0 [pid 6111] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6109] <... futex resumed>) = 1 [pid 6106] <... futex resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6114] <... setpgid resumed>) = 0 [pid 6111] <... futex resumed>) = 1 [pid 6109] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6108] <... futex resumed>) = 0 [pid 6106] exit_group(0 [pid 5088] <... openat resumed>) = 3 [ 156.632674][ T6113] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 156.653056][ T6109] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 156.660441][ T6111] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6111] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULLexecuting program [pid 6109] <... futex resumed>) = ? [pid 6108] exit_group(0 [pid 6106] <... exit_group resumed>) = ? [pid 5088] newfstatat(3, "", [pid 6114] <... openat resumed>) = 3 [pid 6111] <... futex resumed>) = ? [pid 6109] +++ exited with 0 +++ [pid 6108] <... exit_group resumed>) = ? [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6114] write(3, "1000", 4 [pid 5088] getdents64(3, [pid 6114] <... write resumed>) = 4 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6114] close(3 [pid 5088] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6114] <... close resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6114] symlink("/dev/binderfs", "./binderfs" [pid 5088] newfstatat(AT_FDCWD, "./100/binderfs", [pid 6114] <... symlink resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6114] write(1, "executing program\n", 18 [pid 5088] unlink("./100/binderfs" [pid 6114] <... write resumed>) = 18 [pid 6111] +++ exited with 0 +++ [pid 6108] +++ exited with 0 +++ [pid 5088] <... unlink resumed>) = 0 [pid 6114] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6108, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=9 /* 0.09 s */} --- [pid 6114] <... futex resumed>) = 0 [pid 6114] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6114] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5085] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6114] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6114] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5085] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6114] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6106] +++ exited with 0 +++ [pid 5088] <... umount2 resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 6114] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6115]}, 88) = 6115 [pid 6114] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6114] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6114] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 6115 attached [pid 6113] <... mount resumed>) = 0 [pid 5088] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(3, "", [pid 6115] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6106, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6115] <... rseq resumed>) = 0 [pid 6113] <... openat resumed>) = 3 [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5088] newfstatat(AT_FDCWD, "./100/file0", [pid 5085] getdents64(3, [pid 6115] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6113] chdir("./file0" [pid 5089] <... restart_syscall resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6115] <... set_robust_list resumed>) = 0 [pid 6113] <... chdir resumed>) = 0 [pid 5088] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6115] rt_sigprocmask(SIG_SETMASK, [], [pid 6113] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6115] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6113] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] newfstatat(AT_FDCWD, "./100/binderfs", [pid 6115] memfd_create("syzkaller", 0 [pid 5089] umount2("./100", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... openat resumed>) = 4 [pid 6115] <... memfd_create resumed>) = 3 [pid 6113] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] newfstatat(4, "", [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6113] <... futex resumed>) = 1 [pid 6112] <... futex resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] unlink("./100/binderfs" [pid 6115] <... mmap resumed>) = 0x7f1df2200000 [pid 6113] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6112] exit_group(0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] getdents64(4, [pid 5085] <... unlink resumed>) = 0 [pid 6113] <... futex resumed>) = ? [pid 6112] <... exit_group resumed>) = ? [pid 5089] openat(AT_FDCWD, "./100", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... openat resumed>) = 3 [pid 5088] getdents64(4, [pid 5089] newfstatat(3, "", [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] close(4 [pid 5089] getdents64(3, [pid 5088] <... close resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] rmdir("./100/file0" [pid 5089] umount2("./100/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] <... rmdir resumed>) = 0 [pid 5088] getdents64(3, [pid 5089] newfstatat(AT_FDCWD, "./100/binderfs", [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] close(3 [pid 5089] unlink("./100/binderfs" [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./100" [pid 5089] <... unlink resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5088] mkdir("./101", 0777 [pid 5089] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... umount2 resumed>) = 0 [pid 6113] +++ exited with 0 +++ [pid 6112] +++ exited with 0 +++ [pid 5088] <... openat resumed>) = 3 [pid 5089] <... umount2 resumed>) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6112, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5085] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./100/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... openat resumed>) = 3 [pid 5089] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", [ 156.740735][ T6113] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6115] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] newfstatat(AT_FDCWD, "./100/file0", [pid 5089] getdents64(4, [pid 5087] getdents64(3, [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] getdents64(4, [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] close(4 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./100/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] rmdir("./100/file0" [pid 5087] newfstatat(AT_FDCWD, "./101/binderfs", [pid 5085] openat(AT_FDCWD, "./100/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... rmdir resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5087] unlink("./101/binderfs") = 0 [pid 5085] newfstatat(4, "", [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] close(3 [pid 5087] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(4, [pid 5089] <... close resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6115] <... write resumed>) = 2097152 [pid 5087] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(4, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] newfstatat(AT_FDCWD, "./101/file0", [pid 5085] close(4 [pid 6115] munmap(0x7f1df2200000, 138412032 [pid 5089] rmdir("./100" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... close resumed>) = 0 [pid 5087] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] rmdir("./100/file0") = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] close(3 [pid 5087] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... close resumed>) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5085] rmdir("./100" [pid 6115] <... munmap resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5085] mkdir("./101", 0777 [pid 5089] <... rmdir resumed>) = 0 [pid 6115] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] mkdir("./101", 0777 [pid 5087] newfstatat(4, "", [pid 5085] <... mkdir resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... mkdir resumed>) = 0 [pid 6115] <... openat resumed>) = 4 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6115] ioctl(4, LOOP_SET_FD, 3 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... openat resumed>) = 3 [pid 5087] getdents64(4, [pid 5085] <... openat resumed>) = 3 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5087] close(4) = 0 [pid 5087] rmdir("./101/file0") = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./101") = 0 [pid 5087] mkdir("./102", 0777) = 0 [pid 6115] <... ioctl resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] <... ioctl resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5088] close(3 [pid 6115] close(3 [pid 5088] <... close resumed>) = 0 [pid 6115] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6115] close(4) = 0 [pid 6115] mkdir("./file0", 0777./strace-static-x86_64: Process 6116 attached [pid 6116] set_robust_list(0x555580b0d6a0, 24 [pid 6115] <... mkdir resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6116 [pid 6116] <... set_robust_list resumed>) = 0 [pid 6116] chdir("./101" [pid 6115] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6116] <... chdir resumed>) = 0 [ 156.853044][ T6115] loop1: detected capacity change from 0 to 4096 [pid 6116] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] <... ioctl resumed>) = 0 [pid 6116] <... prctl resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 6116] setpgid(0, 0) = 0 [pid 6116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] close(3 [pid 5089] close(3 [pid 5087] close(3 [pid 5085] <... close resumed>) = 0 [pid 6116] <... openat resumed>) = 3 [pid 5089] <... close resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6116] write(3, "1000", 4 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6117 attached [pid 6116] <... write resumed>) = 4 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6117 [pid 6116] close(3 [pid 6117] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6118 [pid 6117] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 6118 attached [pid 6117] chdir("./101" [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6119 ./strace-static-x86_64: Process 6119 attached [pid 6118] set_robust_list(0x555580b0d6a0, 24 [pid 6117] <... chdir resumed>) = 0 [pid 6116] <... close resumed>) = 0 [pid 6119] set_robust_list(0x555580b0d6a0, 24 [pid 6118] <... set_robust_list resumed>) = 0 [pid 6117] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6116] symlink("/dev/binderfs", "./binderfs" [pid 6119] <... set_robust_list resumed>) = 0 [pid 6118] chdir("./102" [pid 6117] <... prctl resumed>) = 0 [pid 6119] chdir("./101" [pid 6117] setpgid(0, 0 [pid 6116] <... symlink resumed>) = 0 executing program [pid 6119] <... chdir resumed>) = 0 [pid 6118] <... chdir resumed>) = 0 [pid 6117] <... setpgid resumed>) = 0 [pid 6116] write(1, "executing program\n", 18 [pid 6119] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6118] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6116] <... write resumed>) = 18 [pid 6119] <... prctl resumed>) = 0 [pid 6118] <... prctl resumed>) = 0 [pid 6117] <... openat resumed>) = 3 [pid 6116] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6119] setpgid(0, 0 [pid 6118] setpgid(0, 0 [pid 6116] <... futex resumed>) = 0 [pid 6119] <... setpgid resumed>) = 0 [pid 6118] <... setpgid resumed>) = 0 [pid 6117] write(3, "1000", 4 [pid 6116] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6117] <... write resumed>) = 4 [pid 6116] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6117] close(3 [pid 6116] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6119] <... openat resumed>) = 3 [pid 6117] <... close resumed>) = 0 [pid 6116] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 156.918585][ T6115] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 6119] write(3, "1000", 4 [pid 6117] symlink("/dev/binderfs", "./binderfs" [pid 6116] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6119] <... write resumed>) = 4 [pid 6118] <... openat resumed>) = 3 [pid 6118] write(3, "1000", 4 [pid 6117] <... symlink resumed>) = 0 [pid 6116] <... mmap resumed>) = 0x7f1dfa693000 [pid 6118] <... write resumed>) = 4 [pid 6116] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6118] close(3 [pid 6119] close(3 [pid 6118] <... close resumed>) = 0 [pid 6116] <... mprotect resumed>) = 0 [pid 6118] symlink("/dev/binderfs", "./binderfs" [pid 6119] <... close resumed>) = 0 executing program executing program [pid 6119] symlink("/dev/binderfs", "./binderfs" [pid 6118] <... symlink resumed>) = 0 [pid 6119] <... symlink resumed>) = 0 [pid 6118] write(1, "executing program\n", 18 [pid 6117] write(1, "executing program\n", 18 [pid 6116] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6118] <... write resumed>) = 18 [pid 6117] <... write resumed>) = 18 [pid 6116] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6118] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6117] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6116] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6120 attached [pid 6118] <... futex resumed>) = 0 executing program [pid 6120] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6119] write(1, "executing program\n", 18 [pid 6118] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6117] <... futex resumed>) = 0 [pid 6116] <... clone3 resumed> => {parent_tid=[6120]}, 88) = 6120 [pid 6120] <... rseq resumed>) = 0 [pid 6119] <... write resumed>) = 18 [pid 6120] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6119] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6118] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6117] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6116] rt_sigprocmask(SIG_SETMASK, [], [pid 6120] <... set_robust_list resumed>) = 0 [pid 6119] <... futex resumed>) = 0 [pid 6118] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6117] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6116] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6120] rt_sigprocmask(SIG_SETMASK, [], [pid 6119] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6118] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6117] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6116] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6120] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6119] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6118] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6117] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6116] <... futex resumed>) = 0 [pid 6115] <... mount resumed>) = 0 [pid 6119] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6117] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6116] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6119] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6115] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6119] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6118] <... mmap resumed>) = 0x7f1dfa693000 [pid 6117] <... mmap resumed>) = 0x7f1dfa693000 [pid 6115] <... openat resumed>) = 3 [pid 6119] <... mmap resumed>) = 0x7f1dfa693000 [pid 6118] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6117] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6119] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6118] <... mprotect resumed>) = 0 [pid 6117] <... mprotect resumed>) = 0 [pid 6115] chdir("./file0" [pid 6119] <... mprotect resumed>) = 0 [pid 6117] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6115] <... chdir resumed>) = 0 [pid 6120] memfd_create("syzkaller", 0 [pid 6119] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6118] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6117] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6115] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6120] <... memfd_create resumed>) = 3 [pid 6119] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6118] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6117] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6115] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6119] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6122 attached ./strace-static-x86_64: Process 6121 attached [pid 6120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6118] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6115] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6122] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6121] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6120] <... mmap resumed>) = 0x7f1df2200000 [pid 6119] <... clone3 resumed> => {parent_tid=[6122]}, 88) = 6122 [pid 6117] <... clone3 resumed> => {parent_tid=[6121]}, 88) = 6121 ./strace-static-x86_64: Process 6123 attached [pid 6122] <... rseq resumed>) = 0 [pid 6121] <... rseq resumed>) = 0 [pid 6119] rt_sigprocmask(SIG_SETMASK, [], [pid 6115] <... futex resumed>) = 1 [pid 6114] <... futex resumed>) = 0 [pid 6123] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6119] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6115] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6114] exit_group(0 [pid 6123] <... rseq resumed>) = 0 [pid 6119] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6115] <... futex resumed>) = ? [pid 6114] <... exit_group resumed>) = ? [pid 6122] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6121] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6117] rt_sigprocmask(SIG_SETMASK, [], [pid 6123] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6119] <... futex resumed>) = 0 [pid 6118] <... clone3 resumed> => {parent_tid=[6123]}, 88) = 6123 [pid 6115] +++ exited with 0 +++ [pid 6114] +++ exited with 0 +++ [pid 6123] <... set_robust_list resumed>) = 0 [pid 6119] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6121] <... set_robust_list resumed>) = 0 [pid 6117] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6118] rt_sigprocmask(SIG_SETMASK, [], [pid 6122] <... set_robust_list resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6114, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 6123] rt_sigprocmask(SIG_SETMASK, [], [pid 6122] rt_sigprocmask(SIG_SETMASK, [], [pid 6118] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6123] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6122] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6121] rt_sigprocmask(SIG_SETMASK, [], [pid 6118] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6117] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6122] memfd_create("syzkaller", 0 [pid 6121] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6118] <... futex resumed>) = 0 [pid 6117] <... futex resumed>) = 0 [ 156.970544][ T6115] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 6123] memfd_create("syzkaller", 0) = 3 [pid 6123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6118] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6117] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6122] <... memfd_create resumed>) = 3 [pid 6121] memfd_create("syzkaller", 0 [pid 6120] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6121] <... memfd_create resumed>) = 3 [pid 5086] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6122] <... mmap resumed>) = 0x7f1df2200000 [pid 6121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6121] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6123] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./101/binderfs") = 0 [pid 5086] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6123] <... write resumed>) = 2097152 [pid 5086] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6123] munmap(0x7f1df2200000, 138412032 [pid 6122] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./101/file0", [pid 6120] <... write resumed>) = 2097152 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", [pid 6121] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6120] munmap(0x7f1df2200000, 138412032 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6123] <... munmap resumed>) = 0 [pid 6120] <... munmap resumed>) = 0 [pid 5086] getdents64(4, [pid 6123] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4 [pid 6123] <... openat resumed>) = 4 [pid 5086] <... close resumed>) = 0 [pid 6123] ioctl(4, LOOP_SET_FD, 3 [pid 5086] rmdir("./101/file0" [pid 6120] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5086] <... rmdir resumed>) = 0 [pid 6120] ioctl(4, LOOP_SET_FD, 3 [pid 6123] <... ioctl resumed>) = 0 [pid 6122] <... write resumed>) = 2097152 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 6120] <... ioctl resumed>) = 0 [pid 6123] close(3 [pid 6122] munmap(0x7f1df2200000, 138412032 [pid 6121] <... write resumed>) = 2097152 [pid 5086] <... close resumed>) = 0 [pid 6121] munmap(0x7f1df2200000, 138412032 [pid 6120] close(3 [pid 6123] <... close resumed>) = 0 [pid 6122] <... munmap resumed>) = 0 [pid 6121] <... munmap resumed>) = 0 [pid 6120] <... close resumed>) = 0 [pid 5086] rmdir("./101" [pid 6120] close(4) = 0 [pid 6120] mkdir("./file0", 0777 [pid 5086] <... rmdir resumed>) = 0 [pid 6120] <... mkdir resumed>) = 0 [pid 6120] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6123] close(4) = 0 [ 157.195575][ T6123] loop2: detected capacity change from 0 to 4096 [ 157.196290][ T6120] loop3: detected capacity change from 0 to 4096 [ 157.232092][ T6120] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6121] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6123] mkdir("./file0", 0777 [pid 6122] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] mkdir("./102", 0777 [pid 6122] <... openat resumed>) = 4 [pid 6121] <... openat resumed>) = 4 [pid 6122] ioctl(4, LOOP_SET_FD, 3 [pid 6121] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... mkdir resumed>) = 0 [pid 6123] <... mkdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6123] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... openat resumed>) = 3 [pid 6122] <... ioctl resumed>) = 0 [pid 6121] <... ioctl resumed>) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6122] close(3) = 0 [pid 6121] close(3 [pid 6122] close(4 [pid 6121] <... close resumed>) = 0 [pid 6122] <... close resumed>) = 0 [pid 6121] close(4) = 0 [pid 6122] mkdir("./file0", 0777 [pid 6121] mkdir("./file0", 0777 [pid 6122] <... mkdir resumed>) = 0 [pid 6121] <... mkdir resumed>) = 0 [pid 6121] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 157.244450][ T6122] loop4: detected capacity change from 0 to 4096 [ 157.252717][ T6121] loop0: detected capacity change from 0 to 4096 [ 157.262604][ T6123] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 157.293110][ T6122] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 157.304262][ T6121] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 6122] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6120] <... mount resumed>) = 0 [pid 6120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6120] chdir("./file0") = 0 [pid 6120] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6120] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6116] <... futex resumed>) = 0 [pid 6120] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6116] exit_group(0 [pid 6120] <... futex resumed>) = ? [pid 6116] <... exit_group resumed>) = ? [ 157.346830][ T6120] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5086] <... ioctl resumed>) = 0 [pid 6122] <... mount resumed>) = 0 [pid 6120] +++ exited with 0 +++ [pid 6116] +++ exited with 0 +++ [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6116, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5088] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6124 ./strace-static-x86_64: Process 6124 attached [pid 6124] set_robust_list(0x555580b0d6a0, 24 [pid 5088] <... openat resumed>) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6124] <... set_robust_list resumed>) = 0 [pid 5088] getdents64(3, [pid 6124] chdir("./102" [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6124] <... chdir resumed>) = 0 [pid 5088] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6124] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6124] <... prctl resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./101/binderfs", [pid 6124] setpgid(0, 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6124] <... setpgid resumed>) = 0 [pid 6122] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] unlink("./101/binderfs" [pid 6124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6122] <... openat resumed>) = 3 [pid 6121] <... mount resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 6122] chdir("./file0" [ 157.411773][ T6122] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 157.426052][ T6121] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5088] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6124] <... openat resumed>) = 3 [pid 6122] <... chdir resumed>) = 0 [pid 6121] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... umount2 resumed>) = 0 [pid 6124] write(3, "1000", 4) = 4 [pid 6124] close(3) = 0 [pid 6124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5088] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6124] write(1, "executing program\n", 18 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6124] <... write resumed>) = 18 [pid 5088] newfstatat(AT_FDCWD, "./101/file0", [pid 6124] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6124] <... futex resumed>) = 0 [pid 6124] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6124] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6124] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5088] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 5088] <... openat resumed>) = 4 [pid 6124] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5088] newfstatat(4, "", [pid 6124] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6122] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6121] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, [pid 6124] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6123] <... mount resumed>) = 0 [pid 6122] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6121] chdir("./file0" [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6124] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6122] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6121] <... chdir resumed>) = 0 [pid 5088] getdents64(4, ./strace-static-x86_64: Process 6125 attached [pid 6123] <... openat resumed>) = 3 [pid 6122] <... futex resumed>) = 1 [pid 6121] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6119] <... futex resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6125] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6124] <... clone3 resumed> => {parent_tid=[6125]}, 88) = 6125 [pid 6123] chdir("./file0" [pid 6122] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6121] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6119] exit_group(0 [pid 5088] close(4 [pid 6125] <... rseq resumed>) = 0 [pid 6124] rt_sigprocmask(SIG_SETMASK, [], [pid 6123] <... chdir resumed>) = 0 [pid 6122] <... futex resumed>) = ? [pid 6121] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6119] <... exit_group resumed>) = ? [pid 6125] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6124] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6123] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6122] +++ exited with 0 +++ [pid 6121] <... futex resumed>) = 1 [pid 6117] <... futex resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 6125] <... set_robust_list resumed>) = 0 [pid 6124] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6123] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6121] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6117] exit_group(0 [pid 6125] rt_sigprocmask(SIG_SETMASK, [], [pid 6124] <... futex resumed>) = 0 [pid 6123] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6121] <... futex resumed>) = ? [pid 6117] <... exit_group resumed>) = ? [pid 5088] rmdir("./101/file0" [pid 6125] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6121] +++ exited with 0 +++ [pid 6118] <... futex resumed>) = 0 [pid 6125] memfd_create("syzkaller", 0 [pid 6118] exit_group(0 [pid 6117] +++ exited with 0 +++ [pid 5088] <... rmdir resumed>) = 0 [pid 6124] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6123] <... futex resumed>) = ? [pid 6119] +++ exited with 0 +++ [pid 6118] <... exit_group resumed>) = ? [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6117, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6119, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5085] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6125] <... memfd_create resumed>) = 3 [pid 5085] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] getdents64(3, [pid 5085] <... openat resumed>) = 3 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] newfstatat(3, "", [pid 5089] umount2("./101", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] close(3 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... close resumed>) = 0 [pid 5085] getdents64(3, [pid 5089] openat(AT_FDCWD, "./101", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] rmdir("./101" [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] <... openat resumed>) = 3 [pid 5088] <... rmdir resumed>) = 0 [pid 5085] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] newfstatat(3, "", [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] newfstatat(AT_FDCWD, "./101/binderfs", [pid 6125] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] getdents64(3, [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] mkdir("./102", 0777 [ 157.456261][ T6123] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5085] unlink("./101/binderfs" [pid 5089] umount2("./101/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... mkdir resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] newfstatat(AT_FDCWD, "./101/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5089] unlink("./101/binderfs" [pid 5085] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6123] +++ exited with 0 +++ [pid 6118] +++ exited with 0 +++ [pid 5089] <... unlink resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... openat resumed>) = 3 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6118, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5085] newfstatat(AT_FDCWD, "./101/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5085] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] newfstatat(AT_FDCWD, "./101/file0", [pid 5087] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... openat resumed>) = 4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5085] newfstatat(4, "", [pid 5089] umount2("./101/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] newfstatat(3, "", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, [pid 5089] openat(AT_FDCWD, "./101/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] getdents64(3, [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... openat resumed>) = 4 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] getdents64(4, [pid 5089] newfstatat(4, "", [pid 5087] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] close(4 [pid 5089] getdents64(4, [pid 5087] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5085] <... close resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] rmdir("./101/file0" [pid 5089] getdents64(4, [pid 5087] unlink("./102/binderfs" [pid 5085] <... rmdir resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5085] getdents64(3, [pid 5089] close(4 [pid 5087] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... close resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] rmdir("./101/file0") = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5089] getdents64(3, [pid 5087] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] close(3 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5085] <... close resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... close resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./102/file0", [pid 5085] rmdir("./101" [pid 5089] rmdir("./101" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5087] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] mkdir("./102", 0777 [pid 5089] mkdir("./102", 0777 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... mkdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... mkdir resumed>) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5087] newfstatat(4, "", [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5087] getdents64(4, [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6125] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5087] close(4) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5087] rmdir("./102/file0") = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] rmdir("./102") = 0 [pid 5087] mkdir("./103", 0777 [pid 5088] close(3 [pid 5087] <... mkdir resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6126 attached [pid 6126] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6126] chdir("./102" [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6126 [pid 6126] <... chdir resumed>) = 0 [pid 6126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6126] setpgid(0, 0) = 0 [pid 6126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] <... ioctl resumed>) = 0 [pid 6126] <... openat resumed>) = 3 [pid 6126] write(3, "1000", 4 [pid 5085] close(3 [pid 6126] <... write resumed>) = 4 [pid 5085] <... close resumed>) = 0 [pid 6126] close(3 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6126] <... close resumed>) = 0 [pid 6126] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6127 executing program [pid 6126] write(1, "executing program\n", 18) = 18 [pid 6126] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 6127 attached [pid 6126] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6127] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6126] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6126] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6125] <... write resumed>) = 2097152 [pid 6127] chdir("./102" [pid 6126] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6127] <... chdir resumed>) = 0 [pid 6127] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6126] <... mprotect resumed>) = 0 [pid 6127] <... prctl resumed>) = 0 [pid 6127] setpgid(0, 0 [pid 6126] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6127] <... setpgid resumed>) = 0 [pid 6126] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6126] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6125] munmap(0x7f1df2200000, 138412032 [pid 5089] <... ioctl resumed>) = 0 [pid 6127] <... openat resumed>) = 3 [pid 6127] write(3, "1000", 4) = 4 [pid 6126] <... clone3 resumed> => {parent_tid=[6128]}, 88) = 6128 [pid 6127] close(3./strace-static-x86_64: Process 6128 attached ) = 0 [pid 6126] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] close(3 [pid 6128] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6127] symlink("/dev/binderfs", "./binderfs" [pid 6128] <... rseq resumed>) = 0 [pid 6128] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6127] <... symlink resumed>) = 0 [pid 6126] <... rt_sigprocmask resumed>NULL, 8) = 0 executing program [pid 6128] <... set_robust_list resumed>) = 0 [pid 6127] write(1, "executing program\n", 18 [pid 6126] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... close resumed>) = 0 [pid 6128] rt_sigprocmask(SIG_SETMASK, [], [pid 6127] <... write resumed>) = 18 [pid 6126] <... futex resumed>) = 0 [pid 6128] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6127] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6126] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6125] <... munmap resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6128] memfd_create("syzkaller", 0 [pid 6127] <... futex resumed>) = 0 [pid 6128] <... memfd_create resumed>) = 3 [pid 6127] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6127] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6127] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6128] <... mmap resumed>) = 0x7f1df2200000 [pid 6127] <... mmap resumed>) = 0x7f1dfa693000 [pid 6125] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6129 [pid 6127] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6125] <... openat resumed>) = 4 ./strace-static-x86_64: Process 6129 attached [pid 6127] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6125] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... ioctl resumed>) = 0 [pid 6129] set_robust_list(0x555580b0d6a0, 24 [pid 6127] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6129] <... set_robust_list resumed>) = 0 [pid 6129] chdir("./102") = 0 [pid 6129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6129] setpgid(0, 0 [pid 6127] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6125] <... ioctl resumed>) = 0 [pid 5087] close(3./strace-static-x86_64: Process 6130 attached [pid 6128] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6125] close(3 [pid 5087] <... close resumed>) = 0 [pid 6130] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6127] <... clone3 resumed> => {parent_tid=[6130]}, 88) = 6130 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6130] <... rseq resumed>) = 0 [pid 6129] <... setpgid resumed>) = 0 [pid 6127] rt_sigprocmask(SIG_SETMASK, [], [pid 6125] <... close resumed>) = 0 [pid 6130] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6127] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 6131 attached [pid 6130] <... set_robust_list resumed>) = 0 [pid 6129] <... openat resumed>) = 3 [pid 6127] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6125] close(4 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6131 [pid 6131] set_robust_list(0x555580b0d6a0, 24 [pid 6130] rt_sigprocmask(SIG_SETMASK, [], [pid 6129] write(3, "1000", 4 [pid 6127] <... futex resumed>) = 0 [pid 6125] <... close resumed>) = 0 [pid 6130] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6127] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6125] mkdir("./file0", 0777 [pid 6129] <... write resumed>) = 4 [pid 6131] <... set_robust_list resumed>) = 0 [pid 6130] memfd_create("syzkaller", 0 [pid 6129] close(3 [pid 6131] chdir("./103" [pid 6129] <... close resumed>) = 0 [pid 6125] <... mkdir resumed>) = 0 [pid 6131] <... chdir resumed>) = 0 [pid 6129] symlink("/dev/binderfs", "./binderfs" [pid 6131] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6130] <... memfd_create resumed>) = 3 [pid 6129] <... symlink resumed>) = 0 executing program [pid 6131] <... prctl resumed>) = 0 [pid 6130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6129] write(1, "executing program\n", 18 [pid 6125] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6131] setpgid(0, 0 [pid 6129] <... write resumed>) = 18 [pid 6131] <... setpgid resumed>) = 0 [ 157.699769][ T6125] loop1: detected capacity change from 0 to 4096 [pid 6129] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6129] <... futex resumed>) = 0 [pid 6129] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6131] write(3, "1000", 4 [pid 6129] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6131] <... write resumed>) = 4 [pid 6129] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6131] close(3 [pid 6129] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6131] <... close resumed>) = 0 [pid 6129] <... mmap resumed>) = 0x7f1dfa693000 [pid 6131] symlink("/dev/binderfs", "./binderfs" [pid 6129] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6131] <... symlink resumed>) = 0 executing program [pid 6129] <... mprotect resumed>) = 0 [pid 6131] write(1, "executing program\n", 18 [pid 6130] <... mmap resumed>) = 0x7f1df2200000 [pid 6129] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6131] <... write resumed>) = 18 [pid 6131] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6131] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6131] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6129] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6131] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6129] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6131] <... mmap resumed>) = 0x7f1dfa693000 [pid 6131] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6129] <... clone3 resumed> => {parent_tid=[6132]}, 88) = 6132 [pid 6131] <... mprotect resumed>) = 0 [pid 6129] rt_sigprocmask(SIG_SETMASK, [], [pid 6131] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6129] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6129] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6132 attached [pid 6131] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6129] <... futex resumed>) = 0 [pid 6132] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6131] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6129] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6132] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6131] <... clone3 resumed> => {parent_tid=[6133]}, 88) = 6133 [pid 6132] rt_sigprocmask(SIG_SETMASK, [], [pid 6131] rt_sigprocmask(SIG_SETMASK, [], [pid 6132] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6131] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 6133 attached [pid 6132] memfd_create("syzkaller", 0 [pid 6131] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6128] <... write resumed>) = 2097152 [pid 6133] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6131] <... futex resumed>) = 0 [pid 6133] <... rseq resumed>) = 0 [pid 6131] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6133] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6132] <... memfd_create resumed>) = 3 [pid 6133] <... set_robust_list resumed>) = 0 [pid 6132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6133] rt_sigprocmask(SIG_SETMASK, [], [pid 6132] <... mmap resumed>) = 0x7f1df2200000 [pid 6133] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6133] memfd_create("syzkaller", 0 [ 157.752072][ T6125] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 6128] munmap(0x7f1df2200000, 138412032 [pid 6133] <... memfd_create resumed>) = 3 [pid 6128] <... munmap resumed>) = 0 [pid 6133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6130] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6128] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6125] <... mount resumed>) = 0 [pid 6128] <... openat resumed>) = 4 [pid 6125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6125] chdir("./file0" [pid 6128] ioctl(4, LOOP_SET_FD, 3 [pid 6125] <... chdir resumed>) = 0 [pid 6132] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6125] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6128] <... ioctl resumed>) = 0 [pid 6125] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6128] close(3 [pid 6133] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6128] <... close resumed>) = 0 [pid 6125] <... futex resumed>) = 1 [pid 6124] <... futex resumed>) = 0 [pid 6124] exit_group(0) = ? [pid 6128] close(4) = 0 [pid 6125] +++ exited with 0 +++ [pid 6124] +++ exited with 0 +++ [pid 6128] mkdir("./file0", 0777 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6124, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5086] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6128] <... mkdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 157.820439][ T6125] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 157.845707][ T6128] loop3: detected capacity change from 0 to 4096 [pid 6128] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./102/binderfs") = 0 [pid 6130] <... write resumed>) = 2097152 [pid 5086] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6130] munmap(0x7f1df2200000, 138412032) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5086] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./102/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6130] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] <... openat resumed>) = 4 [ 157.895629][ T6128] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6130] <... openat resumed>) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, [pid 6130] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6133] <... write resumed>) = 2097152 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./102/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 6133] munmap(0x7f1df2200000, 138412032 [pid 5086] <... close resumed>) = 0 [pid 6132] <... write resumed>) = 2097152 [pid 5086] rmdir("./102") = 0 [pid 5086] mkdir("./103", 0777 [pid 6128] <... mount resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6132] munmap(0x7f1df2200000, 138412032 [pid 5086] <... openat resumed>) = 3 [pid 6132] <... munmap resumed>) = 0 [pid 6128] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6128] <... openat resumed>) = 3 [pid 6130] <... ioctl resumed>) = 0 [pid 6130] close(3) = 0 [pid 6130] close(4) = 0 [pid 6130] mkdir("./file0", 0777) = 0 [pid 6130] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6128] chdir("./file0" [pid 6133] <... munmap resumed>) = 0 [pid 6128] <... chdir resumed>) = 0 [ 157.939557][ T6128] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 157.943094][ T6130] loop0: detected capacity change from 0 to 4096 [pid 6128] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6133] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6132] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6128] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6128] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6126] <... futex resumed>) = 0 [pid 6128] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6126] exit_group(0 [pid 6128] <... futex resumed>) = ? [pid 6126] <... exit_group resumed>) = ? [pid 6133] <... openat resumed>) = 4 [pid 6132] <... openat resumed>) = 4 [pid 6128] +++ exited with 0 +++ [pid 6126] +++ exited with 0 +++ [pid 6133] ioctl(4, LOOP_SET_FD, 3 [pid 6132] ioctl(4, LOOP_SET_FD, 3 [pid 6133] <... ioctl resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6126, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5088] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, [pid 6133] close(3 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6133] <... close resumed>) = 0 [pid 5088] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6133] close(4 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6133] <... close resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./102/binderfs") = 0 [ 157.982085][ T6130] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 158.004069][ T6133] loop2: detected capacity change from 0 to 4096 [ 158.013403][ T6132] loop4: detected capacity change from 0 to 4096 [pid 6133] mkdir("./file0", 0777 [pid 5088] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6133] <... mkdir resumed>) = 0 [pid 6133] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... ioctl resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5088] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6132] <... ioctl resumed>) = 0 [pid 6132] close(3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6132] <... close resumed>) = 0 [pid 6132] close(4 [pid 5088] newfstatat(AT_FDCWD, "./102/file0", [pid 6132] <... close resumed>) = 0 [pid 6132] mkdir("./file0", 0777 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6132] <... mkdir resumed>) = 0 [pid 6132] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./102/file0") = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./102") = 0 [pid 5088] mkdir("./103", 0777 [pid 5086] close(3 [pid 5088] <... mkdir resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [ 158.030242][ T6133] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 158.066474][ T6132] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5088] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 6134 attached [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6134 [pid 6134] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6134] chdir("./103") = 0 [pid 6134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6134] setpgid(0, 0) = 0 [pid 6134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6134] write(3, "1000", 4) = 4 [pid 6134] close(3) = 0 [pid 6134] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6134] write(1, "executing program\n", 18executing program ) = 18 [pid 6134] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6134] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6130] <... mount resumed>) = 0 [pid 6134] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6134] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6134] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6134] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [ 158.093411][ T6130] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6134] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6130] chdir("./file0" [pid 6134] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6130] <... chdir resumed>) = 0 [pid 6130] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6134] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6130] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6130] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6134] <... clone3 resumed> => {parent_tid=[6135]}, 88) = 6135 [pid 6130] <... futex resumed>) = 1 [pid 6127] <... futex resumed>) = 0 [pid 6134] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 6135 attached NULL, 8) = 0 [pid 6135] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6134] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6135] <... rseq resumed>) = 0 [pid 6134] <... futex resumed>) = 0 [pid 6135] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6134] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6135] <... set_robust_list resumed>) = 0 [pid 6135] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6135] memfd_create("syzkaller", 0 [pid 6127] exit_group(0) = ? [pid 6135] <... memfd_create resumed>) = 3 [pid 6135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6132] <... mount resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 6135] <... mmap resumed>) = 0x7f1df2200000 [pid 6130] +++ exited with 0 +++ [pid 6127] +++ exited with 0 +++ [pid 6132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6133] <... mount resumed>) = 0 [pid 6132] <... openat resumed>) = 3 [pid 5088] close(3 [pid 6132] chdir("./file0" [pid 5088] <... close resumed>) = 0 [pid 6133] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6127, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6133] <... openat resumed>) = 3 [pid 6132] <... chdir resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6133] chdir("./file0" [pid 6132] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6133] <... chdir resumed>) = 0 [pid 6132] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 6136 attached [pid 6133] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6132] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6136] set_robust_list(0x555580b0d6a0, 24 [pid 6132] <... futex resumed>) = 1 [pid 6129] <... futex resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6136 [pid 6136] <... set_robust_list resumed>) = 0 [pid 6133] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6132] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6129] exit_group(0 [pid 5085] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6132] <... futex resumed>) = ? [pid 6129] <... exit_group resumed>) = ? [pid 6136] chdir("./103" [pid 6133] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6132] +++ exited with 0 +++ [pid 6133] <... futex resumed>) = 1 [pid 6129] +++ exited with 0 +++ [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6136] <... chdir resumed>) = 0 [pid 6133] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6129, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [ 158.158903][ T6132] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 158.171208][ T6133] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5085] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6136] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6131] <... futex resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 6131] exit_group(0 [pid 5085] newfstatat(3, "", [pid 6131] <... exit_group resumed>) = ? [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, [pid 6133] <... futex resumed>) = ? [pid 5089] umount2("./102", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6136] <... prctl resumed>) = 0 [pid 6135] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./102/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./102/binderfs" [pid 6136] setpgid(0, 0 [pid 5085] <... unlink resumed>) = 0 [pid 5085] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6136] <... setpgid resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./102", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 6136] <... openat resumed>) = 3 [pid 6133] +++ exited with 0 +++ [pid 6131] +++ exited with 0 +++ [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... umount2 resumed>) = 0 [pid 5089] umount2("./102/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6136] write(3, "1000", 4 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6131, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6136] <... write resumed>) = 4 [pid 6136] close(3 [pid 5085] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6136] <... close resumed>) = 0 [pid 5087] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6136] symlink("/dev/binderfs", "./binderfs" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] newfstatat(AT_FDCWD, "./102/file0", [pid 6136] <... symlink resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... openat resumed>) = 3 executing program [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6136] write(1, "executing program\n", 18 [pid 5089] newfstatat(AT_FDCWD, "./102/binderfs", [pid 5087] newfstatat(3, "", [pid 5085] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6136] <... write resumed>) = 18 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6136] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] unlink("./102/binderfs" [pid 5087] getdents64(3, [pid 5085] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6136] <... futex resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... openat resumed>) = 4 [pid 5089] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(4, "", [pid 6136] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] newfstatat(AT_FDCWD, "./103/binderfs", [pid 5085] getdents64(4, [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] unlink("./103/binderfs" [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 5087] <... unlink resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5087] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] rmdir("./102/file0" [pid 6136] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 6136] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6136] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./102") = 0 [pid 6136] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 6136] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] mkdir("./103", 0777 [pid 6136] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6135] <... write resumed>) = 2097152 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... mkdir resumed>) = 0 [pid 6136] <... mprotect resumed>) = 0 [pid 6135] munmap(0x7f1df2200000, 138412032 [pid 5089] newfstatat(AT_FDCWD, "./102/file0", [pid 5087] newfstatat(AT_FDCWD, "./103/file0", [pid 6136] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6136] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6136] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6137 attached [pid 5089] umount2("./102/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... openat resumed>) = 3 [pid 6137] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6136] <... clone3 resumed> => {parent_tid=[6137]}, 88) = 6137 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6137] <... rseq resumed>) = 0 [pid 6136] rt_sigprocmask(SIG_SETMASK, [], [pid 6135] <... munmap resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./102/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... openat resumed>) = 4 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6137] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6136] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6135] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5087] newfstatat(4, "", [pid 6137] <... set_robust_list resumed>) = 0 [pid 6136] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6135] <... openat resumed>) = 4 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6137] rt_sigprocmask(SIG_SETMASK, [], [pid 6136] <... futex resumed>) = 0 [pid 5087] getdents64(4, [pid 6137] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6136] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6135] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... openat resumed>) = 4 [pid 5087] getdents64(4, [pid 6137] memfd_create("syzkaller", 0 [pid 5089] newfstatat(4, "", [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6137] <... memfd_create resumed>) = 3 [pid 6135] <... ioctl resumed>) = 0 [pid 5089] close(4 [pid 5087] close(4 [pid 6135] close(3 [pid 6137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] <... close resumed>) = 0 [pid 6137] <... mmap resumed>) = 0x7f1df2200000 [pid 6135] <... close resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5087] rmdir("./103/file0" [pid 6135] close(4) = 0 [pid 6135] mkdir("./file0", 0777 [pid 5089] rmdir("./102/file0" [pid 6135] <... mkdir resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 6135] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... rmdir resumed>) = 0 [ 158.287565][ T6135] loop1: detected capacity change from 0 to 4096 [pid 5087] getdents64(3, [pid 5089] getdents64(3, [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6137] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] close(3 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... close resumed>) = 0 [pid 5087] rmdir("./103" [pid 5089] close(3) = 0 [pid 5089] rmdir("./102" [pid 5087] <... rmdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5087] mkdir("./104", 0777 [pid 5089] mkdir("./103", 0777 [pid 5087] <... mkdir resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5089] <... openat resumed>) = 3 [ 158.331099][ T6135] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5085] <... ioctl resumed>) = 0 [pid 5085] close(3) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6138 attached [pid 6135] <... mount resumed>) = 0 [pid 6138] set_robust_list(0x555580b0d6a0, 24 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6138 [pid 6138] <... set_robust_list resumed>) = 0 [pid 6138] chdir("./103" [pid 6135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6138] <... chdir resumed>) = 0 [pid 6135] <... openat resumed>) = 3 [pid 6138] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6135] chdir("./file0" [pid 6138] <... prctl resumed>) = 0 [pid 6135] <... chdir resumed>) = 0 [pid 6138] setpgid(0, 0 [pid 6135] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6138] <... setpgid resumed>) = 0 [pid 6135] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6135] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6134] <... futex resumed>) = 0 [pid 6138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6134] exit_group(0) = ? [pid 6135] +++ exited with 0 +++ [pid 6138] <... openat resumed>) = 3 [pid 6134] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6134, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5086] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5086] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./103/binderfs" [pid 6138] write(3, "1000", 4 [pid 5086] <... unlink resumed>) = 0 [pid 5086] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6138] <... write resumed>) = 4 [pid 6138] close(3) = 0 [pid 6138] symlink("/dev/binderfs", "./binderfs" [pid 6137] <... write resumed>) = 2097152 [pid 6138] <... symlink resumed>) = 0 [ 158.381061][ T6135] ntfs3: loop1: Failed to initialize $Extend/$ObjId. executing program [pid 6138] write(1, "executing program\n", 18) = 18 [pid 6137] munmap(0x7f1df2200000, 138412032 [pid 6138] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... ioctl resumed>) = 0 [pid 6138] <... futex resumed>) = 0 [pid 6137] <... munmap resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 6138] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6137] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] close(3 [pid 6138] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6138] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6137] <... openat resumed>) = 4 [pid 5089] <... close resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 6138] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6137] ioctl(4, LOOP_SET_FD, 3 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6138] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] close(3 [pid 5086] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... close resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] newfstatat(AT_FDCWD, "./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6139 [pid 5086] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6138] <... mmap resumed>) = 0x7f1dfa693000 [pid 5086] newfstatat(4, "", ./strace-static-x86_64: Process 6139 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6139] set_robust_list(0x555580b0d6a0, 24 [pid 5086] getdents64(4, [pid 6139] <... set_robust_list resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6139] chdir("./104" [pid 6138] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] getdents64(4, [pid 6139] <... chdir resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6139] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5086] close(4./strace-static-x86_64: Process 6140 attached [pid 6139] <... prctl resumed>) = 0 [pid 6138] <... mprotect resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 6140] set_robust_list(0x555580b0d6a0, 24 [pid 6139] setpgid(0, 0 [pid 5086] rmdir("./103/file0" [pid 6140] <... set_robust_list resumed>) = 0 [pid 6139] <... setpgid resumed>) = 0 [pid 6138] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5086] <... rmdir resumed>) = 0 [pid 6140] chdir("./103" [pid 6138] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6137] <... ioctl resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6140 [pid 6138] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6137] close(3./strace-static-x86_64: Process 6141 attached [pid 6140] <... chdir resumed>) = 0 [pid 6137] <... close resumed>) = 0 [pid 6141] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6138] <... clone3 resumed> => {parent_tid=[6141]}, 88) = 6141 [pid 6137] close(4 [pid 6141] <... rseq resumed>) = 0 [pid 6138] rt_sigprocmask(SIG_SETMASK, [], [pid 6141] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6140] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6138] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] getdents64(3, [pid 6141] rt_sigprocmask(SIG_SETMASK, [], [pid 6140] <... prctl resumed>) = 0 [pid 6139] <... openat resumed>) = 3 [pid 6138] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6141] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6140] setpgid(0, 0 [pid 6138] <... futex resumed>) = 0 [pid 6137] <... close resumed>) = 0 [pid 5086] close(3 [pid 6140] <... setpgid resumed>) = 0 [pid 6139] write(3, "1000", 4 [pid 6138] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5086] <... close resumed>) = 0 [pid 6141] memfd_create("syzkaller", 0 [pid 6140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6139] <... write resumed>) = 4 [pid 6137] mkdir("./file0", 0777 [pid 5086] rmdir("./103" [pid 6140] <... openat resumed>) = 3 [pid 6139] close(3 [pid 5086] <... rmdir resumed>) = 0 [pid 6141] <... memfd_create resumed>) = 3 [pid 6140] write(3, "1000", 4 [pid 6139] <... close resumed>) = 0 [pid 5086] mkdir("./104", 0777 [pid 6140] <... write resumed>) = 4 [pid 6139] symlink("/dev/binderfs", "./binderfs" [pid 6137] <... mkdir resumed>) = 0 executing program [pid 6141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6140] close(3 [pid 6139] <... symlink resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 6141] <... mmap resumed>) = 0x7f1df2200000 [pid 6140] <... close resumed>) = 0 [pid 6139] write(1, "executing program\n", 18 [pid 6140] symlink("/dev/binderfs", "./binderfs" [pid 6139] <... write resumed>) = 18 [pid 6140] <... symlink resumed>) = 0 [pid 6139] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6137] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWRexecuting program [pid 6140] write(1, "executing program\n", 18 [pid 6139] <... futex resumed>) = 0 [pid 6140] <... write resumed>) = 18 [pid 6139] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5086] <... openat resumed>) = 3 [pid 6140] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6139] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6140] <... futex resumed>) = 0 [pid 6139] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [ 158.469496][ T6137] loop3: detected capacity change from 0 to 4096 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6140] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6139] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6140] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6139] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6140] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6139] <... mmap resumed>) = 0x7f1dfa693000 [pid 6140] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6139] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6140] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6139] <... mprotect resumed>) = 0 [pid 6140] <... mprotect resumed>) = 0 [pid 6139] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6140] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6139] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6140] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6139] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6140] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6143 attached ./strace-static-x86_64: Process 6142 attached [pid 6143] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6139] <... clone3 resumed> => {parent_tid=[6142]}, 88) = 6142 [pid 6143] <... rseq resumed>) = 0 [pid 6140] <... clone3 resumed> => {parent_tid=[6143]}, 88) = 6143 [pid 6139] rt_sigprocmask(SIG_SETMASK, [], [pid 6143] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6140] rt_sigprocmask(SIG_SETMASK, [], [pid 6139] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6143] <... set_robust_list resumed>) = 0 [pid 6142] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6140] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6139] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6143] rt_sigprocmask(SIG_SETMASK, [], [pid 6142] <... rseq resumed>) = 0 [pid 6140] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6139] <... futex resumed>) = 0 [pid 6143] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6142] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6140] <... futex resumed>) = 0 [pid 6139] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6143] memfd_create("syzkaller", 0 [pid 6142] <... set_robust_list resumed>) = 0 [pid 6141] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6140] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6142] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6142] memfd_create("syzkaller", 0) = 3 [ 158.522241][ T6137] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6143] <... memfd_create resumed>) = 3 [pid 6143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5086] <... ioctl resumed>) = 0 [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6144 attached , child_tidptr=0x555580b0d690) = 6144 [pid 6144] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6144] chdir("./104") = 0 [pid 6144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6144] setpgid(0, 0) = 0 [pid 6144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6144] write(3, "1000", 4) = 4 [pid 6144] close(3) = 0 [pid 6144] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6144] write(1, "executing program\n", 18 [pid 6143] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152executing program [pid 6144] <... write resumed>) = 18 [pid 6142] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6144] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6144] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6141] <... write resumed>) = 2097152 [pid 6144] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6144] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6144] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6144] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6141] munmap(0x7f1df2200000, 138412032 [pid 6144] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6144] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6141] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6145 attached [pid 6144] <... clone3 resumed> => {parent_tid=[6145]}, 88) = 6145 [pid 6145] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6144] rt_sigprocmask(SIG_SETMASK, [], [pid 6145] <... rseq resumed>) = 0 [pid 6144] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6145] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6144] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6145] <... set_robust_list resumed>) = 0 [pid 6144] <... futex resumed>) = 0 [pid 6145] rt_sigprocmask(SIG_SETMASK, [], [pid 6144] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6145] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6137] <... mount resumed>) = 0 [pid 6141] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6137] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6145] memfd_create("syzkaller", 0 [pid 6141] <... openat resumed>) = 4 [pid 6141] ioctl(4, LOOP_SET_FD, 3 [pid 6137] chdir("./file0" [pid 6145] <... memfd_create resumed>) = 3 [pid 6137] <... chdir resumed>) = 0 [pid 6145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6137] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6137] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6137] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6136] <... futex resumed>) = 0 [pid 6136] exit_group(0 [pid 6137] <... futex resumed>) = ? [pid 6136] <... exit_group resumed>) = ? [pid 6137] +++ exited with 0 +++ [pid 6141] <... ioctl resumed>) = 0 [pid 6143] <... write resumed>) = 2097152 [pid 6142] <... write resumed>) = 2097152 [pid 6136] +++ exited with 0 +++ [pid 6142] munmap(0x7f1df2200000, 138412032 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6136, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5088] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6143] munmap(0x7f1df2200000, 138412032 [pid 6141] close(3 [pid 5088] <... openat resumed>) = 3 [pid 6142] <... munmap resumed>) = 0 [pid 6141] <... close resumed>) = 0 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 158.655650][ T6137] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 158.695261][ T6141] loop0: detected capacity change from 0 to 4096 [pid 6141] close(4 [pid 6142] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6141] <... close resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./103/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6142] <... openat resumed>) = 4 [pid 5088] unlink("./103/binderfs" [pid 6142] ioctl(4, LOOP_SET_FD, 3 [pid 6143] <... munmap resumed>) = 0 [pid 6141] mkdir("./file0", 0777 [pid 5088] <... unlink resumed>) = 0 [pid 6141] <... mkdir resumed>) = 0 [pid 6141] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6143] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6143] ioctl(4, LOOP_SET_FD, 3 [pid 6145] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6142] <... ioctl resumed>) = 0 [pid 5088] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6142] close(3) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 6142] close(4 [pid 5088] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 158.743572][ T6142] loop2: detected capacity change from 0 to 4096 [ 158.748743][ T6143] loop4: detected capacity change from 0 to 4096 [ 158.755879][ T6141] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5088] newfstatat(AT_FDCWD, "./103/file0", [pid 6142] <... close resumed>) = 0 [pid 6142] mkdir("./file0", 0777) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6142] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6143] <... ioctl resumed>) = 0 [pid 5088] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6143] close(3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6143] <... close resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6143] close(4 [pid 5088] <... openat resumed>) = 4 [pid 6143] <... close resumed>) = 0 [pid 5088] newfstatat(4, "", [pid 6143] mkdir("./file0", 0777 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6143] <... mkdir resumed>) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6143] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] close(4 [pid 6145] <... write resumed>) = 2097152 [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./103/file0" [pid 6145] munmap(0x7f1df2200000, 138412032 [pid 5088] <... rmdir resumed>) = 0 [pid 6145] <... munmap resumed>) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./103") = 0 [pid 5088] mkdir("./104", 0777) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [ 158.785479][ T6142] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 158.801112][ T6143] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6145] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6145] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6145] close(3) = 0 [pid 6143] <... mount resumed>) = 0 [pid 6143] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6145] close(4) = 0 [pid 6145] mkdir("./file0", 0777 [pid 6143] <... openat resumed>) = 3 [pid 6143] chdir("./file0" [pid 6145] <... mkdir resumed>) = 0 [pid 6143] <... chdir resumed>) = 0 [pid 6143] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6145] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6143] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6140] <... futex resumed>) = 0 [pid 6143] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 158.853234][ T6145] loop1: detected capacity change from 0 to 4096 [ 158.869621][ T6143] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 158.894107][ T6141] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6140] exit_group(0 [pid 6143] <... futex resumed>) = ? [pid 6140] <... exit_group resumed>) = ? [pid 5088] <... ioctl resumed>) = 0 [pid 6143] +++ exited with 0 +++ [pid 6141] <... mount resumed>) = 0 [pid 6141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6141] chdir("./file0" [pid 6140] +++ exited with 0 +++ [pid 6141] <... chdir resumed>) = 0 [pid 5088] close(3 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6140, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5089] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5089] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6141] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] newfstatat(3, "", [pid 6141] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6141] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] getdents64(3, [pid 6141] <... futex resumed>) = 1 [pid 6138] <... futex resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6141] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6138] exit_group(0 [pid 5089] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6141] <... futex resumed>) = ? [pid 6138] <... exit_group resumed>) = ? [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6141] +++ exited with 0 +++ [pid 6138] +++ exited with 0 +++ [pid 5089] newfstatat(AT_FDCWD, "./103/binderfs", ./strace-static-x86_64: Process 6146 attached {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6146] set_robust_list(0x555580b0d6a0, 24 [pid 5089] unlink("./103/binderfs") = 0 [pid 6146] <... set_robust_list resumed>) = 0 [pid 5089] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6138, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6146] chdir("./104") = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6146 [pid 5085] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6146] setpgid(0, 0) = 0 [pid 6142] <... mount resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5085] umount2("./103", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6142] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6142] <... openat resumed>) = 3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./103", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6146] <... openat resumed>) = 3 [pid 6142] chdir("./file0" [pid 5089] newfstatat(AT_FDCWD, "./103/file0", [pid 6146] write(3, "1000", 4 [pid 6142] <... chdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... openat resumed>) = 3 [pid 6146] <... write resumed>) = 4 [pid 6142] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(3, "", [pid 6146] close(3 [pid 6142] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6146] <... close resumed>) = 0 [ 158.921552][ T6145] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 158.936792][ T6142] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5089] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6146] symlink("/dev/binderfs", "./binderfs" [pid 6142] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... openat resumed>) = 4 [pid 5085] getdents64(3, [pid 6146] <... symlink resumed>) = 0 [pid 6142] <... futex resumed>) = 1 [pid 6139] <... futex resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6142] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6139] exit_group(0 [pid 5085] umount2("./103/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6142] <... futex resumed>) = ? [pid 6139] <... exit_group resumed>) = ? [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6142] +++ exited with 0 +++ [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 5085] newfstatat(AT_FDCWD, "./103/binderfs", [pid 6146] write(1, "executing program\n", 18 [pid 5089] getdents64(4, [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6146] <... write resumed>) = 18 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] unlink("./103/binderfs" [pid 6146] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] getdents64(4, [pid 5085] <... unlink resumed>) = 0 [pid 6146] <... futex resumed>) = 0 [pid 6139] +++ exited with 0 +++ [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6146] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] close(4 [pid 5085] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6146] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] <... close resumed>) = 0 [pid 6146] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] rmdir("./103/file0" [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6139, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6146] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 6146] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5087] <... restart_syscall resumed>) = 0 [pid 6146] <... mmap resumed>) = 0x7f1dfa693000 [pid 6146] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6146] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] getdents64(3, [pid 6146] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6146] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6147 attached [pid 5089] close(3 [pid 5087] <... openat resumed>) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, [pid 6147] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6147] <... rseq resumed>) = 0 [pid 6146] <... clone3 resumed> => {parent_tid=[6147]}, 88) = 6147 [pid 5089] <... close resumed>) = 0 [pid 6147] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5087] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6147] <... set_robust_list resumed>) = 0 [pid 6146] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] rmdir("./103" [pid 6147] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5085] <... umount2 resumed>) = 0 [pid 5085] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./103/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6147] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6146] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6147] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5089] <... rmdir resumed>) = 0 [pid 6146] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] umount2("./103/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6147] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6146] <... futex resumed>) = 0 [pid 5089] mkdir("./104", 0777 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./103/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6145] <... mount resumed>) = 0 [pid 5085] newfstatat(4, "", [pid 6147] memfd_create("syzkaller", 0 [pid 6146] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] unlink("./104/binderfs" [pid 6145] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6145] <... openat resumed>) = 3 [pid 5089] <... mkdir resumed>) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6145] chdir("./file0" [pid 5085] getdents64(4, [pid 6145] <... chdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6147] <... memfd_create resumed>) = 3 [pid 6145] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] close(4 [pid 6147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6145] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... openat resumed>) = 3 [pid 5085] <... close resumed>) = 0 [pid 6147] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6145] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] rmdir("./103/file0" [pid 6145] <... futex resumed>) = 1 [pid 6144] <... futex resumed>) = 0 [pid 6144] exit_group(0) = ? [pid 6145] +++ exited with 0 +++ [pid 6144] +++ exited with 0 +++ [pid 5087] <... umount2 resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6144, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5085] getdents64(3, [pid 5087] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... restart_syscall resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] newfstatat(AT_FDCWD, "./104/file0", [pid 5085] close(3 [pid 5086] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... close resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] rmdir("./103" [pid 5086] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... openat resumed>) = 3 [pid 5085] <... rmdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(3, "", [pid 5085] mkdir("./104", 0777 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] getdents64(3, [pid 5085] <... mkdir resumed>) = 0 [pid 5087] newfstatat(4, "", [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... openat resumed>) = 3 [pid 5087] getdents64(4, [pid 5086] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 159.007231][ T6145] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5086] unlink("./104/binderfs" [pid 6147] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4 [pid 5086] <... unlink resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5086] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] rmdir("./104/file0") = 0 [pid 5087] getdents64(3, [pid 5089] <... ioctl resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] close(3) = 0 [pid 5087] rmdir("./104"./strace-static-x86_64: Process 6148 attached ) = 0 [pid 5086] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6148] set_robust_list(0x555580b0d6a0, 24 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6148] <... set_robust_list resumed>) = 0 [pid 5087] mkdir("./105", 0777 [pid 6148] chdir("./104" [pid 5087] <... mkdir resumed>) = 0 [pid 6148] <... chdir resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6148 [pid 5086] newfstatat(AT_FDCWD, "./104/file0", [pid 6148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6148] setpgid(0, 0 [pid 5086] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6148] <... setpgid resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... openat resumed>) = 4 [pid 5087] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6148] <... openat resumed>) = 3 [pid 5086] newfstatat(4, "", [pid 6148] write(3, "1000", 4) = 4 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6148] close(3 [pid 5086] getdents64(4, [pid 6148] <... close resumed>) = 0 [pid 6148] symlink("/dev/binderfs", "./binderfs" [pid 6147] <... write resumed>) = 2097152 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6147] munmap(0x7f1df2200000, 138412032 [pid 6148] <... symlink resumed>) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 executing program [pid 6148] write(1, "executing program\n", 18 [pid 5086] close(4 [pid 6148] <... write resumed>) = 18 [pid 5086] <... close resumed>) = 0 [pid 6148] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] rmdir("./104/file0" [pid 5085] <... ioctl resumed>) = 0 [pid 6148] <... futex resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 6148] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6147] <... munmap resumed>) = 0 [pid 5085] close(3) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] getdents64(3, ./strace-static-x86_64: Process 6149 attached [pid 6148] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6149] set_robust_list(0x555580b0d6a0, 24 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6149] <... set_robust_list resumed>) = 0 [pid 6148] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] close(3 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6149 [pid 6149] chdir("./104" [pid 6148] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6147] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... close resumed>) = 0 [pid 6149] <... chdir resumed>) = 0 [pid 6148] <... mmap resumed>) = 0x7f1dfa693000 [pid 6147] <... openat resumed>) = 4 [pid 5086] rmdir("./104" [pid 6149] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6148] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6147] ioctl(4, LOOP_SET_FD, 3 [pid 6149] <... prctl resumed>) = 0 [pid 6148] <... mprotect resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5086] mkdir("./105", 0777 [pid 6149] setpgid(0, 0 [pid 6148] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5086] <... mkdir resumed>) = 0 [pid 6149] <... setpgid resumed>) = 0 [pid 6149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6149] <... openat resumed>) = 3 [pid 6149] write(3, "1000", 4 [pid 5086] <... openat resumed>) = 3 [pid 6149] <... write resumed>) = 4 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6149] close(3 [pid 6148] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6149] <... close resumed>) = 0 [pid 6149] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6148] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6150 attached [pid 6149] write(1, "executing program\n", 18 [pid 6148] <... clone3 resumed> => {parent_tid=[6150]}, 88) = 6150 executing program [pid 6148] rt_sigprocmask(SIG_SETMASK, [], [pid 6150] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6149] <... write resumed>) = 18 [pid 6148] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6150] <... rseq resumed>) = 0 [pid 6149] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6148] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6150] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6149] <... futex resumed>) = 0 [pid 6148] <... futex resumed>) = 0 [pid 6150] <... set_robust_list resumed>) = 0 [pid 6149] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6150] rt_sigprocmask(SIG_SETMASK, [], [pid 6149] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6150] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6149] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6147] <... ioctl resumed>) = 0 [pid 6149] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6147] close(3 [pid 6149] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6148] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6147] <... close resumed>) = 0 [pid 6150] memfd_create("syzkaller", 0 [pid 6149] <... mmap resumed>) = 0x7f1dfa693000 [pid 6147] close(4 [pid 6149] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6147] <... close resumed>) = 0 [pid 6147] mkdir("./file0", 0777) = 0 [pid 6147] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6149] <... mprotect resumed>) = 0 [pid 6149] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6150] <... memfd_create resumed>) = 3 [pid 6149] <... rt_sigprocmask resumed>[], 8) = 0 [ 159.164815][ T6147] loop3: detected capacity change from 0 to 4096 [pid 6150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6149] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6151 attached [pid 6150] <... mmap resumed>) = 0x7f1df2200000 [pid 6151] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6149] <... clone3 resumed> => {parent_tid=[6151]}, 88) = 6151 [pid 5087] <... ioctl resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 6152 [pid 6151] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6149] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 6152 attached [pid 6152] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6152] chdir("./105") = 0 [pid 6152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6152] setpgid(0, 0) = 0 [pid 6152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6151] <... set_robust_list resumed>) = 0 [pid 6149] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6152] <... openat resumed>) = 3 [pid 6152] write(3, "1000", 4) = 4 [pid 6152] close(3 [pid 6151] rt_sigprocmask(SIG_SETMASK, [], [pid 6149] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6151] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6149] <... futex resumed>) = 0 [ 159.206853][ T6147] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). executing program [pid 6152] <... close resumed>) = 0 [pid 6151] memfd_create("syzkaller", 0 [pid 6149] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6151] <... memfd_create resumed>) = 3 [pid 6152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6152] write(1, "executing program\n", 18) = 18 [pid 6152] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6152] <... futex resumed>) = 0 [pid 6152] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6152] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6151] <... mmap resumed>) = 0x7f1df2200000 [pid 6152] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6152] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6152] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6147] <... mount resumed>) = 0 [pid 6152] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6147] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 6153 attached [pid 6152] <... clone3 resumed> => {parent_tid=[6153]}, 88) = 6153 [pid 6147] chdir("./file0" [pid 6153] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6152] rt_sigprocmask(SIG_SETMASK, [], [pid 6147] <... chdir resumed>) = 0 [pid 6153] <... rseq resumed>) = 0 [pid 6152] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6147] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... ioctl resumed>) = 0 [pid 6153] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6152] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6147] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6153] <... set_robust_list resumed>) = 0 [pid 6152] <... futex resumed>) = 0 [pid 6147] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6153] rt_sigprocmask(SIG_SETMASK, [], [pid 6152] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6147] <... futex resumed>) = 1 [pid 6146] <... futex resumed>) = 0 [pid 6153] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6147] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6146] exit_group(0 [pid 6153] memfd_create("syzkaller", 0 [pid 6146] <... exit_group resumed>) = ? [pid 5086] close(3 [pid 6147] <... futex resumed>) = ? [pid 6147] +++ exited with 0 +++ [pid 6146] +++ exited with 0 +++ [pid 5086] <... close resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6146, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6153] <... memfd_create resumed>) = 3 [pid 6153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5088] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6154 [pid 5088] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./104/binderfs", ./strace-static-x86_64: Process 6154 attached {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6154] set_robust_list(0x555580b0d6a0, 24 [pid 5088] unlink("./104/binderfs" [pid 6154] <... set_robust_list resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 6154] chdir("./105" [pid 5088] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5088] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 159.283489][ T6147] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5088] newfstatat(AT_FDCWD, "./104/file0", [pid 6154] <... chdir resumed>) = 0 [pid 6150] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6154] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6154] <... prctl resumed>) = 0 [pid 6154] setpgid(0, 0) = 0 [pid 6154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6154] write(3, "1000", 4 [pid 5088] getdents64(4, [pid 6154] <... write resumed>) = 4 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./104/file0" [pid 6154] close(3 [pid 5088] <... rmdir resumed>) = 0 [pid 6154] <... close resumed>) = 0 [pid 6154] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6151] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6154] write(1, "executing program\n", 18 [pid 5088] getdents64(3, executing program [pid 6154] <... write resumed>) = 18 [pid 6153] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6154] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6154] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6154] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6154] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] close(3 [pid 6154] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... close resumed>) = 0 [pid 6154] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] rmdir("./104" [pid 6154] <... mprotect resumed>) = 0 [pid 6154] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... rmdir resumed>) = 0 [pid 6154] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6154] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6155 attached => {parent_tid=[6155]}, 88) = 6155 [pid 6155] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6154] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] mkdir("./105", 0777 [pid 6155] <... rseq resumed>) = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 6155] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6155] <... set_robust_list resumed>) = 0 [pid 6150] <... write resumed>) = 2097152 [pid 6155] rt_sigprocmask(SIG_SETMASK, [], [pid 6154] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6150] munmap(0x7f1df2200000, 138412032 [pid 6155] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6154] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6155] memfd_create("syzkaller", 0 [pid 6154] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6150] <... munmap resumed>) = 0 [pid 6155] <... memfd_create resumed>) = 3 [pid 6151] <... write resumed>) = 2097152 [pid 6155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6150] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6155] <... mmap resumed>) = 0x7f1df2200000 [pid 6151] munmap(0x7f1df2200000, 138412032 [pid 6150] <... openat resumed>) = 4 [pid 6150] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6153] <... write resumed>) = 2097152 [pid 6151] <... munmap resumed>) = 0 [pid 6153] munmap(0x7f1df2200000, 138412032 [pid 6151] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6150] close(3 [pid 6155] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6153] <... munmap resumed>) = 0 [pid 6151] ioctl(4, LOOP_SET_FD, 3 [pid 6150] <... close resumed>) = 0 [pid 6150] close(4) = 0 [pid 6150] mkdir("./file0", 0777) = 0 [pid 6153] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [ 159.427260][ T6150] loop4: detected capacity change from 0 to 4096 [ 159.465747][ T6151] loop0: detected capacity change from 0 to 4096 [pid 6153] ioctl(4, LOOP_SET_FD, 3 [pid 6151] <... ioctl resumed>) = 0 [pid 6153] <... ioctl resumed>) = 0 [pid 6150] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... ioctl resumed>) = 0 [pid 6151] close(3) = 0 [pid 6151] close(4) = 0 [pid 6151] mkdir("./file0", 0777) = 0 [pid 5088] close(3 [pid 6151] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... close resumed>) = 0 [pid 6153] close(3 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6153] <... close resumed>) = 0 [pid 6153] close(4) = 0 [pid 6153] mkdir("./file0", 0777) = 0 [pid 6153] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6156 ./strace-static-x86_64: Process 6156 attached [pid 6156] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6156] chdir("./105") = 0 [pid 6156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6156] setpgid(0, 0) = 0 [pid 6156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6155] <... write resumed>) = 2097152 [ 159.483623][ T6153] loop2: detected capacity change from 0 to 4096 [ 159.494638][ T6150] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 159.496476][ T6151] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 159.524944][ T6153] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 6156] <... openat resumed>) = 3 [pid 6155] munmap(0x7f1df2200000, 138412032 [pid 6156] write(3, "1000", 4executing program ) = 4 [pid 6156] close(3) = 0 [pid 6156] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6156] write(1, "executing program\n", 18) = 18 [pid 6156] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6156] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6156] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6155] <... munmap resumed>) = 0 [pid 6156] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6156] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6156] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6155] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6156] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6155] <... openat resumed>) = 4 [pid 6156] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6155] ioctl(4, LOOP_SET_FD, 3 [pid 6156] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6157 attached => {parent_tid=[6157]}, 88) = 6157 [pid 6157] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6156] rt_sigprocmask(SIG_SETMASK, [], [pid 6157] <... rseq resumed>) = 0 [pid 6156] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6157] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6156] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6157] <... set_robust_list resumed>) = 0 [pid 6157] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 159.597336][ T6155] loop1: detected capacity change from 0 to 4096 [ 159.621834][ T6150] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 159.627379][ T6151] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6157] memfd_create("syzkaller", 0 [pid 6156] <... futex resumed>) = 0 [pid 6155] <... ioctl resumed>) = 0 [pid 6151] <... mount resumed>) = 0 [pid 6150] <... mount resumed>) = 0 [pid 6157] <... memfd_create resumed>) = 3 [pid 6156] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6155] close(3 [pid 6150] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6155] <... close resumed>) = 0 [pid 6150] <... openat resumed>) = 3 [pid 6157] <... mmap resumed>) = 0x7f1df2200000 [pid 6155] close(4 [pid 6150] chdir("./file0" [pid 6155] <... close resumed>) = 0 [pid 6153] <... mount resumed>) = 0 [pid 6151] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6150] <... chdir resumed>) = 0 [pid 6155] mkdir("./file0", 0777 [pid 6153] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6151] <... openat resumed>) = 3 [pid 6150] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6151] chdir("./file0") = 0 [pid 6153] <... openat resumed>) = 3 [pid 6155] <... mkdir resumed>) = 0 [pid 6151] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6150] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6153] chdir("./file0" [pid 6155] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6153] <... chdir resumed>) = 0 [pid 6150] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6153] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6150] <... futex resumed>) = 1 [pid 6150] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6148] <... futex resumed>) = 0 [pid 6153] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6148] exit_group(0 [pid 6150] <... futex resumed>) = ? [pid 6148] <... exit_group resumed>) = ? [ 159.642786][ T6153] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6153] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6151] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6150] +++ exited with 0 +++ [pid 6148] +++ exited with 0 +++ [pid 6153] <... futex resumed>) = 1 [pid 6152] <... futex resumed>) = 0 [pid 6151] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6148, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 6153] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6152] exit_group(0 [pid 6151] <... futex resumed>) = 1 [pid 6149] <... futex resumed>) = 0 [pid 6153] <... futex resumed>) = ? [pid 6152] <... exit_group resumed>) = ? [pid 6151] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6149] exit_group(0) = ? [pid 6151] <... futex resumed>) = ? [pid 5089] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6157] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6153] +++ exited with 0 +++ [pid 6152] +++ exited with 0 +++ [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6152, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5089] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6151] +++ exited with 0 +++ [pid 6149] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6149, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5085] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5085] umount2("./104", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./104", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", [pid 5089] newfstatat(3, "", [pid 5087] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5085] getdents64(3, [pid 5089] getdents64(3, [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./104/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5085] newfstatat(AT_FDCWD, "./104/binderfs", [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] newfstatat(3, "", [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] unlink("./104/binderfs" [pid 5087] getdents64(3, [pid 5085] unlink("./104/binderfs" [pid 5089] <... unlink resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... unlink resumed>) = 0 [pid 5087] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 159.668576][ T6155] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5087] unlink("./105/binderfs") = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5087] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6157] <... write resumed>) = 2097152 [pid 5089] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = 0 [pid 5085] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6157] munmap(0x7f1df2200000, 138412032 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6157] <... munmap resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./104/file0", [pid 5085] newfstatat(AT_FDCWD, "./104/file0", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6157] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6157] ioctl(4, LOOP_SET_FD, 3 [pid 6155] <... mount resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] newfstatat(AT_FDCWD, "./105/file0", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./104/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] openat(AT_FDCWD, "./104/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... openat resumed>) = 4 [pid 5085] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", [pid 5085] newfstatat(4, "", [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6157] <... ioctl resumed>) = 0 [pid 6155] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] getdents64(4, [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] getdents64(4, [pid 6157] close(3 [pid 6155] <... openat resumed>) = 3 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6157] <... close resumed>) = 0 [pid 6155] chdir("./file0" [pid 5089] getdents64(4, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6157] close(4 [pid 6155] <... chdir resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] getdents64(4, [pid 6157] <... close resumed>) = 0 [pid 6155] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] close(4 [pid 5087] <... openat resumed>) = 4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6157] mkdir("./file0", 0777 [pid 6155] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... close resumed>) = 0 [pid 5087] newfstatat(4, "", [pid 5085] close(4 [pid 6155] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] rmdir("./104/file0" [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... close resumed>) = 0 [pid 6157] <... mkdir resumed>) = 0 [pid 6155] <... futex resumed>) = 1 [pid 6154] <... futex resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5087] getdents64(4, [pid 5085] rmdir("./104/file0" [pid 6157] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6155] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6154] exit_group(0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... rmdir resumed>) = 0 [pid 6155] <... futex resumed>) = ? [pid 6154] <... exit_group resumed>) = ? [pid 5089] getdents64(3, [pid 5087] getdents64(4, [pid 6155] +++ exited with 0 +++ [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] getdents64(3, [pid 5089] close(3) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] rmdir("./104" [pid 6154] +++ exited with 0 +++ [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [ 159.748966][ T6155] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 159.767898][ T6157] loop3: detected capacity change from 0 to 4096 [pid 5085] close(3 [pid 5087] close(4 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6154, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5089] <... rmdir resumed>) = 0 [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5085] <... close resumed>) = 0 [pid 5086] <... restart_syscall resumed>) = 0 [pid 5085] rmdir("./104" [pid 5089] mkdir("./105", 0777) = 0 [pid 5086] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... rmdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5086] getdents64(3, [pid 5085] mkdir("./105", 0777 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5085] <... mkdir resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5087] rmdir("./105/file0" [pid 5085] <... openat resumed>) = 3 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] unlink("./105/binderfs" [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5087] getdents64(3, [pid 5086] <... unlink resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 159.791096][ T6157] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5087] close(3) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5087] rmdir("./105" [pid 5086] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6157] <... mount resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./105/file0", [pid 6157] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6157] chdir("./file0" [pid 5086] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6157] <... chdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6157] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6157] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] <... openat resumed>) = 4 [pid 5087] mkdir("./106", 0777) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6157] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] newfstatat(4, "", [pid 5085] <... ioctl resumed>) = 0 [pid 6157] <... futex resumed>) = 1 [pid 6156] <... futex resumed>) = 0 [pid 6157] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6156] exit_group(0 [pid 5086] getdents64(4, [pid 6157] <... futex resumed>) = ? [pid 6156] <... exit_group resumed>) = ? [pid 6157] +++ exited with 0 +++ [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] close(3) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6156] +++ exited with 0 +++ [pid 5086] getdents64(4, [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6156, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5086] close(4 [pid 5089] close(3./strace-static-x86_64: Process 6158 attached ) = 0 [pid 5086] <... close resumed>) = 0 [pid 6158] set_robust_list(0x555580b0d6a0, 24 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] rmdir("./105/file0"./strace-static-x86_64: Process 6159 attached [pid 6158] <... set_robust_list resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6159 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6158 [pid 5086] <... rmdir resumed>) = 0 [pid 6159] set_robust_list(0x555580b0d6a0, 24 [pid 5088] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] getdents64(3, [pid 6159] <... set_robust_list resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [ 159.834338][ T6157] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 6159] chdir("./105" [pid 5088] <... openat resumed>) = 3 [pid 5086] close(3 [pid 6159] <... chdir resumed>) = 0 [pid 6158] chdir("./105" [pid 5088] newfstatat(3, "", [pid 5086] <... close resumed>) = 0 [pid 6159] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5086] rmdir("./105" [pid 6159] <... prctl resumed>) = 0 [pid 6158] <... chdir resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 6159] setpgid(0, 0 [pid 5086] mkdir("./106", 0777 [pid 6159] <... setpgid resumed>) = 0 [pid 6158] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] getdents64(3, [pid 6159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6158] <... prctl resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6158] setpgid(0, 0 [pid 5088] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6158] <... setpgid resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6159] <... openat resumed>) = 3 [pid 6158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] <... mkdir resumed>) = 0 [pid 6159] write(3, "1000", 4 [pid 6158] <... openat resumed>) = 3 [pid 5088] newfstatat(AT_FDCWD, "./105/binderfs", [pid 6159] <... write resumed>) = 4 [pid 6158] write(3, "1000", 4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6159] close(3 [pid 6158] <... write resumed>) = 4 [pid 5088] unlink("./105/binderfs" [pid 6159] <... close resumed>) = 0 [pid 6158] close(3 [pid 5088] <... unlink resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 6159] symlink("/dev/binderfs", "./binderfs" [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6159] <... symlink resumed>) = 0 [pid 6158] <... close resumed>) = 0 [pid 5088] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6158] symlink("/dev/binderfs", "./binderfs"executing program [pid 6159] write(1, "executing program\n", 18 [pid 6158] <... symlink resumed>) = 0 executing program [pid 6159] <... write resumed>) = 18 [pid 6158] write(1, "executing program\n", 18 [pid 6159] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6158] <... write resumed>) = 18 [pid 6159] <... futex resumed>) = 0 [pid 6158] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6159] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6158] <... futex resumed>) = 0 [pid 6159] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6158] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6159] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6158] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6159] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6158] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] <... umount2 resumed>) = 0 [pid 6159] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6158] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6159] <... mmap resumed>) = 0x7f1dfa693000 [pid 6158] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6159] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6158] <... mmap resumed>) = 0x7f1dfa693000 [pid 6159] <... mprotect resumed>) = 0 [pid 6158] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5088] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6158] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6158] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] newfstatat(AT_FDCWD, "./105/file0", [pid 6158] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6160 attached [pid 6159] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6158] <... clone3 resumed> => {parent_tid=[6160]}, 88) = 6160 [pid 6160] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6159] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6158] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6160] <... rseq resumed>) = 0 [pid 6159] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6158] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6161 attached [pid 6160] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6158] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... openat resumed>) = 4 [pid 6161] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6160] <... set_robust_list resumed>) = 0 [pid 6159] <... clone3 resumed> => {parent_tid=[6161]}, 88) = 6161 [pid 6158] <... futex resumed>) = 0 [pid 5088] newfstatat(4, "", [pid 6161] <... rseq resumed>) = 0 [pid 6160] rt_sigprocmask(SIG_SETMASK, [], [pid 6159] rt_sigprocmask(SIG_SETMASK, [], [pid 6158] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 6161] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6160] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6159] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] getdents64(4, [pid 6161] <... set_robust_list resumed>) = 0 [pid 6159] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6161] rt_sigprocmask(SIG_SETMASK, [], [pid 6159] <... futex resumed>) = 0 [pid 5088] getdents64(4, [pid 6161] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6159] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./105/file0") = 0 [pid 6161] memfd_create("syzkaller", 0 [pid 6160] memfd_create("syzkaller", 0 [pid 5087] close(3 [pid 5088] getdents64(3, [pid 6160] <... memfd_create resumed>) = 3 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... close resumed>) = 0 [pid 5088] close(3 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... close resumed>) = 0 [pid 6161] <... memfd_create resumed>) = 3 [pid 6160] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] rmdir("./105") = 0 [pid 6161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6162 [pid 5088] mkdir("./106", 0777) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 6162 attached [pid 6161] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] <... openat resumed>) = 3 [pid 6162] set_robust_list(0x555580b0d6a0, 24 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6162] <... set_robust_list resumed>) = 0 [pid 6162] chdir("./106" [pid 5086] <... ioctl resumed>) = 0 [pid 6162] <... chdir resumed>) = 0 [pid 6162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5086] close(3 [pid 6162] setpgid(0, 0 [pid 5086] <... close resumed>) = 0 [pid 6162] <... setpgid resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6163 ./strace-static-x86_64: Process 6163 attached [pid 6163] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6163] chdir("./106" [pid 6162] write(3, "1000", 4 [pid 6160] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6163] <... chdir resumed>) = 0 [pid 6163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6163] setpgid(0, 0) = 0 [pid 6163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6163] write(3, "1000", 4) = 4 [pid 6162] <... write resumed>) = 4 [pid 6161] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6162] close(3 [pid 6163] close(3) = 0 [pid 6163] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6163] write(1, "executing program\n", 18) = 18 [pid 6163] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6163] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6162] <... close resumed>) = 0 [pid 6162] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 6162] write(1, "executing program\n", 18) = 18 [pid 6163] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6163] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6163] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6162] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6163] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6162] <... futex resumed>) = 0 [pid 6162] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6163] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6163] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6162] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6163] <... clone3 resumed> => {parent_tid=[6164]}, 88) = 6164 [pid 6162] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] close(3 [pid 6163] rt_sigprocmask(SIG_SETMASK, [], [pid 6162] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6163] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 6164 attached [pid 6163] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6162] <... mmap resumed>) = 0x7f1dfa693000 [pid 6164] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6163] <... futex resumed>) = 0 [pid 6164] <... rseq resumed>) = 0 [pid 6163] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6164] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6162] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6164] <... set_robust_list resumed>) = 0 [pid 6164] rt_sigprocmask(SIG_SETMASK, [], [pid 6162] <... mprotect resumed>) = 0 [pid 6164] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6164] memfd_create("syzkaller", 0 [pid 6162] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... close resumed>) = 0 [pid 6162] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6162] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6164] <... memfd_create resumed>) = 3 [pid 6164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6162] <... clone3 resumed> => {parent_tid=[6165]}, 88) = 6165 ./strace-static-x86_64: Process 6165 attached [pid 6164] <... mmap resumed>) = 0x7f1df2200000 [pid 6165] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6162] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 6166 attached [pid 6165] <... rseq resumed>) = 0 [pid 6162] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6166 [pid 6166] set_robust_list(0x555580b0d6a0, 24 [pid 6165] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6162] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6166] <... set_robust_list resumed>) = 0 [pid 6165] <... set_robust_list resumed>) = 0 [pid 6162] <... futex resumed>) = 0 [pid 6166] chdir("./106" [pid 6165] rt_sigprocmask(SIG_SETMASK, [], [pid 6162] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6166] <... chdir resumed>) = 0 [pid 6165] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6166] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6166] setpgid(0, 0 [pid 6165] memfd_create("syzkaller", 0 [pid 6160] <... write resumed>) = 2097152 [pid 6166] <... setpgid resumed>) = 0 [pid 6165] <... memfd_create resumed>) = 3 [pid 6161] <... write resumed>) = 2097152 [pid 6166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6161] munmap(0x7f1df2200000, 138412032 [pid 6166] <... openat resumed>) = 3 [pid 6165] <... mmap resumed>) = 0x7f1df2200000 [pid 6160] munmap(0x7f1df2200000, 138412032 [pid 6166] write(3, "1000", 4 [pid 6164] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6160] <... munmap resumed>) = 0 [pid 6166] <... write resumed>) = 4 [pid 6160] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6160] ioctl(4, LOOP_SET_FD, 3 [pid 6166] close(3) = 0 [pid 6166] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6161] <... munmap resumed>) = 0 executing program [pid 6166] write(1, "executing program\n", 18) = 18 [pid 6161] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6166] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6161] <... openat resumed>) = 4 [pid 6166] <... futex resumed>) = 0 [pid 6161] ioctl(4, LOOP_SET_FD, 3 [pid 6166] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6161] <... ioctl resumed>) = 0 [pid 6160] <... ioctl resumed>) = 0 [pid 6166] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6166] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6160] close(3 [pid 6166] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6160] <... close resumed>) = 0 [pid 6166] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6160] close(4 [pid 6166] <... mmap resumed>) = 0x7f1dfa693000 [pid 6160] <... close resumed>) = 0 [pid 6166] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6160] mkdir("./file0", 0777 [pid 6166] <... mprotect resumed>) = 0 [pid 6160] <... mkdir resumed>) = 0 [pid 6166] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6161] close(3 [pid 6160] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6166] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6165] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6161] <... close resumed>) = 0 [pid 6161] close(4 [pid 6166] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6161] <... close resumed>) = 0 [pid 6161] mkdir("./file0", 0777./strace-static-x86_64: Process 6167 attached ) = 0 [pid 6167] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [ 160.155507][ T6160] loop0: detected capacity change from 0 to 4096 [ 160.171723][ T6161] loop4: detected capacity change from 0 to 4096 [ 160.190986][ T6160] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 6161] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6167] <... rseq resumed>) = 0 [pid 6166] <... clone3 resumed> => {parent_tid=[6167]}, 88) = 6167 [pid 6164] <... write resumed>) = 2097152 [pid 6167] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6166] rt_sigprocmask(SIG_SETMASK, [], [pid 6167] <... set_robust_list resumed>) = 0 [pid 6166] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6165] <... write resumed>) = 2097152 [pid 6167] rt_sigprocmask(SIG_SETMASK, [], [pid 6166] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6165] munmap(0x7f1df2200000, 138412032 [pid 6164] munmap(0x7f1df2200000, 138412032 [pid 6167] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6166] <... futex resumed>) = 0 [pid 6166] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6167] memfd_create("syzkaller", 0) = 3 [pid 6167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6164] <... munmap resumed>) = 0 [pid 6167] <... mmap resumed>) = 0x7f1df2200000 [pid 6164] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [ 160.209437][ T6161] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 6164] ioctl(4, LOOP_SET_FD, 3 [pid 6165] <... munmap resumed>) = 0 [pid 6165] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6165] ioctl(4, LOOP_SET_FD, 3 [pid 6160] <... mount resumed>) = 0 [pid 6164] <... ioctl resumed>) = 0 [pid 6160] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6165] <... ioctl resumed>) = 0 [pid 6164] close(3 [pid 6161] <... mount resumed>) = 0 [pid 6160] <... openat resumed>) = 3 [pid 6167] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6165] close(3 [pid 6164] <... close resumed>) = 0 [pid 6161] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6165] <... close resumed>) = 0 [pid 6164] close(4 [pid 6160] chdir("./file0" [pid 6165] close(4 [pid 6164] <... close resumed>) = 0 [pid 6161] <... openat resumed>) = 3 [pid 6160] <... chdir resumed>) = 0 [pid 6165] <... close resumed>) = 0 [pid 6164] mkdir("./file0", 0777 [pid 6161] chdir("./file0" [pid 6160] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6165] mkdir("./file0", 0777 [pid 6160] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6164] <... mkdir resumed>) = 0 [pid 6161] <... chdir resumed>) = 0 [ 160.275233][ T6164] loop1: detected capacity change from 0 to 4096 [ 160.285404][ T6160] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 160.294512][ T6165] loop2: detected capacity change from 0 to 4096 [ 160.301489][ T6161] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6160] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6165] <... mkdir resumed>) = 0 [pid 6164] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6161] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6160] <... futex resumed>) = 1 [pid 6158] <... futex resumed>) = 0 [pid 6167] <... write resumed>) = 2097152 [pid 6165] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6161] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6160] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6158] exit_group(0 [pid 6161] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6160] <... futex resumed>) = ? [pid 6158] <... exit_group resumed>) = ? [pid 6161] <... futex resumed>) = 1 [pid 6160] +++ exited with 0 +++ [pid 6159] <... futex resumed>) = 0 [pid 6158] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6158, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6167] munmap(0x7f1df2200000, 138412032 [pid 5085] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6167] <... munmap resumed>) = 0 [pid 6161] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6159] exit_group(0 [pid 5085] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./105/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./105/binderfs" [pid 6161] <... futex resumed>) = ? [pid 6159] <... exit_group resumed>) = ? [pid 5085] <... unlink resumed>) = 0 [pid 6167] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6167] <... openat resumed>) = 4 [pid 6167] ioctl(4, LOOP_SET_FD, 3 [pid 6161] +++ exited with 0 +++ [pid 6159] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6159, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5089] umount2("./105", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./105", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 5085] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] umount2("./105/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(AT_FDCWD, "./105/file0", [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] newfstatat(AT_FDCWD, "./105/binderfs", [pid 5085] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] unlink("./105/binderfs") = 0 [pid 5085] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 6167] <... ioctl resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5085] rmdir("./105/file0" [pid 6167] close(3 [pid 5089] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... rmdir resumed>) = 0 [pid 6167] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6167] close(4) = 0 [pid 5089] newfstatat(AT_FDCWD, "./105/file0", [pid 6167] mkdir("./file0", 0777 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] getdents64(3, [pid 6167] <... mkdir resumed>) = 0 [pid 5089] umount2("./105/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 160.364693][ T6164] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 160.374475][ T6165] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 160.396565][ T6167] loop3: detected capacity change from 0 to 4096 [pid 5089] openat(AT_FDCWD, "./105/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] close(3 [pid 6167] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... openat resumed>) = 4 [pid 5085] <... close resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 5085] rmdir("./105") = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./105/file0") = 0 [pid 5085] mkdir("./106", 0777) = 0 [pid 5089] getdents64(3, [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5089] close(3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./105") = 0 [pid 5089] mkdir("./106", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6164] <... mount resumed>) = 0 [pid 6165] <... mount resumed>) = 0 [pid 6164] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6165] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6164] <... openat resumed>) = 3 [pid 6165] chdir("./file0" [pid 6164] chdir("./file0" [pid 6165] <... chdir resumed>) = 0 [ 160.450221][ T6167] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 160.470137][ T6164] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 160.486051][ T6165] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6164] <... chdir resumed>) = 0 [pid 6165] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6164] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6165] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6164] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6165] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6164] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6165] <... futex resumed>) = 1 [pid 6162] <... futex resumed>) = 0 [pid 6164] <... futex resumed>) = 1 [pid 6165] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6162] exit_group(0 [pid 6167] <... mount resumed>) = 0 [pid 6164] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6163] <... futex resumed>) = 0 [pid 6162] <... exit_group resumed>) = ? [pid 6165] <... futex resumed>) = ? [pid 6167] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6165] +++ exited with 0 +++ [pid 6163] exit_group(0 [pid 6167] <... openat resumed>) = 3 [pid 6164] <... futex resumed>) = ? [pid 6163] <... exit_group resumed>) = ? [pid 6167] chdir("./file0" [pid 6164] +++ exited with 0 +++ [pid 6167] <... chdir resumed>) = 0 [pid 6167] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6163] +++ exited with 0 +++ [pid 6162] +++ exited with 0 +++ [pid 6167] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6162, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 6167] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6163, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 6166] <... futex resumed>) = 0 [pid 5087] <... restart_syscall resumed>) = 0 [pid 6167] <... futex resumed>) = 1 [pid 6166] exit_group(0 [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 6166] <... exit_group resumed>) = ? [pid 5086] <... restart_syscall resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5087] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] close(3 [pid 6167] +++ exited with 0 +++ [pid 6166] +++ exited with 0 +++ [pid 5087] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... openat resumed>) = 3 [pid 5085] <... close resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] close(3 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6166, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5087] newfstatat(3, "", [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6168 [pid 5089] <... close resumed>) = 0 [pid 5088] <... restart_syscall resumed>) = 0 [pid 5087] getdents64(3, [pid 5086] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6168 attached [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(AT_FDCWD, "./106/binderfs", [pid 5088] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6169 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./106/binderfs", [pid 5086] unlink("./106/binderfs"./strace-static-x86_64: Process 6169 attached [pid 5088] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... unlink resumed>) = 0 [pid 6168] set_robust_list(0x555580b0d6a0, 24 [pid 5088] <... openat resumed>) = 3 [pid 6168] <... set_robust_list resumed>) = 0 [pid 5088] newfstatat(3, "", [pid 5087] unlink("./106/binderfs" [pid 5086] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6169] set_robust_list(0x555580b0d6a0, 24 [pid 6168] chdir("./106" [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 6168] <... chdir resumed>) = 0 [pid 5088] getdents64(3, [pid 5087] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6168] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... umount2 resumed>) = 0 [pid 6168] <... prctl resumed>) = 0 [pid 5088] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6168] setpgid(0, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6168] <... setpgid resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./106/binderfs", [pid 6168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 160.546222][ T6167] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 6169] <... set_robust_list resumed>) = 0 [pid 6168] <... openat resumed>) = 3 [pid 5088] unlink("./106/binderfs" [pid 5086] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6169] chdir("./106" [pid 6168] write(3, "1000", 4 [pid 5088] <... unlink resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6168] <... write resumed>) = 4 [pid 5086] newfstatat(AT_FDCWD, "./106/file0", [pid 6168] close(3) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6168] symlink("/dev/binderfs", "./binderfs" [pid 5086] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... umount2 resumed>) = 0 [pid 6169] <... chdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6168] <... symlink resumed>) = 0 [pid 6168] write(1, "executing program\n", 18) = 18 [pid 6168] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6168] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6169] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6168] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5086] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6169] <... prctl resumed>) = 0 [pid 5088] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = 0 [pid 6169] setpgid(0, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... openat resumed>) = 4 [pid 6169] <... setpgid resumed>) = 0 [pid 6168] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] newfstatat(AT_FDCWD, "./106/file0", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(4, "", [pid 6168] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6168] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6168] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] newfstatat(AT_FDCWD, "./106/file0", [pid 5086] getdents64(4, [pid 6169] <... openat resumed>) = 3 [pid 6168] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6169] write(3, "1000", 4 [pid 6168] <... mprotect resumed>) = 0 [pid 5088] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6169] <... write resumed>) = 4 [pid 6168] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(4, [pid 6169] close(3 [pid 6168] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6169] <... close resumed>) = 0 [pid 6168] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... openat resumed>) = 4 [pid 5087] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] close(4./strace-static-x86_64: Process 6170 attached [pid 6169] symlink("/dev/binderfs", "./binderfs" [pid 5088] newfstatat(4, "", [pid 5087] <... openat resumed>) = 4 [pid 5086] <... close resumed>) = 0 [pid 6170] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6169] <... symlink resumed>) = 0 [pid 6168] <... clone3 resumed> => {parent_tid=[6170]}, 88) = 6170 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 5087] newfstatat(4, "", [pid 5086] rmdir("./106/file0" [pid 6170] <... rseq resumed>) = 0 [pid 6169] write(1, "executing program\n", 18 [pid 6168] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] getdents64(4, [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 6170] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6169] <... write resumed>) = 18 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, [pid 5086] getdents64(3, [pid 6170] <... set_robust_list resumed>) = 0 [pid 6169] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6168] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] getdents64(4, [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6170] rt_sigprocmask(SIG_SETMASK, [], [pid 6169] <... futex resumed>) = 0 [pid 6168] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] getdents64(4, [pid 5086] close(3 [pid 6170] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6169] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6168] <... futex resumed>) = 0 [pid 5088] close(4 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... close resumed>) = 0 [pid 6169] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6168] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... close resumed>) = 0 [pid 5087] close(4 [pid 5086] rmdir("./106" [pid 6169] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] rmdir("./106/file0" [pid 5087] <... close resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 6170] memfd_create("syzkaller", 0 [pid 6169] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5087] rmdir("./106/file0" [pid 5086] mkdir("./107", 0777 [pid 6170] <... memfd_create resumed>) = 3 [pid 6169] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6169] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... rmdir resumed>) = 0 [pid 6169] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] getdents64(3, [pid 5087] getdents64(3, [pid 5086] <... mkdir resumed>) = 0 [pid 6169] <... mprotect resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6169] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] close(3 [pid 6169] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... close resumed>) = 0 [pid 6169] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] close(3 [pid 5087] rmdir("./106" [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 6171 attached [pid 5088] <... close resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 6171] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6169] <... clone3 resumed> => {parent_tid=[6171]}, 88) = 6171 [pid 5088] rmdir("./106" [pid 5086] <... openat resumed>) = 3 [pid 6171] <... rseq resumed>) = 0 [pid 6169] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] mkdir("./107", 0777 [pid 6171] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6169] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6171] <... set_robust_list resumed>) = 0 [pid 6169] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... mkdir resumed>) = 0 [pid 6171] rt_sigprocmask(SIG_SETMASK, [], [pid 6169] <... futex resumed>) = 0 [pid 6171] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6169] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] mkdir("./107", 0777) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6171] memfd_create("syzkaller", 0) = 3 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6171] <... mmap resumed>) = 0x7f1df2200000 [pid 6170] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6170] munmap(0x7f1df2200000, 138412032 [pid 6171] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6170] <... munmap resumed>) = 0 [pid 6170] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6170] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6171] <... write resumed>) = 2097152 [pid 6170] close(3) = 0 [pid 6170] close(4) = 0 [pid 6170] mkdir("./file0", 0777) = 0 [pid 6171] munmap(0x7f1df2200000, 138412032 [pid 6170] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6171] <... munmap resumed>) = 0 [ 160.716300][ T6170] loop0: detected capacity change from 0 to 4096 [pid 6171] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6171] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... ioctl resumed>) = 0 [pid 6171] <... ioctl resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] close(3) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6172 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6173 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6174 ./strace-static-x86_64: Process 6172 attached ./strace-static-x86_64: Process 6174 attached [pid 6172] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6172] chdir("./107"./strace-static-x86_64: Process 6173 attached [pid 6173] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6173] chdir("./107") = 0 [pid 6174] set_robust_list(0x555580b0d6a0, 24 [pid 6173] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6174] <... set_robust_list resumed>) = 0 [pid 6173] <... prctl resumed>) = 0 [pid 6174] chdir("./107" [pid 6173] setpgid(0, 0 [pid 6172] <... chdir resumed>) = 0 [pid 6171] close(3 [pid 6173] <... setpgid resumed>) = 0 [pid 6171] <... close resumed>) = 0 [pid 6174] <... chdir resumed>) = 0 [pid 6173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6172] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6171] close(4 [pid 6174] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6172] <... prctl resumed>) = 0 [pid 6174] <... prctl resumed>) = 0 [pid 6171] <... close resumed>) = 0 [pid 6174] setpgid(0, 0 [pid 6173] <... openat resumed>) = 3 [pid 6171] mkdir("./file0", 0777 [pid 6174] <... setpgid resumed>) = 0 [pid 6173] write(3, "1000", 4) = 4 [pid 6171] <... mkdir resumed>) = 0 [pid 6174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6173] close(3 [pid 6171] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6173] <... close resumed>) = 0 [pid 6174] <... openat resumed>) = 3 [ 160.771761][ T6170] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 160.793834][ T6171] loop4: detected capacity change from 0 to 4096 [pid 6173] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6174] write(3, "1000", 4 [pid 6173] write(1, "executing program\n", 18) = 18 [pid 6173] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6173] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6173] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6173] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6173] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6174] <... write resumed>) = 4 [pid 6173] <... mprotect resumed>) = 0 [pid 6174] close(3 [pid 6173] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6172] setpgid(0, 0 [pid 6174] <... close resumed>) = 0 [pid 6173] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6172] <... setpgid resumed>) = 0 [pid 6174] symlink("/dev/binderfs", "./binderfs" [pid 6173] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}executing program ./strace-static-x86_64: Process 6175 attached [pid 6174] <... symlink resumed>) = 0 [pid 6172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6174] write(1, "executing program\n", 18) = 18 [pid 6173] <... clone3 resumed> => {parent_tid=[6175]}, 88) = 6175 [pid 6172] <... openat resumed>) = 3 [pid 6175] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6174] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6173] rt_sigprocmask(SIG_SETMASK, [], [pid 6175] <... rseq resumed>) = 0 [pid 6174] <... futex resumed>) = 0 [pid 6173] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6175] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6174] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6173] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6172] write(3, "1000", 4 [pid 6175] <... set_robust_list resumed>) = 0 [pid 6174] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6173] <... futex resumed>) = 0 [pid 6172] <... write resumed>) = 4 [pid 6175] rt_sigprocmask(SIG_SETMASK, [], [pid 6174] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6173] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6175] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6174] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6172] close(3 [pid 6175] memfd_create("syzkaller", 0 [pid 6174] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6172] <... close resumed>) = 0 [pid 6174] <... mmap resumed>) = 0x7f1dfa693000 [pid 6172] symlink("/dev/binderfs", "./binderfs" [pid 6175] <... memfd_create resumed>) = 3 [pid 6174] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6172] <... symlink resumed>) = 0 [pid 6175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0executing program [pid 6174] <... mprotect resumed>) = 0 [pid 6172] write(1, "executing program\n", 18 [pid 6175] <... mmap resumed>) = 0x7f1df2200000 [pid 6174] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6172] <... write resumed>) = 18 [pid 6174] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6172] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6174] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6172] <... futex resumed>) = 0 [pid 6170] <... mount resumed>) = 0 ./strace-static-x86_64: Process 6176 attached [pid 6172] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6176] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6174] <... clone3 resumed> => {parent_tid=[6176]}, 88) = 6176 [pid 6172] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6176] <... rseq resumed>) = 0 [pid 6174] rt_sigprocmask(SIG_SETMASK, [], [pid 6170] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6176] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6172] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6170] <... openat resumed>) = 3 [pid 6174] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6176] <... set_robust_list resumed>) = 0 [pid 6174] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6172] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6176] rt_sigprocmask(SIG_SETMASK, [], [pid 6174] <... futex resumed>) = 0 [pid 6172] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6176] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6174] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6170] chdir("./file0" [pid 6172] <... mmap resumed>) = 0x7f1dfa693000 [pid 6170] <... chdir resumed>) = 0 [pid 6170] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6170] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [ 160.848179][ T6171] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 160.865191][ T6170] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6176] memfd_create("syzkaller", 0 [pid 6172] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6170] <... futex resumed>) = 1 [pid 6170] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6172] <... mprotect resumed>) = 0 [pid 6168] <... futex resumed>) = 0 [pid 6168] exit_group(0 [pid 6170] <... futex resumed>) = ? [pid 6168] <... exit_group resumed>) = ? [pid 6172] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6170] +++ exited with 0 +++ [pid 6176] <... memfd_create resumed>) = 3 [pid 6172] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6168] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6168, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6172] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6177 attached [pid 6177] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6177] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6177] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6177] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6172] <... clone3 resumed> => {parent_tid=[6177]}, 88) = 6177 [pid 6176] <... mmap resumed>) = 0x7f1df2200000 [pid 6172] rt_sigprocmask(SIG_SETMASK, [], [pid 6175] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6172] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6172] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5085] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6177] <... futex resumed>) = 0 [pid 6172] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6171] <... mount resumed>) = 0 [pid 6177] memfd_create("syzkaller", 0 [pid 6171] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... openat resumed>) = 3 [pid 6177] <... memfd_create resumed>) = 3 [pid 6171] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 6171] chdir("./file0") = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6171] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6171] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] getdents64(3, [pid 6177] <... mmap resumed>) = 0x7f1df2200000 [pid 6171] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6176] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6171] <... futex resumed>) = 1 [pid 6169] <... futex resumed>) = 0 [pid 5085] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6171] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6169] exit_group(0) = ? [pid 6171] <... futex resumed>) = ? [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 160.937576][ T6171] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5085] newfstatat(AT_FDCWD, "./106/binderfs", [pid 6171] +++ exited with 0 +++ [pid 6169] +++ exited with 0 +++ [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6169, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5085] unlink("./106/binderfs" [pid 5089] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 6176] <... write resumed>) = 2097152 [pid 6175] <... write resumed>) = 2097152 [pid 5089] umount2("./106", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6176] munmap(0x7f1df2200000, 138412032 [pid 6175] munmap(0x7f1df2200000, 138412032 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6176] <... munmap resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./106", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./106/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./106/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./106/binderfs") = 0 [pid 5089] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5089] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./106/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6176] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6175] <... munmap resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6175] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] <... openat resumed>) = 4 [pid 5085] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6176] <... openat resumed>) = 4 [pid 6175] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", [pid 6176] ioctl(4, LOOP_SET_FD, 3 [pid 6175] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] getdents64(4, [pid 5085] newfstatat(AT_FDCWD, "./106/file0", [pid 6177] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6176] <... ioctl resumed>) = 0 [pid 6175] <... ioctl resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] getdents64(4, [pid 6177] <... write resumed>) = 2097152 [pid 6176] close(3 [pid 6175] close(3 [pid 5085] umount2("./106/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6176] <... close resumed>) = 0 [pid 6175] <... close resumed>) = 0 [pid 6177] munmap(0x7f1df2200000, 138412032 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6176] close(4 [pid 6175] close(4 [pid 5085] openat(AT_FDCWD, "./106/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6176] <... close resumed>) = 0 [pid 6175] <... close resumed>) = 0 [pid 6175] mkdir("./file0", 0777 [pid 6177] <... munmap resumed>) = 0 [pid 6176] mkdir("./file0", 0777 [pid 5089] close(4 [pid 5085] <... openat resumed>) = 4 [pid 6177] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6176] <... mkdir resumed>) = 0 [pid 6175] <... mkdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [ 161.050440][ T6176] loop3: detected capacity change from 0 to 4096 [ 161.057497][ T6175] loop1: detected capacity change from 0 to 4096 [pid 5085] newfstatat(4, "", [pid 6177] <... openat resumed>) = 4 [pid 5089] rmdir("./106/file0" [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6177] ioctl(4, LOOP_SET_FD, 3 [pid 6176] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] getdents64(4, [pid 6177] <... ioctl resumed>) = 0 [pid 6175] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... rmdir resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./106/file0") = 0 [pid 5089] getdents64(3, [pid 5085] getdents64(3, [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5085] close(3 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./106") = 0 [pid 6177] close(3 [pid 5089] mkdir("./107", 0777) = 0 [pid 6177] <... close resumed>) = 0 [ 161.113946][ T6177] loop2: detected capacity change from 0 to 4096 [ 161.128559][ T6175] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 161.141174][ T6176] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6177] close(4 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6177] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5085] <... close resumed>) = 0 [pid 6177] mkdir("./file0", 0777 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6177] <... mkdir resumed>) = 0 [pid 5085] rmdir("./106" [pid 6177] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... rmdir resumed>) = 0 [pid 5085] mkdir("./107", 0777) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 161.166190][ T6177] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6176] <... mount resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 6177] <... mount resumed>) = 0 [pid 6176] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6176] chdir("./file0" [pid 5085] <... ioctl resumed>) = 0 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6178 attached [pid 6177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6176] <... chdir resumed>) = 0 [pid 5085] close(3 [pid 6176] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... close resumed>) = 0 [pid 6178] set_robust_list(0x555580b0d6a0, 24 [pid 6176] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6178 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6178] <... set_robust_list resumed>) = 0 [pid 6178] chdir("./107" [pid 6176] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6178] <... chdir resumed>) = 0 [pid 6178] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6179 attached ) = 0 [ 161.218261][ T6176] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 161.252056][ T6177] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6177] <... openat resumed>) = 3 [pid 6176] <... futex resumed>) = 1 [pid 6174] <... futex resumed>) = 0 [pid 6179] set_robust_list(0x555580b0d6a0, 24 [pid 6178] setpgid(0, 0 [pid 6177] chdir("./file0" [pid 6176] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6174] exit_group(0 [pid 6179] <... set_robust_list resumed>) = 0 [pid 6178] <... setpgid resumed>) = 0 [pid 6177] <... chdir resumed>) = 0 [pid 6176] <... futex resumed>) = ? [pid 6174] <... exit_group resumed>) = ? [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6179 [pid 6179] chdir("./107" [pid 6178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6177] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6176] +++ exited with 0 +++ [pid 6178] <... openat resumed>) = 3 [pid 6178] write(3, "1000", 4) = 4 [pid 6178] close(3) = 0 [pid 6178] symlink("/dev/binderfs", "./binderfs" [pid 6174] +++ exited with 0 +++ [pid 6179] <... chdir resumed>) = 0 [pid 6177] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6174, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 6179] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6178] <... symlink resumed>) = 0 [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 6177] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000executing program [pid 6179] <... prctl resumed>) = 0 [pid 6178] write(1, "executing program\n", 18 [pid 6177] <... futex resumed>) = 1 [pid 6172] <... futex resumed>) = 0 [pid 5088] <... restart_syscall resumed>) = 0 [pid 6179] setpgid(0, 0 [pid 6178] <... write resumed>) = 18 [pid 6172] exit_group(0 [pid 6178] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6179] <... setpgid resumed>) = 0 [pid 6178] <... futex resumed>) = 0 [pid 6172] <... exit_group resumed>) = ? [pid 6179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6178] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6177] +++ exited with 0 +++ [pid 6172] +++ exited with 0 +++ [pid 6179] <... openat resumed>) = 3 [pid 6178] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6172, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 6179] write(3, "1000", 4 [pid 6178] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6178] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6179] <... write resumed>) = 4 [pid 6178] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] <... openat resumed>) = 3 [pid 5087] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6179] close(3 [pid 6178] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] newfstatat(3, "", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6178] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] getdents64(3, [pid 5087] <... openat resumed>) = 3 [pid 6178] <... mprotect resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] newfstatat(3, "", [pid 5088] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] getdents64(3, [pid 5088] newfstatat(AT_FDCWD, "./107/binderfs", [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6178] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6178] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5088] unlink("./107/binderfs" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6178] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5088] <... unlink resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./107/binderfs", [pid 6178] <... clone3 resumed> => {parent_tid=[6180]}, 88) = 6180 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6180 attached [pid 6179] <... close resumed>) = 0 [pid 6178] rt_sigprocmask(SIG_SETMASK, [], [pid 5088] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] unlink("./107/binderfs" [pid 6180] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6179] symlink("/dev/binderfs", "./binderfs" [pid 6178] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 6180] <... rseq resumed>) = 0 [pid 6179] <... symlink resumed>) = 0 executing program [pid 6179] write(1, "executing program\n", 18) = 18 [pid 6179] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6179] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 6180] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6179] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6178] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6180] <... set_robust_list resumed>) = 0 [pid 6179] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6178] <... futex resumed>) = 0 [pid 6175] <... mount resumed>) = 0 [pid 6180] rt_sigprocmask(SIG_SETMASK, [], [pid 6179] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6178] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6180] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6179] <... mmap resumed>) = 0x7f1dfa693000 [pid 6175] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] newfstatat(AT_FDCWD, "./107/file0", [pid 6179] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6179] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6179] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6180] memfd_create("syzkaller", 0./strace-static-x86_64: Process 6181 attached [pid 6179] <... clone3 resumed> => {parent_tid=[6181]}, 88) = 6181 [pid 6175] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6181] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6179] rt_sigprocmask(SIG_SETMASK, [], [pid 6181] <... rseq resumed>) = 0 [pid 6181] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6179] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6181] <... set_robust_list resumed>) = 0 [pid 6179] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6181] rt_sigprocmask(SIG_SETMASK, [], [pid 6179] <... futex resumed>) = 0 [pid 6181] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6179] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6181] memfd_create("syzkaller", 0 [pid 6180] <... memfd_create resumed>) = 3 [pid 6175] chdir("./file0" [pid 5088] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = 0 [pid 6181] <... memfd_create resumed>) = 3 [pid 6180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6175] <... chdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6180] <... mmap resumed>) = 0x7f1df2200000 [pid 6175] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6181] <... mmap resumed>) = 0x7f1df2200000 [pid 6175] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] <... openat resumed>) = 4 [pid 5087] newfstatat(AT_FDCWD, "./107/file0", [pid 5088] newfstatat(4, "", [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] getdents64(4, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] getdents64(4, [pid 5087] <... openat resumed>) = 4 [pid 6175] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] newfstatat(4, "", [pid 6175] <... futex resumed>) = 1 [pid 6175] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6173] <... futex resumed>) = 0 [pid 5088] close(4 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6173] exit_group(0 [pid 5088] <... close resumed>) = 0 [pid 5087] getdents64(4, [pid 6175] <... futex resumed>) = ? [pid 6173] <... exit_group resumed>) = ? [pid 5088] rmdir("./107/file0" [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] <... rmdir resumed>) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5088] getdents64(3, [pid 5087] rmdir("./107/file0" [pid 6175] +++ exited with 0 +++ [pid 6173] +++ exited with 0 +++ [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5088] close(3 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6173, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./107") = 0 [ 161.345657][ T6175] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5086] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(3, [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] mkdir("./108", 0777 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] <... mkdir resumed>) = 0 [pid 5087] close(3 [pid 5086] <... openat resumed>) = 3 [pid 5087] <... close resumed>) = 0 [pid 5086] newfstatat(3, "", [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] rmdir("./107" [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, [pid 5087] mkdir("./108", 0777 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] <... mkdir resumed>) = 0 [pid 5086] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6180] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... openat resumed>) = 3 [pid 5086] newfstatat(AT_FDCWD, "./107/binderfs", [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./107/binderfs") = 0 [pid 5086] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5086] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./107/file0", [pid 6181] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6180] <... write resumed>) = 2097152 [pid 6180] munmap(0x7f1df2200000, 138412032 [pid 5086] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6181] <... write resumed>) = 2097152 [pid 6180] <... munmap resumed>) = 0 [pid 6181] munmap(0x7f1df2200000, 138412032 [pid 6180] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6180] ioctl(4, LOOP_SET_FD, 3 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./107/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6180] <... ioctl resumed>) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./107") = 0 [pid 5086] mkdir("./108", 0777) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6181] <... munmap resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 6180] close(3) = 0 [pid 6181] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6180] close(4 [pid 5087] close(3 [pid 6181] <... openat resumed>) = 4 [pid 6180] <... close resumed>) = 0 [pid 6181] ioctl(4, LOOP_SET_FD, 3 [ 161.483020][ T6180] loop4: detected capacity change from 0 to 4096 [pid 6180] mkdir("./file0", 0777) = 0 [pid 6180] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... close resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6182 attached [pid 6182] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6182] chdir("./108") = 0 [pid 6182] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 6182] setpgid(0, 0) = 0 [pid 6181] <... ioctl resumed>) = 0 [pid 6181] close(3 [pid 6182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6181] <... close resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6182 [pid 6181] close(4 [ 161.523708][ T6181] loop0: detected capacity change from 0 to 4096 [ 161.532070][ T6180] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5088] close(3executing program [pid 6182] <... openat resumed>) = 3 [pid 6181] <... close resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 6181] mkdir("./file0", 0777) = 0 [pid 6181] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6182] write(3, "1000", 4) = 4 [pid 6182] close(3) = 0 [pid 6182] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6182] write(1, "executing program\n", 18) = 18 [pid 6182] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6182] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6183 attached [pid 6182] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6180] <... mount resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6183 [pid 6183] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6183] chdir("./108" [pid 5086] close(3 [pid 6183] <... chdir resumed>) = 0 [pid 6182] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5086] <... close resumed>) = 0 [pid 6183] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6182] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6183] <... prctl resumed>) = 0 [pid 6183] setpgid(0, 0 [pid 6180] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6184 attached [pid 6183] <... setpgid resumed>) = 0 [pid 6182] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6180] chdir("./file0" [pid 6184] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6184] chdir("./108" [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6184 [pid 6184] <... chdir resumed>) = 0 [pid 6183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6182] <... mmap resumed>) = 0x7f1dfa693000 [pid 6180] <... chdir resumed>) = 0 [pid 6184] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6180] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6182] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6184] setpgid(0, 0 [pid 6183] <... openat resumed>) = 3 [pid 6182] <... mprotect resumed>) = 0 [pid 6184] <... setpgid resumed>) = 0 [pid 6184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6183] write(3, "1000", 4 [pid 6182] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6180] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6182] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6183] <... write resumed>) = 4 [pid 6180] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6183] close(3 [pid 6180] <... futex resumed>) = 1 [pid 6178] <... futex resumed>) = 0 [ 161.573133][ T6180] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 161.580574][ T6181] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 6182] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6184] <... openat resumed>) = 3 [pid 6183] <... close resumed>) = 0 [pid 6180] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6178] exit_group(0 [pid 6184] write(3, "1000", 4 [pid 6178] <... exit_group resumed>) = ? [pid 6184] <... write resumed>) = 4 [pid 6184] close(3) = 0 [pid 6183] symlink("/dev/binderfs", "./binderfs" [pid 6180] <... futex resumed>) = ? ./strace-static-x86_64: Process 6185 attached [pid 6184] symlink("/dev/binderfs", "./binderfs" [pid 6185] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6184] <... symlink resumed>) = 0 executing program executing program [pid 6183] <... symlink resumed>) = 0 [pid 6185] <... rseq resumed>) = 0 [pid 6184] write(1, "executing program\n", 18 [pid 6183] write(1, "executing program\n", 18 [pid 6182] <... clone3 resumed> => {parent_tid=[6185]}, 88) = 6185 [pid 6185] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6184] <... write resumed>) = 18 [pid 6183] <... write resumed>) = 18 [pid 6182] rt_sigprocmask(SIG_SETMASK, [], [pid 6185] <... set_robust_list resumed>) = 0 [pid 6184] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6182] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6180] +++ exited with 0 +++ [pid 6178] +++ exited with 0 +++ [pid 6185] rt_sigprocmask(SIG_SETMASK, [], [pid 6183] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6182] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6178, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6185] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6184] <... futex resumed>) = 0 [pid 6183] <... futex resumed>) = 0 [pid 6182] <... futex resumed>) = 0 [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 6185] memfd_create("syzkaller", 0 [pid 6184] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... restart_syscall resumed>) = 0 [pid 6182] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6183] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6183] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6183] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6184] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] <... openat resumed>) = 3 [pid 6183] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6185] <... memfd_create resumed>) = 3 [pid 6184] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6183] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] newfstatat(3, "", [pid 6185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6183] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6185] <... mmap resumed>) = 0x7f1df2200000 [pid 6184] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6183] <... mprotect resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6184] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] getdents64(3, [pid 6183] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6184] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6184] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6184] <... mprotect resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6184] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6183] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] newfstatat(AT_FDCWD, "./107/binderfs", [pid 6184] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6183] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6181] <... mount resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 6186 attached [pid 6184] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6181] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] unlink("./107/binderfs"./strace-static-x86_64: Process 6187 attached [pid 6186] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6183] <... clone3 resumed> => {parent_tid=[6186]}, 88) = 6186 [pid 6181] <... openat resumed>) = 3 [pid 6186] <... rseq resumed>) = 0 [pid 6183] rt_sigprocmask(SIG_SETMASK, [], [pid 6186] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6187] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6186] <... set_robust_list resumed>) = 0 [pid 6184] <... clone3 resumed> => {parent_tid=[6187]}, 88) = 6187 [pid 6183] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6181] chdir("./file0" [pid 5089] <... unlink resumed>) = 0 [pid 6186] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6186] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 161.654662][ T6181] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6187] <... rseq resumed>) = 0 [pid 6185] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6184] rt_sigprocmask(SIG_SETMASK, [], [pid 6183] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6181] <... chdir resumed>) = 0 [pid 5089] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6187] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6186] <... futex resumed>) = 0 [pid 6184] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6183] <... futex resumed>) = 1 [pid 6187] <... set_robust_list resumed>) = 0 [pid 6187] rt_sigprocmask(SIG_SETMASK, [], [pid 6186] memfd_create("syzkaller", 0 [pid 6184] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6183] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6181] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6187] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6184] <... futex resumed>) = 0 [pid 6181] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6181] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6181] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6187] memfd_create("syzkaller", 0 [pid 6184] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6179] <... futex resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 6179] exit_group(0 [pid 6181] <... futex resumed>) = ? [pid 6179] <... exit_group resumed>) = ? [pid 6187] <... memfd_create resumed>) = 3 [pid 6181] +++ exited with 0 +++ [pid 5089] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6186] <... memfd_create resumed>) = 3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6187] <... mmap resumed>) = 0x7f1df2200000 [pid 6186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] newfstatat(AT_FDCWD, "./107/file0", [pid 6186] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6179] +++ exited with 0 +++ [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6179, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4 [pid 5085] umount2("./107", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./107/file0" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... rmdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./107", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] <... openat resumed>) = 3 [pid 5089] close(3) = 0 [pid 5085] newfstatat(3, "", [pid 5089] rmdir("./107" [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, [pid 5089] mkdir("./108", 0777 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] <... mkdir resumed>) = 0 [pid 5085] umount2("./107/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5085] newfstatat(AT_FDCWD, "./107/binderfs", [pid 6187] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./107/binderfs") = 0 [pid 5085] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 6185] <... write resumed>) = 2097152 [pid 5085] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6185] munmap(0x7f1df2200000, 138412032 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./107/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6186] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6185] <... munmap resumed>) = 0 [pid 5085] umount2("./107/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6185] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6185] ioctl(4, LOOP_SET_FD, 3 [pid 5085] openat(AT_FDCWD, "./107/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6185] <... ioctl resumed>) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./107/file0") = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./107") = 0 [pid 5085] mkdir("./108", 0777) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6187] <... write resumed>) = 2097152 [pid 6185] close(3 [pid 5085] <... openat resumed>) = 3 [pid 6187] munmap(0x7f1df2200000, 138412032 [pid 6185] <... close resumed>) = 0 [pid 6185] close(4 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6187] <... munmap resumed>) = 0 [pid 6185] <... close resumed>) = 0 [pid 6185] mkdir("./file0", 0777) = 0 [ 161.801770][ T6185] loop2: detected capacity change from 0 to 4096 [pid 6185] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6187] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] <... ioctl resumed>) = 0 [pid 6186] <... write resumed>) = 2097152 [pid 6187] <... openat resumed>) = 4 [pid 6187] ioctl(4, LOOP_SET_FD, 3 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6186] munmap(0x7f1df2200000, 138412032./strace-static-x86_64: Process 6188 attached [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6188 [pid 6188] set_robust_list(0x555580b0d6a0, 24 [pid 6187] <... ioctl resumed>) = 0 [pid 6188] <... set_robust_list resumed>) = 0 [pid 6187] close(3 [pid 6186] <... munmap resumed>) = 0 [pid 6187] <... close resumed>) = 0 [pid 6188] chdir("./108" [pid 6187] close(4) = 0 [pid 6188] <... chdir resumed>) = 0 [pid 6187] mkdir("./file0", 0777 [pid 6188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6187] <... mkdir resumed>) = 0 [ 161.844493][ T6185] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 161.870932][ T6187] loop1: detected capacity change from 0 to 4096 [pid 6188] setpgid(0, 0) = 0 [pid 6187] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6186] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6186] ioctl(4, LOOP_SET_FD, 3 [pid 6188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] <... ioctl resumed>) = 0 [pid 6188] <... openat resumed>) = 3 [pid 6188] write(3, "1000", 4) = 4 [pid 6188] close(3 [pid 5085] close(3 [pid 6188] <... close resumed>) = 0 [pid 6188] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5085] <... close resumed>) = 0 [pid 6188] write(1, "executing program\n", 18) = 18 [pid 6186] <... ioctl resumed>) = 0 [pid 6185] <... mount resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6188] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6188] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 ./strace-static-x86_64: Process 6189 attached [pid 6188] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6186] close(3) = 0 [pid 6189] set_robust_list(0x555580b0d6a0, 24 [pid 6188] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6189] <... set_robust_list resumed>) = 0 [pid 6188] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6186] close(4 [pid 6185] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6189 [pid 6189] chdir("./108" [pid 6188] <... mmap resumed>) = 0x7f1dfa693000 [pid 6186] <... close resumed>) = 0 [pid 6185] <... openat resumed>) = 3 [pid 6189] <... chdir resumed>) = 0 [pid 6188] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6186] mkdir("./file0", 0777 [pid 6185] chdir("./file0" [pid 6189] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6188] <... mprotect resumed>) = 0 [pid 6186] <... mkdir resumed>) = 0 [pid 6185] <... chdir resumed>) = 0 [ 161.913012][ T6187] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 161.916521][ T6186] loop3: detected capacity change from 0 to 4096 [ 161.930076][ T6185] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6189] <... prctl resumed>) = 0 [pid 6188] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6186] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6185] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6189] setpgid(0, 0 [pid 6188] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6185] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6189] <... setpgid resumed>) = 0 [pid 6188] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6185] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6185] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6182] <... futex resumed>) = 0 [pid 6182] exit_group(0 [pid 6185] <... futex resumed>) = ? [pid 6182] <... exit_group resumed>) = ? [pid 6185] +++ exited with 0 +++ [pid 6182] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6182, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5087] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6189] <... openat resumed>) = 3 [pid 6188] <... clone3 resumed> => {parent_tid=[6190]}, 88) = 6190 [pid 5087] <... openat resumed>) = 3 ./strace-static-x86_64: Process 6190 attached [pid 6189] write(3, "1000", 4 [pid 6188] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] newfstatat(3, "", [pid 6190] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6189] <... write resumed>) = 4 [pid 6188] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6190] <... rseq resumed>) = 0 [pid 6189] close(3 [pid 6188] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] getdents64(3, [pid 6190] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6189] <... close resumed>) = 0 [pid 6188] <... futex resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6190] <... set_robust_list resumed>) = 0 [pid 6189] symlink("/dev/binderfs", "./binderfs" [pid 6188] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6187] <... mount resumed>) = 0 [pid 5087] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6190] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6189] <... symlink resumed>) = 0 [pid 6187] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 6190] memfd_create("syzkaller", 0 [pid 6189] write(1, "executing program\n", 18 [pid 6187] <... openat resumed>) = 3 [pid 5087] newfstatat(AT_FDCWD, "./108/binderfs", [pid 6189] <... write resumed>) = 18 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6189] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [ 161.974579][ T6186] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 161.974875][ T6187] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5087] unlink("./108/binderfs" [pid 6189] <... futex resumed>) = 0 [pid 6187] chdir("./file0" [pid 5087] <... unlink resumed>) = 0 [pid 6189] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6187] <... chdir resumed>) = 0 [pid 5087] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6189] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6187] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6189] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6187] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6190] <... memfd_create resumed>) = 3 [pid 6190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6189] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6187] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... umount2 resumed>) = 0 [pid 6190] <... mmap resumed>) = 0x7f1df2200000 [pid 6189] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6187] <... futex resumed>) = 1 [pid 6184] <... futex resumed>) = 0 [pid 6189] <... mmap resumed>) = 0x7f1dfa693000 [pid 6187] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6184] exit_group(0 [pid 6187] <... futex resumed>) = ? [pid 6184] <... exit_group resumed>) = ? [pid 6187] +++ exited with 0 +++ [pid 6189] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5087] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6189] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6189] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6184] +++ exited with 0 +++ [pid 5087] newfstatat(AT_FDCWD, "./108/file0", [pid 6189] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6191 attached [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6191] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6189] <... clone3 resumed> => {parent_tid=[6191]}, 88) = 6191 [pid 5087] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6191] <... rseq resumed>) = 0 [pid 6189] rt_sigprocmask(SIG_SETMASK, [], [pid 6191] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6191] <... set_robust_list resumed>) = 0 [pid 6189] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6191] rt_sigprocmask(SIG_SETMASK, [], [pid 6189] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... openat resumed>) = 4 [pid 6191] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6190] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6189] <... futex resumed>) = 0 [pid 5087] newfstatat(4, "", [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6184, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 6191] memfd_create("syzkaller", 0 [pid 6189] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6186] <... mount resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6191] <... memfd_create resumed>) = 3 [pid 6186] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] getdents64(4, [pid 6191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6186] <... openat resumed>) = 3 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, [pid 6191] <... mmap resumed>) = 0x7f1df2200000 [pid 6186] chdir("./file0" [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4 [pid 6186] <... chdir resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 6186] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5087] rmdir("./108/file0" [pid 6186] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6186] <... futex resumed>) = 1 [pid 6183] <... futex resumed>) = 0 [pid 6186] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6183] exit_group(0 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6186] <... futex resumed>) = ? [pid 6183] <... exit_group resumed>) = ? [pid 5087] getdents64(3, [pid 5086] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6186] +++ exited with 0 +++ [pid 6183] +++ exited with 0 +++ [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] <... openat resumed>) = 3 [pid 6190] <... write resumed>) = 2097152 [pid 5087] close(3 [pid 5086] newfstatat(3, "", [pid 6190] munmap(0x7f1df2200000, 138412032 [pid 5087] <... close resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6183, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5087] rmdir("./108" [pid 5088] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 6190] <... munmap resumed>) = 0 [pid 5088] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6190] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] mkdir("./109", 0777 [pid 5086] getdents64(3, [pid 5088] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] <... openat resumed>) = 3 [pid 5087] <... mkdir resumed>) = 0 [pid 5086] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(3, "", [pid 5086] newfstatat(AT_FDCWD, "./108/binderfs", [pid 6190] <... openat resumed>) = 4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] getdents64(3, [ 162.101225][ T6186] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5086] unlink("./108/binderfs" [pid 6190] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... unlink resumed>) = 0 [pid 6191] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./108/binderfs", [pid 5087] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6190] <... ioctl resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6190] close(3) = 0 [pid 6190] close(4 [pid 5086] <... umount2 resumed>) = 0 [pid 5088] unlink("./108/binderfs") = 0 [pid 5088] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6190] <... close resumed>) = 0 [pid 6190] mkdir("./file0", 0777 [pid 5086] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6190] <... mkdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6190] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", [pid 5086] newfstatat(4, "", [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, [pid 5086] getdents64(4, [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] rmdir("./108/file0" [pid 5088] close(4 [pid 5086] <... rmdir resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./108/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] getdents64(3, [pid 5086] close(3 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] <... close resumed>) = 0 [pid 5088] close(3 [pid 5086] rmdir("./108" [pid 6191] <... write resumed>) = 2097152 [pid 5088] <... close resumed>) = 0 [pid 6191] munmap(0x7f1df2200000, 138412032 [pid 5086] <... rmdir resumed>) = 0 [pid 6191] <... munmap resumed>) = 0 [pid 5088] rmdir("./108" [pid 5086] mkdir("./109", 0777 [pid 5088] <... rmdir resumed>) = 0 [ 162.154927][ T6190] loop4: detected capacity change from 0 to 4096 [ 162.190141][ T6190] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 6191] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] mkdir("./109", 0777 [pid 6191] <... openat resumed>) = 4 [pid 5087] <... ioctl resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 6191] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] <... openat resumed>) = 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5086] <... openat resumed>) = 3 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6192 attached [pid 6191] <... ioctl resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6192 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6192] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6192] chdir("./109") = 0 [pid 6192] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6191] close(3 [pid 6192] <... prctl resumed>) = 0 [pid 6191] <... close resumed>) = 0 [pid 6190] <... mount resumed>) = 0 [pid 6192] setpgid(0, 0 [pid 6191] close(4 [pid 6190] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6192] <... setpgid resumed>) = 0 [pid 6191] <... close resumed>) = 0 [pid 6192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6191] mkdir("./file0", 0777 [pid 6192] <... openat resumed>) = 3 [pid 6191] <... mkdir resumed>) = 0 [pid 6192] write(3, "1000", 4 [pid 6190] <... openat resumed>) = 3 [pid 6190] chdir("./file0" [pid 6192] <... write resumed>) = 4 [pid 6190] <... chdir resumed>) = 0 [pid 6192] close(3 [pid 6191] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6190] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6192] <... close resumed>) = 0 [pid 6192] symlink("/dev/binderfs", "./binderfs" [pid 6190] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6190] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6188] <... futex resumed>) = 0 [pid 6190] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 162.243094][ T6191] loop0: detected capacity change from 0 to 4096 [ 162.262938][ T6190] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6188] exit_group(0 [pid 6192] <... symlink resumed>) = 0 [pid 6190] <... futex resumed>) = ? [pid 6188] <... exit_group resumed>) = ? executing program [pid 6192] write(1, "executing program\n", 18) = 18 [pid 6192] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6192] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6192] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6190] +++ exited with 0 +++ [pid 6188] +++ exited with 0 +++ [pid 6192] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6188, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 6192] <... mmap resumed>) = 0x7f1dfa693000 [pid 6192] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5089] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6192] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6192] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6192] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", [pid 6192] <... clone3 resumed> => {parent_tid=[6193]}, 88) = 6193 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6193 attached [pid 6192] rt_sigprocmask(SIG_SETMASK, [], [pid 6193] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6192] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] getdents64(3, [pid 6193] <... rseq resumed>) = 0 [pid 6192] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6193] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6192] <... futex resumed>) = 0 [pid 5089] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6193] <... set_robust_list resumed>) = 0 [pid 6192] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6193] rt_sigprocmask(SIG_SETMASK, [], [ 162.285548][ T6191] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5089] newfstatat(AT_FDCWD, "./108/binderfs", [pid 6193] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./108/binderfs") = 0 [pid 6193] memfd_create("syzkaller", 0 [pid 5089] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6193] <... memfd_create resumed>) = 3 [pid 6193] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5089] <... umount2 resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 5089] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] close(3) = 0 [pid 5089] newfstatat(AT_FDCWD, "./108/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6194 attached [pid 5089] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(3 [pid 6194] set_robust_list(0x555580b0d6a0, 24 [pid 6191] <... mount resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6194 [pid 5086] <... close resumed>) = 0 [pid 6194] <... set_robust_list resumed>) = 0 [pid 6194] chdir("./109" [pid 5089] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6194] <... chdir resumed>) = 0 [pid 6194] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] <... openat resumed>) = 4 [pid 6194] setpgid(0, 0 [pid 6191] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6194] <... setpgid resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6195 [pid 6191] <... openat resumed>) = 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6191] chdir("./file0" [pid 5089] getdents64(4, [pid 6191] <... chdir resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6194] write(3, "1000", 4) = 4 [pid 6191] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] getdents64(4, [pid 6194] close(3 [pid 6191] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6194] <... close resumed>) = 0 [pid 6191] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6195 attached [pid 6194] symlink("/dev/binderfs", "./binderfs" [pid 6191] <... futex resumed>) = 1 [pid 6189] <... futex resumed>) = 0 [pid 5089] close(4 [pid 6195] set_robust_list(0x555580b0d6a0, 24 [pid 6189] exit_group(0 [pid 5089] <... close resumed>) = 0 [pid 6194] <... symlink resumed>) = 0 [pid 6195] <... set_robust_list resumed>) = 0 executing program [pid 6194] write(1, "executing program\n", 18 [pid 6189] <... exit_group resumed>) = ? [pid 5089] rmdir("./108/file0" [pid 6195] chdir("./109" [pid 6191] +++ exited with 0 +++ [pid 6195] <... chdir resumed>) = 0 [pid 6195] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... rmdir resumed>) = 0 [pid 6195] <... prctl resumed>) = 0 [pid 6195] setpgid(0, 0 [pid 6194] <... write resumed>) = 18 [pid 6195] <... setpgid resumed>) = 0 [pid 6195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6194] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] getdents64(3, [pid 6189] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6189, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6195] <... openat resumed>) = 3 [pid 6194] <... futex resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [ 162.370726][ T6191] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6194] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6195] write(3, "1000", 4 [pid 6194] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6195] <... write resumed>) = 4 [pid 6194] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6193] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] close(3 [pid 5085] umount2("./108", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6195] close(3 [pid 6194] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6195] <... close resumed>) = 0 [pid 6194] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] rmdir("./108" [pid 5085] openat(AT_FDCWD, "./108", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6195] symlink("/dev/binderfs", "./binderfs" [pid 6194] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 6194] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] mkdir("./109", 0777 [pid 5085] newfstatat(3, "", [pid 6195] <... symlink resumed>) = 0 [pid 6194] <... mprotect resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6195] write(1, "executing program\n", 18 [pid 6194] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] getdents64(3, executing program [pid 6194] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6195] <... write resumed>) = 18 [pid 6194] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5085] umount2("./108/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6196 attached [pid 6195] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... openat resumed>) = 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6196] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6195] <... futex resumed>) = 0 [pid 6194] <... clone3 resumed> => {parent_tid=[6196]}, 88) = 6196 [pid 5085] newfstatat(AT_FDCWD, "./108/binderfs", [pid 6196] <... rseq resumed>) = 0 [pid 6195] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6194] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6194] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] unlink("./108/binderfs" [pid 6194] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... unlink resumed>) = 0 [pid 6194] <... futex resumed>) = 0 [pid 5085] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6194] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6196] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6195] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 6196] <... set_robust_list resumed>) = 0 [pid 6195] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6196] rt_sigprocmask(SIG_SETMASK, [], [pid 6195] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6196] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6195] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5085] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6195] <... mmap resumed>) = 0x7f1dfa693000 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6195] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5085] newfstatat(AT_FDCWD, "./108/file0", [pid 6195] <... mprotect resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./108/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6195] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6195] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6195] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] openat(AT_FDCWD, "./108/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 6197 attached ) = 4 [pid 6197] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6195] <... clone3 resumed> => {parent_tid=[6197]}, 88) = 6197 [pid 5085] newfstatat(4, "", [pid 6197] <... rseq resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6197] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5085] getdents64(4, [pid 6197] rt_sigprocmask(SIG_SETMASK, [], [pid 6195] rt_sigprocmask(SIG_SETMASK, [], [pid 6197] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6196] memfd_create("syzkaller", 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6197] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6196] <... memfd_create resumed>) = 3 [pid 6195] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./108/file0" [pid 6196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6195] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6193] <... write resumed>) = 2097152 [pid 6197] <... futex resumed>) = 0 [pid 6196] <... mmap resumed>) = 0x7f1df2200000 [pid 6195] <... futex resumed>) = 1 [pid 6193] munmap(0x7f1df2200000, 138412032 [pid 5085] <... rmdir resumed>) = 0 [pid 6197] memfd_create("syzkaller", 0 [pid 6195] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6193] <... munmap resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3 [pid 6197] <... memfd_create resumed>) = 3 [pid 5085] <... close resumed>) = 0 [pid 6197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] rmdir("./108" [pid 6197] <... mmap resumed>) = 0x7f1df2200000 [pid 5085] <... rmdir resumed>) = 0 [pid 6196] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6193] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5085] mkdir("./109", 0777 [pid 6193] ioctl(4, LOOP_SET_FD, 3 [pid 5085] <... mkdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6193] <... ioctl resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 6193] close(3) = 0 [pid 6193] close(4 [pid 6197] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6193] <... close resumed>) = 0 [pid 6193] mkdir("./file0", 0777 [pid 5089] close(3 [pid 6193] <... mkdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6198 attached [pid 6198] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6198 [pid 6198] chdir("./109") = 0 [pid 6193] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6198] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6196] <... write resumed>) = 2097152 [pid 6198] <... prctl resumed>) = 0 [ 162.514192][ T6193] loop2: detected capacity change from 0 to 4096 [pid 6198] setpgid(0, 0) = 0 [pid 6198] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6196] munmap(0x7f1df2200000, 138412032) = 0 [pid 6196] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 6196] ioctl(4, LOOP_SET_FD, 3 [pid 6198] write(3, "1000", 4) = 4 [pid 6198] close(3) = 0 [pid 6198] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6198] write(1, "executing program\n", 18) = 18 [pid 6198] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6197] <... write resumed>) = 2097152 [pid 5085] <... ioctl resumed>) = 0 [pid 6198] <... futex resumed>) = 0 [pid 6198] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6198] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6198] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6197] munmap(0x7f1df2200000, 138412032 [pid 6198] <... mmap resumed>) = 0x7f1dfa693000 [pid 6198] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6196] <... ioctl resumed>) = 0 [pid 6196] close(3) = 0 [pid 6198] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6196] close(4 [pid 5085] close(3 [pid 6196] <... close resumed>) = 0 [pid 6196] mkdir("./file0", 0777 [pid 5085] <... close resumed>) = 0 [pid 6198] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6198] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6196] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6200 attached ./strace-static-x86_64: Process 6199 attached [ 162.570208][ T6193] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 162.597641][ T6196] loop3: detected capacity change from 0 to 4096 [pid 6198] <... clone3 resumed> => {parent_tid=[6199]}, 88) = 6199 [pid 6197] <... munmap resumed>) = 0 [pid 6198] rt_sigprocmask(SIG_SETMASK, [], [pid 6199] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6198] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6199] <... rseq resumed>) = 0 [pid 6198] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6200] set_robust_list(0x555580b0d6a0, 24 [pid 6199] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6196] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6200] <... set_robust_list resumed>) = 0 [pid 6199] <... set_robust_list resumed>) = 0 [pid 6198] <... futex resumed>) = 0 [pid 6200] chdir("./109" [pid 6199] rt_sigprocmask(SIG_SETMASK, [], [pid 6197] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6199] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6198] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6197] <... openat resumed>) = 4 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6200 [pid 6200] <... chdir resumed>) = 0 [pid 6200] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6200] setpgid(0, 0 [pid 6199] memfd_create("syzkaller", 0 [pid 6197] ioctl(4, LOOP_SET_FD, 3executing program [pid 6200] <... setpgid resumed>) = 0 [pid 6200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6200] write(3, "1000", 4) = 4 [pid 6200] close(3) = 0 [pid 6200] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6200] write(1, "executing program\n", 18) = 18 [pid 6200] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6200] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6200] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6200] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6200] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6199] <... memfd_create resumed>) = 3 [pid 6200] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6199] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6200] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6199] <... mmap resumed>) = 0x7f1df2200000 [pid 6200] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6201 attached [pid 6201] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6200] <... clone3 resumed> => {parent_tid=[6201]}, 88) = 6201 [pid 6201] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6200] rt_sigprocmask(SIG_SETMASK, [], [pid 6201] <... set_robust_list resumed>) = 0 [pid 6200] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6201] rt_sigprocmask(SIG_SETMASK, [], [pid 6200] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6201] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6200] <... futex resumed>) = 0 [pid 6201] memfd_create("syzkaller", 0 [pid 6200] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6201] <... memfd_create resumed>) = 3 [pid 6197] <... ioctl resumed>) = 0 [pid 6201] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6197] close(3) = 0 [ 162.655619][ T6196] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 162.670924][ T6197] loop1: detected capacity change from 0 to 4096 [pid 6197] close(4) = 0 [pid 6197] mkdir("./file0", 0777) = 0 [pid 6197] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6193] <... mount resumed>) = 0 [pid 6193] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6193] chdir("./file0") = 0 [pid 6193] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6193] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6192] <... futex resumed>) = 0 [pid 6193] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6192] exit_group(0 [pid 6193] <... futex resumed>) = ? [pid 6192] <... exit_group resumed>) = ? [pid 6193] +++ exited with 0 +++ [ 162.712756][ T6193] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 162.731526][ T6197] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 6199] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6192] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6192, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5087] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6201] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6196] <... mount resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./109/binderfs", [pid 6196] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6196] chdir("./file0") = 0 [ 162.760531][ T6196] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 6196] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./109/binderfs") = 0 [pid 6196] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6196] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6196] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6194] <... futex resumed>) = 0 [pid 6194] exit_group(0 [pid 6196] <... futex resumed>) = ? [pid 6194] <... exit_group resumed>) = ? [pid 6196] +++ exited with 0 +++ [pid 5087] <... umount2 resumed>) = 0 [pid 5087] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6194] +++ exited with 0 +++ [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6199] <... write resumed>) = 2097152 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6194, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5087] newfstatat(AT_FDCWD, "./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6199] munmap(0x7f1df2200000, 138412032 [pid 6201] <... write resumed>) = 2097152 [pid 5087] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6201] munmap(0x7f1df2200000, 138412032 [pid 6197] <... mount resumed>) = 0 [pid 5087] <... openat resumed>) = 4 [pid 5087] newfstatat(4, "", [pid 6197] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6197] <... openat resumed>) = 3 [pid 5088] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(4, [pid 6197] chdir("./file0" [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6201] <... munmap resumed>) = 0 [pid 6199] <... munmap resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6201] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6199] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6197] <... chdir resumed>) = 0 [pid 5087] getdents64(4, [pid 6201] <... openat resumed>) = 4 [pid 6199] <... openat resumed>) = 4 [pid 6197] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] <... openat resumed>) = 3 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6201] ioctl(4, LOOP_SET_FD, 3 [pid 6199] ioctl(4, LOOP_SET_FD, 3 [pid 6197] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] newfstatat(3, "", [pid 5087] close(4 [pid 6199] <... ioctl resumed>) = 0 [pid 6197] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6197] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6201] <... ioctl resumed>) = 0 [pid 6199] close(3 [pid 6195] <... futex resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... close resumed>) = 0 [pid 6201] close(3 [pid 6199] <... close resumed>) = 0 [pid 6195] exit_group(0 [pid 6199] close(4 [pid 5088] getdents64(3, [pid 5087] rmdir("./109/file0" [pid 6201] <... close resumed>) = 0 [pid 6201] close(4) = 0 [pid 6199] <... close resumed>) = 0 [pid 6197] <... futex resumed>) = ? [pid 6195] <... exit_group resumed>) = ? [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] <... rmdir resumed>) = 0 [pid 6201] mkdir("./file0", 0777 [pid 6197] +++ exited with 0 +++ [pid 6201] <... mkdir resumed>) = 0 [pid 6199] mkdir("./file0", 0777 [pid 6195] +++ exited with 0 +++ [pid 5088] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6199] <... mkdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] getdents64(3, [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6195, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6201] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 162.837264][ T6197] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 162.860978][ T6199] loop4: detected capacity change from 0 to 4096 [ 162.863223][ T6201] loop0: detected capacity change from 0 to 4096 [pid 5088] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6199] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] close(3 [pid 5086] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] unlink("./109/binderfs" [pid 5087] <... close resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... unlink resumed>) = 0 [pid 5087] rmdir("./109") = 0 [pid 5088] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] mkdir("./110", 0777 [pid 5086] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... mkdir resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", [pid 5088] <... umount2 resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... openat resumed>) = 3 [pid 5086] getdents64(3, [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5088] newfstatat(AT_FDCWD, "./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] close(4) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] rmdir("./109/file0" [pid 5086] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5088] <... rmdir resumed>) = 0 [pid 5088] getdents64(3, [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] unlink("./109/binderfs" [pid 5088] close(3) = 0 [pid 5086] <... unlink resumed>) = 0 [ 162.892508][ T6201] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 162.896030][ T6199] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5088] rmdir("./109") = 0 [pid 5086] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] mkdir("./110", 0777 [pid 5086] <... umount2 resumed>) = 0 [pid 5086] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, [pid 5088] <... mkdir resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./109/file0" [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5086] <... rmdir resumed>) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./109") = 0 [pid 5086] mkdir("./110", 0777) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5087] <... ioctl resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5087] close(3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5087] <... close resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6202 attached [pid 6202] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6202 [pid 6202] <... set_robust_list resumed>) = 0 [pid 6202] chdir("./110") = 0 [pid 6202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6202] setpgid(0, 0) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 6202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6202] write(3, "1000", 4) = 4 [pid 6202] close(3) = 0 [pid 6202] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 6202] write(1, "executing program\n", 18) = 18 [pid 6201] <... mount resumed>) = 0 [pid 6201] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6201] chdir("./file0" [pid 6202] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6201] <... chdir resumed>) = 0 [pid 6202] <... futex resumed>) = 0 [pid 6202] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6202] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6201] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6202] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6202] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6202] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6202] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6202] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6201] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] close(3./strace-static-x86_64: Process 6203 attached [pid 6202] <... clone3 resumed> => {parent_tid=[6203]}, 88) = 6203 [pid 6201] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... close resumed>) = 0 [pid 6202] rt_sigprocmask(SIG_SETMASK, [], [pid 6199] <... mount resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6202] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6202] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6201] <... futex resumed>) = 1 [pid 6200] <... futex resumed>) = 0 [pid 6203] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6202] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6200] exit_group(0 [pid 6199] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6204 [pid 6203] <... rseq resumed>) = 0 [pid 6200] <... exit_group resumed>) = ? [pid 6199] <... openat resumed>) = 3 [ 163.027999][ T6201] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 163.031540][ T6199] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6203] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6199] chdir("./file0"./strace-static-x86_64: Process 6204 attached [pid 6203] <... set_robust_list resumed>) = 0 [pid 6199] <... chdir resumed>) = 0 [pid 6203] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6199] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6199] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6203] memfd_create("syzkaller", 0 [pid 6199] <... futex resumed>) = 1 [pid 6199] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6203] <... memfd_create resumed>) = 3 [pid 6204] set_robust_list(0x555580b0d6a0, 24 [pid 6201] +++ exited with 0 +++ [pid 6200] +++ exited with 0 +++ [pid 6198] <... futex resumed>) = 0 [pid 6204] <... set_robust_list resumed>) = 0 [pid 6203] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6198] exit_group(0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6200, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 6204] chdir("./110" [pid 6198] <... exit_group resumed>) = ? [pid 6204] <... chdir resumed>) = 0 [pid 6203] <... mmap resumed>) = 0x7f1df2200000 [pid 6199] <... futex resumed>) = ? [pid 6204] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6199] +++ exited with 0 +++ [pid 6198] +++ exited with 0 +++ [pid 5086] <... ioctl resumed>) = 0 [pid 5085] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6198, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6204] <... prctl resumed>) = 0 [pid 5085] <... openat resumed>) = 3 [pid 6204] setpgid(0, 0 [pid 5089] umount2("./109", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] close(3 [pid 5085] newfstatat(3, "", [pid 6204] <... setpgid resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6204] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] openat(AT_FDCWD, "./109", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] getdents64(3, ./strace-static-x86_64: Process 6205 attached [pid 6204] <... openat resumed>) = 3 [pid 5089] <... openat resumed>) = 3 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6204] write(3, "1000", 4 [pid 5089] newfstatat(3, "", [pid 5085] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6205] set_robust_list(0x555580b0d6a0, 24 [pid 6204] <... write resumed>) = 4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6205] <... set_robust_list resumed>) = 0 [pid 6204] close(3 [pid 5089] getdents64(3, [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6205 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6204] <... close resumed>) = 0 [pid 5085] newfstatat(AT_FDCWD, "./109/binderfs", [pid 6204] symlink("/dev/binderfs", "./binderfs" [pid 6205] chdir("./110" executing program [pid 6204] <... symlink resumed>) = 0 [pid 6203] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] umount2("./109/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6205] <... chdir resumed>) = 0 [pid 6204] write(1, "executing program\n", 18 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] unlink("./109/binderfs" [pid 6205] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6204] <... write resumed>) = 18 [pid 5089] newfstatat(AT_FDCWD, "./109/binderfs", [pid 5085] <... unlink resumed>) = 0 [pid 6205] <... prctl resumed>) = 0 [pid 6204] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6205] setpgid(0, 0 [pid 6204] <... futex resumed>) = 0 [pid 5089] unlink("./109/binderfs" [pid 6205] <... setpgid resumed>) = 0 [pid 6204] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... unlink resumed>) = 0 executing program [pid 6205] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6204] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = 0 [pid 6205] <... openat resumed>) = 3 [pid 6204] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6205] write(3, "1000", 4 [pid 6204] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6205] <... write resumed>) = 4 [pid 6204] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6205] close(3 [pid 6204] <... mmap resumed>) = 0x7f1dfa693000 [pid 6205] <... close resumed>) = 0 [pid 6204] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6205] symlink("/dev/binderfs", "./binderfs" [pid 6204] <... mprotect resumed>) = 0 [pid 6205] <... symlink resumed>) = 0 [pid 6204] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6205] write(1, "executing program\n", 18 [pid 6204] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6206 attached [pid 6205] <... write resumed>) = 18 [pid 6205] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6204] <... clone3 resumed> => {parent_tid=[6206]}, 88) = 6206 [pid 6206] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6205] <... futex resumed>) = 0 [pid 6204] rt_sigprocmask(SIG_SETMASK, [], [pid 6206] <... rseq resumed>) = 0 [pid 6205] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6204] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6206] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6205] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6204] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6206] <... set_robust_list resumed>) = 0 [pid 6205] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6204] <... futex resumed>) = 0 [pid 6206] rt_sigprocmask(SIG_SETMASK, [], [pid 6205] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6204] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6206] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6205] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6205] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6206] memfd_create("syzkaller", 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5085] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./109/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6205] <... mprotect resumed>) = 0 [pid 6203] <... write resumed>) = 2097152 [pid 5089] newfstatat(4, "", [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6206] <... memfd_create resumed>) = 3 [pid 6205] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6203] munmap(0x7f1df2200000, 138412032 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6205] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5085] newfstatat(AT_FDCWD, "./109/file0", [pid 6205] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] getdents64(4, [pid 6206] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 6207 attached [pid 6205] <... clone3 resumed> => {parent_tid=[6207]}, 88) = 6207 [pid 5089] getdents64(4, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6207] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6205] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6207] <... rseq resumed>) = 0 [pid 6205] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] close(4 [pid 6207] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6205] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... close resumed>) = 0 [pid 5085] umount2("./109/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6207] <... set_robust_list resumed>) = 0 [pid 6205] <... futex resumed>) = 0 [pid 5089] rmdir("./109/file0" [pid 6207] rt_sigprocmask(SIG_SETMASK, [], [pid 6205] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] <... rmdir resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6207] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6207] memfd_create("syzkaller", 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./109") = 0 [pid 6207] <... memfd_create resumed>) = 3 [pid 6207] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6203] <... munmap resumed>) = 0 [pid 5089] mkdir("./110", 0777 [pid 5085] openat(AT_FDCWD, "./109/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6203] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5085] <... openat resumed>) = 4 [pid 6203] <... openat resumed>) = 4 [pid 5089] <... mkdir resumed>) = 0 [pid 5085] newfstatat(4, "", [pid 6206] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6203] ioctl(4, LOOP_SET_FD, 3 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, [pid 6203] <... ioctl resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6203] close(3 [pid 5085] close(4 [pid 6203] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 6203] close(4 [pid 5085] rmdir("./109/file0" [pid 6203] <... close resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6203] mkdir("./file0", 0777 [pid 5085] <... rmdir resumed>) = 0 [pid 6203] <... mkdir resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./109" [pid 6203] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... rmdir resumed>) = 0 [pid 5085] mkdir("./110", 0777) = 0 [pid 6207] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 163.224075][ T6203] loop2: detected capacity change from 0 to 4096 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6206] <... write resumed>) = 2097152 [pid 6206] munmap(0x7f1df2200000, 138412032) = 0 [pid 6206] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6207] <... write resumed>) = 2097152 [ 163.271265][ T6203] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 6207] munmap(0x7f1df2200000, 138412032 [pid 6206] <... openat resumed>) = 4 [pid 5089] <... ioctl resumed>) = 0 [pid 6207] <... munmap resumed>) = 0 [pid 5089] close(3 [pid 6206] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 6208 ./strace-static-x86_64: Process 6208 attached [pid 6208] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6208] chdir("./110") = 0 [pid 6208] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6207] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6208] <... prctl resumed>) = 0 [pid 6207] <... openat resumed>) = 4 [pid 6208] setpgid(0, 0) = 0 [pid 6207] ioctl(4, LOOP_SET_FD, 3 [pid 6208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5085] <... ioctl resumed>) = 0 [pid 6208] <... openat resumed>) = 3 [pid 6208] write(3, "1000", 4) = 4 [pid 6208] close(3) = 0 [pid 6208] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6206] <... ioctl resumed>) = 0 executing program [pid 6208] write(1, "executing program\n", 18 [pid 5085] close(3 [pid 6208] <... write resumed>) = 18 [pid 6206] close(3 [pid 6208] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6208] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6208] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6208] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6207] <... ioctl resumed>) = 0 [pid 6208] <... mmap resumed>) = 0x7f1dfa693000 [pid 6207] close(3 [pid 6206] <... close resumed>) = 0 [pid 6208] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6207] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 6208] <... mprotect resumed>) = 0 [pid 6207] close(4 [pid 6208] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6207] <... close resumed>) = 0 [pid 6208] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6207] mkdir("./file0", 0777 [pid 6208] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6207] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6209 attached [pid 6209] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6208] <... clone3 resumed> => {parent_tid=[6209]}, 88) = 6209 [ 163.348850][ T6206] loop3: detected capacity change from 0 to 4096 [ 163.362053][ T6207] loop1: detected capacity change from 0 to 4096 [ 163.370415][ T6203] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6207] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6209] <... rseq resumed>) = 0 [pid 6208] rt_sigprocmask(SIG_SETMASK, [], [pid 6206] close(4 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6203] <... mount resumed>) = 0 [pid 6206] <... close resumed>) = 0 [pid 6206] mkdir("./file0", 0777 [pid 6203] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6210 [pid 6203] <... openat resumed>) = 3 [pid 6209] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6208] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 6210 attached [pid 6209] <... set_robust_list resumed>) = 0 [pid 6208] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6210] set_robust_list(0x555580b0d6a0, 24 [pid 6208] <... futex resumed>) = 0 [pid 6206] <... mkdir resumed>) = 0 [pid 6203] chdir("./file0" [pid 6208] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6206] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6203] <... chdir resumed>) = 0 [pid 6203] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6209] rt_sigprocmask(SIG_SETMASK, [], [pid 6203] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6210] <... set_robust_list resumed>) = 0 [pid 6209] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6210] chdir("./110" [pid 6209] memfd_create("syzkaller", 0 [pid 6203] <... futex resumed>) = 1 [pid 6202] <... futex resumed>) = 0 [pid 6202] exit_group(0 [pid 6210] <... chdir resumed>) = 0 [pid 6202] <... exit_group resumed>) = ? [pid 6210] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6210] setpgid(0, 0 [pid 6209] <... memfd_create resumed>) = 3 [pid 6210] <... setpgid resumed>) = 0 [pid 6209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6210] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6209] <... mmap resumed>) = 0x7f1df2200000 [pid 6210] <... openat resumed>) = 3 [pid 6210] write(3, "1000", 4) = 4 [pid 6203] +++ exited with 0 +++ [pid 6202] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6202, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 6210] close(3) = 0 [pid 6210] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5087] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 6210] write(1, "executing program\n", 18 [pid 5087] getdents64(3, [pid 6210] <... write resumed>) = 18 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [ 163.401276][ T6207] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 163.423148][ T6206] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6210] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6210] <... futex resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./110/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6210] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5087] unlink("./110/binderfs" [pid 6210] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] <... unlink resumed>) = 0 [pid 6210] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6210] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6210] <... mmap resumed>) = 0x7f1dfa693000 [pid 6210] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6210] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6210] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6211]}, 88) = 6211 ./strace-static-x86_64: Process 6211 attached [pid 5087] <... umount2 resumed>) = 0 [pid 6211] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6206] <... mount resumed>) = 0 [pid 6211] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6210] rt_sigprocmask(SIG_SETMASK, [], [pid 6211] <... set_robust_list resumed>) = 0 [pid 6210] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6206] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6211] rt_sigprocmask(SIG_SETMASK, [], [pid 6210] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6211] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6206] <... openat resumed>) = 3 [pid 5087] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6211] memfd_create("syzkaller", 0 [pid 6210] <... futex resumed>) = 0 [ 163.468663][ T6206] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 6206] chdir("./file0" [pid 6210] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6206] <... chdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6206] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] newfstatat(AT_FDCWD, "./110/file0", [pid 6211] <... memfd_create resumed>) = 3 [pid 6206] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6206] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6206] <... futex resumed>) = 1 [pid 6204] <... futex resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6206] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6204] exit_group(0 [pid 5087] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6206] <... futex resumed>) = ? [pid 6204] <... exit_group resumed>) = ? [pid 6211] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6206] +++ exited with 0 +++ [pid 6211] <... mmap resumed>) = 0x7f1df2200000 [pid 6204] +++ exited with 0 +++ [pid 5087] <... openat resumed>) = 4 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6204, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6209] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] newfstatat(4, "", [pid 5088] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./110/binderfs", [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] unlink("./110/binderfs" [pid 5087] getdents64(4, [pid 5088] <... unlink resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6207] <... mount resumed>) = 0 [pid 6207] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] close(4 [pid 6207] <... openat resumed>) = 3 [pid 5087] <... close resumed>) = 0 [pid 6207] chdir("./file0" [pid 5087] rmdir("./110/file0" [pid 6207] <... chdir resumed>) = 0 [pid 6207] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] <... umount2 resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 6207] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] getdents64(3, [pid 6207] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6205] <... futex resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6207] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6205] exit_group(0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] close(3 [pid 6207] <... futex resumed>) = ? [pid 6205] <... exit_group resumed>) = ? [pid 5088] newfstatat(AT_FDCWD, "./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6207] +++ exited with 0 +++ [pid 6205] +++ exited with 0 +++ [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... close resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6205, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5088] getdents64(4, [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] rmdir("./110" [pid 5086] <... restart_syscall resumed>) = 0 [pid 5088] close(4) = 0 [ 163.512900][ T6207] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5088] rmdir("./110/file0") = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5087] mkdir("./111", 0777 [pid 5086] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... mkdir resumed>) = 0 [pid 5088] getdents64(3, [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... close resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... openat resumed>) = 3 [pid 5088] rmdir("./110" [pid 5086] <... openat resumed>) = 3 [pid 5088] <... rmdir resumed>) = 0 [pid 5086] newfstatat(3, "", [pid 5088] mkdir("./111", 0777 [pid 6209] <... write resumed>) = 2097152 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6209] munmap(0x7f1df2200000, 138412032 [pid 5088] <... mkdir resumed>) = 0 [pid 5086] getdents64(3, [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] <... openat resumed>) = 3 [pid 5086] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... ioctl resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./110/binderfs", [pid 5088] close(3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... close resumed>) = 0 [pid 5086] unlink("./110/binderfs" [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] <... unlink resumed>) = 0 [pid 5086] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6212 attached [pid 6212] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6212 [pid 6212] chdir("./111" [pid 6211] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6209] <... munmap resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 6212] <... chdir resumed>) = 0 [pid 6209] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6212] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6209] <... openat resumed>) = 4 [pid 6212] <... prctl resumed>) = 0 [pid 6209] ioctl(4, LOOP_SET_FD, 3 [pid 6212] setpgid(0, 0) = 0 [pid 6212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6209] <... ioctl resumed>) = 0 [pid 5086] newfstatat(AT_FDCWD, "./110/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./110/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./110") = 0 [pid 6212] <... openat resumed>) = 3 [pid 6209] close(3 [pid 5086] mkdir("./111", 0777) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6209] <... close resumed>) = 0 [pid 6212] write(3, "1000", 4) = 4 [pid 6209] close(4 [pid 6212] close(3 [pid 6209] <... close resumed>) = 0 [pid 6212] <... close resumed>) = 0 [pid 6209] mkdir("./file0", 0777 [pid 6212] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6212] write(1, "executing program\n", 18 [pid 6211] <... write resumed>) = 2097152 [pid 6209] <... mkdir resumed>) = 0 executing program [pid 6212] <... write resumed>) = 18 [ 163.612259][ T6209] loop4: detected capacity change from 0 to 4096 [pid 6209] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6211] munmap(0x7f1df2200000, 138412032 [pid 6212] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6212] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... ioctl resumed>) = 0 [pid 6212] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] close(3 [pid 6212] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] <... close resumed>) = 0 [pid 6212] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6212] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6212] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6211] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 6213 attached [pid 6212] <... mprotect resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6213 [pid 6213] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6212] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6213] chdir("./111" [pid 6212] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6213] <... chdir resumed>) = 0 [pid 6212] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6213] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 6214 attached [pid 6212] <... clone3 resumed> => {parent_tid=[6214]}, 88) = 6214 [pid 6214] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6212] rt_sigprocmask(SIG_SETMASK, [], [pid 6214] <... rseq resumed>) = 0 [pid 6212] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6214] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6213] <... prctl resumed>) = 0 [pid 6212] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6211] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6214] <... set_robust_list resumed>) = 0 [pid 6212] <... futex resumed>) = 0 [pid 6214] rt_sigprocmask(SIG_SETMASK, [], [pid 6213] setpgid(0, 0 [pid 6212] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6211] <... openat resumed>) = 4 [pid 6214] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 163.664261][ T6209] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 6213] <... setpgid resumed>) = 0 [pid 6211] ioctl(4, LOOP_SET_FD, 3 [pid 6214] memfd_create("syzkaller", 0 [pid 6213] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6213] write(3, "1000", 4) = 4 [pid 6213] close(3) = 0 [pid 6214] <... memfd_create resumed>) = 3 [pid 6213] symlink("/dev/binderfs", "./binderfs" [pid 6214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6213] <... symlink resumed>) = 0 executing program [pid 6213] write(1, "executing program\n", 18) = 18 [pid 6213] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6213] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6211] <... ioctl resumed>) = 0 [pid 6213] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6211] close(3 [pid 6213] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6211] <... close resumed>) = 0 [pid 6213] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6211] close(4 [pid 6213] <... mmap resumed>) = 0x7f1dfa693000 [pid 6211] <... close resumed>) = 0 [pid 6213] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6211] mkdir("./file0", 0777 [pid 6213] <... mprotect resumed>) = 0 [pid 6211] <... mkdir resumed>) = 0 [pid 6213] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5086] <... ioctl resumed>) = 0 [pid 6213] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6211] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 163.714818][ T6211] loop0: detected capacity change from 0 to 4096 [pid 6213] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5086] close(3./strace-static-x86_64: Process 6215 attached [pid 6215] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6213] <... clone3 resumed> => {parent_tid=[6215]}, 88) = 6215 [pid 5086] <... close resumed>) = 0 [pid 6213] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6213] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6215] <... rseq resumed>) = 0 [pid 6213] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6215] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6215] rt_sigprocmask(SIG_SETMASK, [], [pid 6213] <... futex resumed>) = 0 [pid 6213] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6216 [pid 6215] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 6216 attached [pid 6216] set_robust_list(0x555580b0d6a0, 24 [pid 6215] memfd_create("syzkaller", 0 [pid 6216] <... set_robust_list resumed>) = 0 [pid 6216] chdir("./111") = 0 [pid 6216] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6215] <... memfd_create resumed>) = 3 [pid 6216] <... prctl resumed>) = 0 [pid 6216] setpgid(0, 0) = 0 [pid 6216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6216] write(3, "1000", 4 [pid 6215] <... mmap resumed>) = 0x7f1df2200000 [pid 6216] <... write resumed>) = 4 [pid 6216] close(3) = 0 [pid 6216] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6216] write(1, "executing program\n", 18executing program ) = 18 [pid 6216] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6216] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6216] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [ 163.762967][ T6211] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 6216] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6216] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6216] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6214] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6216] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6209] <... mount resumed>) = 0 ./strace-static-x86_64: Process 6217 attached [pid 6216] <... clone3 resumed> => {parent_tid=[6217]}, 88) = 6217 [pid 6217] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6216] rt_sigprocmask(SIG_SETMASK, [], [pid 6217] <... rseq resumed>) = 0 [pid 6216] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6217] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6216] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6217] <... set_robust_list resumed>) = 0 [pid 6216] <... futex resumed>) = 0 [pid 6217] rt_sigprocmask(SIG_SETMASK, [], [pid 6216] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6217] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6217] memfd_create("syzkaller", 0) = 3 [pid 6217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [ 163.843028][ T6209] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 163.845604][ T6211] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6209] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6211] <... mount resumed>) = 0 [pid 6209] <... openat resumed>) = 3 [pid 6211] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6209] chdir("./file0" [pid 6211] <... openat resumed>) = 3 [pid 6209] <... chdir resumed>) = 0 [pid 6215] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6211] chdir("./file0" [pid 6209] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6211] <... chdir resumed>) = 0 [pid 6211] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6211] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6210] <... futex resumed>) = 0 [pid 6210] exit_group(0 [pid 6209] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6210] <... exit_group resumed>) = ? [pid 6211] +++ exited with 0 +++ [pid 6210] +++ exited with 0 +++ [pid 6209] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6208] <... futex resumed>) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6210, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=5 /* 0.05 s */} --- [pid 6209] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6208] exit_group(0 [pid 6209] <... futex resumed>) = ? [pid 6208] <... exit_group resumed>) = ? [pid 5085] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6209] +++ exited with 0 +++ [pid 6208] +++ exited with 0 +++ [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6208, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5085] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6214] <... write resumed>) = 2097152 [pid 6214] munmap(0x7f1df2200000, 138412032 [pid 5085] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", [pid 6217] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6215] <... write resumed>) = 2097152 [pid 6214] <... munmap resumed>) = 0 [pid 5089] umount2("./110", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6215] munmap(0x7f1df2200000, 138412032 [pid 6214] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./110", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] getdents64(3, [pid 6214] <... openat resumed>) = 4 [pid 5089] <... openat resumed>) = 3 [pid 6214] ioctl(4, LOOP_SET_FD, 3 [pid 5089] newfstatat(3, "", [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6215] <... munmap resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 5085] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6215] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6217] <... write resumed>) = 2097152 [pid 6214] <... ioctl resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6217] munmap(0x7f1df2200000, 138412032 [pid 6215] <... openat resumed>) = 4 [pid 6214] close(3 [pid 5089] umount2("./110/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] newfstatat(AT_FDCWD, "./110/binderfs", [pid 6214] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6215] ioctl(4, LOOP_SET_FD, 3 [pid 6214] close(4 [pid 5085] unlink("./110/binderfs" [pid 6217] <... munmap resumed>) = 0 [pid 6215] <... ioctl resumed>) = 0 [pid 6214] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... unlink resumed>) = 0 [pid 6217] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6214] mkdir("./file0", 0777 [pid 5085] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6217] <... openat resumed>) = 4 [pid 6214] <... mkdir resumed>) = 0 [pid 6217] ioctl(4, LOOP_SET_FD, 3 [pid 6214] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6215] close(3 [pid 5089] newfstatat(AT_FDCWD, "./110/binderfs", [pid 6215] <... close resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 163.973046][ T6214] loop3: detected capacity change from 0 to 4096 [ 163.991367][ T6215] loop2: detected capacity change from 0 to 4096 [ 164.006890][ T6217] loop1: detected capacity change from 0 to 4096 [ 164.010585][ T6214] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6215] close(4) = 0 [pid 5089] unlink("./110/binderfs") = 0 [pid 6215] mkdir("./file0", 0777) = 0 [pid 5089] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6215] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... umount2 resumed>) = 0 [pid 6217] <... ioctl resumed>) = 0 [pid 6217] close(3) = 0 [pid 5085] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = 0 [pid 6217] close(4 [pid 5089] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6217] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./110/file0", [pid 6217] mkdir("./file0", 0777 [pid 5089] newfstatat(AT_FDCWD, "./110/file0", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6217] <... mkdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./110/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6217] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] openat(AT_FDCWD, "./110/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... openat resumed>) = 4 [pid 5085] newfstatat(4, "", [pid 5089] getdents64(4, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [ 164.034714][ T6215] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 164.064037][ T6217] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] getdents64(4, [pid 5089] close(4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./110/file0") = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./110") = 0 [pid 5089] <... close resumed>) = 0 [pid 5085] mkdir("./111", 0777 [pid 5089] rmdir("./110/file0" [pid 5085] <... mkdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5089] getdents64(3, [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5085] <... openat resumed>) = 3 [pid 5089] <... close resumed>) = 0 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] rmdir("./110") = 0 [pid 5089] mkdir("./111", 0777) = 0 [pid 6214] <... mount resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6214] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6214] chdir("./file0") = 0 [pid 6214] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6214] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6212] <... futex resumed>) = 0 [pid 6214] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6212] exit_group(0 [pid 6214] <... futex resumed>) = ? [pid 6212] <... exit_group resumed>) = ? [pid 6214] +++ exited with 0 +++ [pid 5089] <... openat resumed>) = 3 [pid 6212] +++ exited with 0 +++ [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6212, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [ 164.085421][ T6214] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 5088] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5088] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./111/binderfs") = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5088] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] close(3 [pid 6215] <... mount resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 6215] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6215] <... openat resumed>) = 3 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./111/file0", ./strace-static-x86_64: Process 6218 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6215] chdir("./file0") = 0 [pid 5088] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6218] set_robust_list(0x555580b0d6a0, 24 [pid 6215] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6218 [pid 6218] <... set_robust_list resumed>) = 0 [pid 6215] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6218] chdir("./111" [pid 6217] <... mount resumed>) = 0 [pid 6215] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... openat resumed>) = 4 [pid 6218] <... chdir resumed>) = 0 [pid 6217] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6215] <... futex resumed>) = 1 [pid 6213] <... futex resumed>) = 0 [pid 5088] newfstatat(4, "", [pid 6213] exit_group(0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6213] <... exit_group resumed>) = ? [pid 5088] getdents64(4, [pid 6218] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [ 164.150899][ T6215] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 164.186000][ T6217] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 6218] setpgid(0, 0 [pid 6217] <... openat resumed>) = 3 [pid 6215] +++ exited with 0 +++ [pid 6213] +++ exited with 0 +++ [pid 5088] getdents64(4, [pid 6218] <... setpgid resumed>) = 0 [pid 5089] close(3 [pid 6217] chdir("./file0" [pid 5089] <... close resumed>) = 0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6213, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 6218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6218] <... openat resumed>) = 3 [pid 6217] <... chdir resumed>) = 0 [pid 6217] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 6219 attached [pid 6218] write(3, "1000", 4 [pid 6217] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] close(4 [pid 5087] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6219] set_robust_list(0x555580b0d6a0, 24 [pid 6218] <... write resumed>) = 4 [pid 6217] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6219 [pid 5088] <... close resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6219] <... set_robust_list resumed>) = 0 [pid 6218] close(3 [pid 6217] <... futex resumed>) = 1 [pid 6216] <... futex resumed>) = 0 [pid 5088] rmdir("./111/file0" [pid 5087] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6219] chdir("./111" [pid 6218] <... close resumed>) = 0 [pid 6217] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6216] exit_group(0 [pid 5088] <... rmdir resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 6219] <... chdir resumed>) = 0 [pid 6218] symlink("/dev/binderfs", "./binderfs" [pid 6217] <... futex resumed>) = ? [pid 6216] <... exit_group resumed>) = ? [pid 5088] getdents64(3, [pid 5087] newfstatat(3, "", executing program [pid 6219] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6218] <... symlink resumed>) = 0 [pid 6217] +++ exited with 0 +++ [pid 6216] +++ exited with 0 +++ [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6219] <... prctl resumed>) = 0 [pid 6218] write(1, "executing program\n", 18 [pid 5088] close(3 [pid 6218] <... write resumed>) = 18 [pid 6219] setpgid(0, 0 [pid 5088] <... close resumed>) = 0 [pid 5087] getdents64(3, [pid 6219] <... setpgid resumed>) = 0 [pid 6218] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] rmdir("./111" [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6216, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5087] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... restart_syscall resumed>) = 0 [pid 6219] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] newfstatat(AT_FDCWD, "./111/binderfs", [pid 6219] <... openat resumed>) = 3 [pid 6218] <... futex resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6219] write(3, "1000", 4 [pid 6218] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] mkdir("./112", 0777 [pid 5087] unlink("./111/binderfs" [pid 5086] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... unlink resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6219] <... write resumed>) = 4 [pid 5088] <... mkdir resumed>) = 0 [pid 5087] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6219] close(3 [pid 6218] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", [pid 5088] <... openat resumed>) = 3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6219] <... close resumed>) = 0 [pid 6218] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] <... umount2 resumed>) = 0 [pid 5086] getdents64(3, [pid 6219] symlink("/dev/binderfs", "./binderfs" [pid 6218] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6219] <... symlink resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6219] write(1, "executing program\n", 18 [pid 6218] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] newfstatat(AT_FDCWD, "./111/file0", [pid 5086] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 5087] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6219] <... write resumed>) = 18 [pid 6218] <... mmap resumed>) = 0x7f1dfa693000 [pid 5086] newfstatat(AT_FDCWD, "./111/binderfs", [pid 6218] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6219] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6218] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6219] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... openat resumed>) = 4 [pid 5086] unlink("./111/binderfs" [pid 6219] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6218] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6219] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6218] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6220 attached [pid 6219] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] newfstatat(4, "", [pid 5086] <... unlink resumed>) = 0 [pid 6220] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6219] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6220] <... rseq resumed>) = 0 [pid 6219] <... mmap resumed>) = 0x7f1dfa693000 [pid 6218] <... clone3 resumed> => {parent_tid=[6220]}, 88) = 6220 [pid 5087] getdents64(4, [pid 5086] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6220] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6218] rt_sigprocmask(SIG_SETMASK, [], [pid 6219] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6218] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6218] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6219] <... mprotect resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6220] <... set_robust_list resumed>) = 0 [pid 6218] <... futex resumed>) = 0 [pid 6220] rt_sigprocmask(SIG_SETMASK, [], [pid 6218] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6220] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5087] rmdir("./111/file0" [pid 6220] memfd_create("syzkaller", 0 [pid 6219] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] <... rmdir resumed>) = 0 [pid 5087] getdents64(3, [pid 6219] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6219] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] close(3) = 0 [pid 6219] <... clone3 resumed> => {parent_tid=[6221]}, 88) = 6221 [pid 5087] rmdir("./111"./strace-static-x86_64: Process 6221 attached [pid 6219] rt_sigprocmask(SIG_SETMASK, [], [pid 6221] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6219] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 6221] <... rseq resumed>) = 0 [pid 6220] <... memfd_create resumed>) = 3 [pid 6219] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6221] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6219] <... futex resumed>) = 0 [pid 6221] <... set_robust_list resumed>) = 0 [pid 6220] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6221] rt_sigprocmask(SIG_SETMASK, [], [pid 6219] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6221] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] mkdir("./112", 0777) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6221] memfd_create("syzkaller", 0 [pid 6220] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] <... umount2 resumed>) = 0 [pid 6221] <... memfd_create resumed>) = 3 [pid 5087] <... openat resumed>) = 3 [pid 6221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6220] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./111/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./111" [pid 6220] <... write resumed>) = 2097152 [pid 5086] <... rmdir resumed>) = 0 [pid 6221] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6220] munmap(0x7f1df2200000, 138412032 [pid 5088] <... ioctl resumed>) = 0 [pid 5086] mkdir("./112", 0777 [pid 6220] <... munmap resumed>) = 0 [pid 5088] close(3 [pid 5086] <... mkdir resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5087] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6222 attached [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6222 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6222] set_robust_list(0x555580b0d6a0, 24 [pid 6220] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6222] <... set_robust_list resumed>) = 0 [pid 6220] <... openat resumed>) = 4 [pid 6222] chdir("./112" [pid 6221] <... write resumed>) = 2097152 [pid 6220] ioctl(4, LOOP_SET_FD, 3 [pid 5087] close(3 [pid 6222] <... chdir resumed>) = 0 [pid 6222] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6221] munmap(0x7f1df2200000, 138412032 [pid 6222] setpgid(0, 0) = 0 [pid 6222] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6222] write(3, "1000", 4 [pid 5087] <... close resumed>) = 0 [pid 6222] <... write resumed>) = 4 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 6222] close(3) = 0 [pid 6222] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6223 ./strace-static-x86_64: Process 6223 attached [pid 6222] write(1, "executing program\n", 18 [pid 6223] set_robust_list(0x555580b0d6a0, 24 [pid 6222] <... write resumed>) = 18 [pid 6223] <... set_robust_list resumed>) = 0 [pid 6222] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6221] <... munmap resumed>) = 0 [pid 6223] chdir("./112" [pid 6222] <... futex resumed>) = 0 [pid 6221] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6223] <... chdir resumed>) = 0 [pid 6222] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6221] <... openat resumed>) = 4 [pid 6223] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6222] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6221] ioctl(4, LOOP_SET_FD, 3 [pid 6223] <... prctl resumed>) = 0 [pid 6222] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6220] <... ioctl resumed>) = 0 [pid 6223] setpgid(0, 0 [pid 6222] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6223] <... setpgid resumed>) = 0 [pid 6222] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6223] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6222] <... mmap resumed>) = 0x7f1dfa693000 [pid 6223] <... openat resumed>) = 3 [pid 6222] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6220] close(3 [pid 6222] <... mprotect resumed>) = 0 [pid 6223] write(3, "1000", 4) = 4 [pid 6223] close(3 [pid 6222] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6220] <... close resumed>) = 0 [pid 6220] close(4 [pid 6223] <... close resumed>) = 0 [pid 6223] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6220] <... close resumed>) = 0 executing program [pid 6223] write(1, "executing program\n", 18) = 18 [pid 6222] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6220] mkdir("./file0", 0777 [pid 6223] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... ioctl resumed>) = 0 [pid 6223] <... futex resumed>) = 0 [pid 6222] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6220] <... mkdir resumed>) = 0 [pid 6223] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6222] <... clone3 resumed> => {parent_tid=[6224]}, 88) = 6224 [pid 6223] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6222] rt_sigprocmask(SIG_SETMASK, [], [pid 6223] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6222] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6223] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6222] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6223] <... mmap resumed>) = 0x7f1dfa693000 [pid 6222] <... futex resumed>) = 0 [pid 6223] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6222] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6221] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 6224 attached [pid 6223] <... mprotect resumed>) = 0 [pid 6224] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6223] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6221] close(3 [pid 6224] <... rseq resumed>) = 0 [ 164.409523][ T6220] loop0: detected capacity change from 0 to 4096 [ 164.444600][ T6221] loop4: detected capacity change from 0 to 4096 [pid 6223] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6221] <... close resumed>) = 0 [pid 6220] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6224] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6223] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6221] close(4 [pid 5086] close(3 [pid 6224] <... set_robust_list resumed>) = 0 [pid 6221] <... close resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 6224] rt_sigprocmask(SIG_SETMASK, [], [pid 6223] <... clone3 resumed> => {parent_tid=[6225]}, 88) = 6225 [pid 6221] mkdir("./file0", 0777 [pid 6224] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6223] rt_sigprocmask(SIG_SETMASK, [], [pid 6221] <... mkdir resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6224] memfd_create("syzkaller", 0 [pid 6223] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6221] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6224] <... memfd_create resumed>) = 3 [pid 6223] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6223] <... futex resumed>) = 0 [pid 6224] <... mmap resumed>) = 0x7f1df2200000 [pid 6223] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 6225 attached [pid 6225] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6225] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6226 [pid 6225] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6225] memfd_create("syzkaller", 0./strace-static-x86_64: Process 6226 attached [pid 6226] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6226] chdir("./112") = 0 [pid 6225] <... memfd_create resumed>) = 3 [pid 6226] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6225] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6226] <... prctl resumed>) = 0 [pid 6225] <... mmap resumed>) = 0x7f1df2200000 [pid 6226] setpgid(0, 0) = 0 [pid 6226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6226] write(3, "1000", 4) = 4 [pid 6226] close(3) = 0 [ 164.474315][ T6220] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 164.498158][ T6221] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). executing program [pid 6226] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6226] write(1, "executing program\n", 18) = 18 [pid 6226] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6226] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6226] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6224] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6226] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6226] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6226] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6226] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6226] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6227 attached [pid 6227] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6227] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6227] rt_sigprocmask(SIG_SETMASK, [], [pid 6221] <... mount resumed>) = 0 [pid 6227] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6221] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6226] <... clone3 resumed> => {parent_tid=[6227]}, 88) = 6227 [pid 6227] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6221] <... openat resumed>) = 3 [pid 6226] rt_sigprocmask(SIG_SETMASK, [], [pid 6225] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6221] chdir("./file0" [pid 6226] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6221] <... chdir resumed>) = 0 [pid 6226] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6221] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [ 164.563632][ T6221] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6221] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6221] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6219] <... futex resumed>) = 0 [pid 6219] exit_group(0 [pid 6227] <... futex resumed>) = 0 [pid 6226] <... futex resumed>) = 1 [pid 6221] <... futex resumed>) = ? [pid 6219] <... exit_group resumed>) = ? [pid 6221] +++ exited with 0 +++ [pid 6227] memfd_create("syzkaller", 0 [pid 6226] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6227] <... memfd_create resumed>) = 3 [pid 6227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6219] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6219, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5089] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 6220] <... mount resumed>) = 0 [pid 6220] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6220] <... openat resumed>) = 3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6220] chdir("./file0" [pid 5089] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6220] <... chdir resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 6220] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] newfstatat(3, "", [pid 6220] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6220] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] getdents64(3, [pid 6220] <... futex resumed>) = 1 [pid 6218] <... futex resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6220] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6218] exit_group(0 [pid 6220] <... futex resumed>) = ? [pid 6218] <... exit_group resumed>) = ? [pid 5089] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6224] <... write resumed>) = 2097152 [pid 6220] +++ exited with 0 +++ [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6218] +++ exited with 0 +++ [pid 5089] newfstatat(AT_FDCWD, "./111/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6218, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5089] unlink("./111/binderfs") = 0 [pid 5085] umount2("./111", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6224] munmap(0x7f1df2200000, 138412032 [pid 5089] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./111", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", [pid 6224] <... munmap resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./111/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6224] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 164.627671][ T6220] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5085] newfstatat(AT_FDCWD, "./111/binderfs", [pid 6224] <... openat resumed>) = 4 [pid 5089] <... umount2 resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6224] ioctl(4, LOOP_SET_FD, 3 [pid 5089] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] unlink("./111/binderfs" [pid 6225] <... write resumed>) = 2097152 [pid 6227] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6224] <... ioctl resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... unlink resumed>) = 0 [pid 6225] munmap(0x7f1df2200000, 138412032 [pid 5089] newfstatat(AT_FDCWD, "./111/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6225] <... munmap resumed>) = 0 [pid 6224] close(3 [pid 5089] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6225] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6224] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6225] <... openat resumed>) = 4 [pid 6224] close(4 [pid 5089] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6225] ioctl(4, LOOP_SET_FD, 3 [pid 6224] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [pid 6225] <... ioctl resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 6224] mkdir("./file0", 0777 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6224] <... mkdir resumed>) = 0 [pid 5089] getdents64(4, [pid 5085] <... umount2 resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./111/file0") = 0 [pid 6224] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./111") = 0 [pid 5089] mkdir("./112", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 164.692601][ T6224] loop3: detected capacity change from 0 to 4096 [ 164.723310][ T6225] loop2: detected capacity change from 0 to 4096 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6225] close(3 [pid 6227] <... write resumed>) = 2097152 [pid 5085] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6225] <... close resumed>) = 0 [pid 6225] close(4) = 0 [pid 6225] mkdir("./file0", 0777 [pid 6227] munmap(0x7f1df2200000, 138412032 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./111/file0", [pid 6225] <... mkdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./111/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6227] <... munmap resumed>) = 0 [ 164.742705][ T6224] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6225] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6227] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] openat(AT_FDCWD, "./111/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6227] <... openat resumed>) = 4 [pid 5085] <... openat resumed>) = 4 [pid 6227] ioctl(4, LOOP_SET_FD, 3 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 6227] <... ioctl resumed>) = 0 [pid 5085] rmdir("./111/file0" [pid 5089] close(3 [pid 5085] <... rmdir resumed>) = 0 [pid 6227] close(3 [pid 5089] <... close resumed>) = 0 [pid 6227] <... close resumed>) = 0 [pid 6227] close(4 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6227] <... close resumed>) = 0 [pid 5085] close(3 [pid 6227] mkdir("./file0", 0777 [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./111" [pid 6227] <... mkdir resumed>) = 0 [pid 5085] <... rmdir resumed>) = 0 [ 164.793736][ T6225] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 164.817725][ T6227] loop1: detected capacity change from 0 to 4096 ./strace-static-x86_64: Process 6228 attached [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6228 [pid 5085] mkdir("./112", 0777 [pid 6228] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6227] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... mkdir resumed>) = 0 [pid 6228] chdir("./112" [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6228] <... chdir resumed>) = 0 [pid 6228] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] <... openat resumed>) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6228] <... prctl resumed>) = 0 [pid 6228] setpgid(0, 0) = 0 [pid 6228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6228] write(3, "1000", 4 [pid 6224] <... mount resumed>) = 0 [pid 6228] <... write resumed>) = 4 [pid 6224] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6228] close(3) = 0 [pid 6224] <... openat resumed>) = 3 [pid 6228] symlink("/dev/binderfs", "./binderfs" [pid 6224] chdir("./file0") = 0 [pid 6224] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6228] <... symlink resumed>) = 0 [pid 6224] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6228] write(1, "executing program\n", 18 [pid 6224] <... futex resumed>) = 1 [pid 6222] <... futex resumed>) = 0 [pid 6222] exit_group(0) = ? [ 164.847335][ T6224] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 164.860385][ T6227] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). executing program [pid 6228] <... write resumed>) = 18 [pid 6228] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6228] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6224] +++ exited with 0 +++ [pid 6222] +++ exited with 0 +++ [pid 6228] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6222, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 6228] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6228] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6225] <... mount resumed>) = 0 [pid 6228] <... mmap resumed>) = 0x7f1dfa693000 [pid 5088] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6228] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6225] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6228] <... mprotect resumed>) = 0 [pid 6225] <... openat resumed>) = 3 [pid 5088] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6228] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6225] chdir("./file0" [pid 5088] <... openat resumed>) = 3 [pid 6225] <... chdir resumed>) = 0 [pid 5088] newfstatat(3, "", [pid 6228] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6225] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6228] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6225] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] getdents64(3, ./strace-static-x86_64: Process 6229 attached 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6228] <... clone3 resumed> => {parent_tid=[6229]}, 88) = 6229 [pid 6225] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6229] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6228] rt_sigprocmask(SIG_SETMASK, [], [pid 6225] <... futex resumed>) = 1 [pid 6223] <... futex resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6229] <... rseq resumed>) = 0 [pid 6228] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6225] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6223] exit_group(0 [pid 5088] newfstatat(AT_FDCWD, "./112/binderfs", [pid 6229] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6228] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6225] <... futex resumed>) = ? [pid 6223] <... exit_group resumed>) = ? [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6225] +++ exited with 0 +++ [pid 6229] <... set_robust_list resumed>) = 0 [pid 6228] <... futex resumed>) = 0 [pid 5088] unlink("./112/binderfs") = 0 [pid 6229] rt_sigprocmask(SIG_SETMASK, [], [pid 6228] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6229] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 164.908245][ T6225] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6229] memfd_create("syzkaller", 0 [pid 6223] +++ exited with 0 +++ [pid 5088] <... umount2 resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5088] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6223, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 6229] <... memfd_create resumed>) = 3 [pid 6227] <... mount resumed>) = 0 [pid 5088] newfstatat(AT_FDCWD, "./112/file0", [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5085] close(3 [pid 6229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6227] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... restart_syscall resumed>) = 0 [pid 6227] <... openat resumed>) = 3 [pid 5088] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6227] chdir("./file0" [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 6230 attached [pid 6229] <... mmap resumed>) = 0x7f1df2200000 [pid 6227] <... chdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6230] set_robust_list(0x555580b0d6a0, 24 [pid 6227] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6230 [pid 6227] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] <... openat resumed>) = 4 [pid 5087] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6230] <... set_robust_list resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 6227] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] newfstatat(4, "", [pid 5087] newfstatat(3, "", [pid 6230] chdir("./112" [pid 6227] <... futex resumed>) = 1 [pid 6226] <... futex resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6230] <... chdir resumed>) = 0 [pid 6227] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6226] exit_group(0 [pid 5088] getdents64(4, [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6230] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6227] <... futex resumed>) = ? [pid 6226] <... exit_group resumed>) = ? [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6230] <... prctl resumed>) = 0 [pid 6227] +++ exited with 0 +++ [pid 5087] getdents64(3, [pid 6230] setpgid(0, 0 [pid 6226] +++ exited with 0 +++ [pid 5088] getdents64(4, [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6230] <... setpgid resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6226, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6230] <... openat resumed>) = 3 [pid 5088] close(4 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6230] write(3, "1000", 4 [pid 5088] <... close resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./112/binderfs", [pid 5088] rmdir("./112/file0" [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6230] <... write resumed>) = 4 [pid 5088] <... rmdir resumed>) = 0 [pid 6230] close(3 [pid 5087] unlink("./112/binderfs" [pid 6230] <... close resumed>) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5086] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6230] symlink("/dev/binderfs", "./binderfs" [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6230] <... symlink resumed>) = 0 [pid 6229] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] getdents64(3, [pid 5087] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... openat resumed>) = 3 [ 164.961133][ T6227] ntfs3: loop1: Failed to initialize $Extend/$ObjId. executing program [pid 6230] write(1, "executing program\n", 18 [pid 5086] newfstatat(3, "", [pid 6229] <... write resumed>) = 2097152 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 6230] <... write resumed>) = 18 [pid 5087] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] close(3 [pid 5086] getdents64(3, [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./112" [pid 6230] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6230] <... futex resumed>) = 0 [pid 5087] newfstatat(AT_FDCWD, "./112/file0", [pid 6230] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5086] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6230] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6229] munmap(0x7f1df2200000, 138412032 [pid 5088] <... rmdir resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6230] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] mkdir("./113", 0777 [pid 6230] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./112/binderfs", [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6230] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6229] <... munmap resumed>) = 0 [pid 5087] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6229] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] unlink("./112/binderfs" [pid 6230] <... mmap resumed>) = 0x7f1dfa693000 [pid 6229] <... openat resumed>) = 4 [pid 5088] <... openat resumed>) = 3 [pid 5087] <... openat resumed>) = 4 [pid 5086] <... unlink resumed>) = 0 [pid 6230] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6229] ioctl(4, LOOP_SET_FD, 3 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] newfstatat(4, "", [pid 5086] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6230] <... mprotect resumed>) = 0 [pid 6230] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6229] <... ioctl resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 6230] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6229] close(3 [pid 6230] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] getdents64(4, [pid 5086] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6229] <... close resumed>) = 0 [pid 6229] close(4) = 0 [pid 6229] mkdir("./file0", 0777) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6230] <... clone3 resumed> => {parent_tid=[6231]}, 88) = 6231 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6230] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] getdents64(4, [pid 5086] newfstatat(AT_FDCWD, "./112/file0", ./strace-static-x86_64: Process 6231 attached [pid 6229] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6231] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6230] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6231] <... rseq resumed>) = 0 [pid 6231] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6230] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] close(4 [pid 5086] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6231] rt_sigprocmask(SIG_SETMASK, [], [pid 6230] <... futex resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6231] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6231] memfd_create("syzkaller", 0 [pid 6230] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5086] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] rmdir("./112/file0" [pid 5086] <... openat resumed>) = 4 [pid 6231] <... memfd_create resumed>) = 3 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] newfstatat(4, "", [pid 6231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6231] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] getdents64(4, [pid 5087] getdents64(3, [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] getdents64(4, [pid 5087] close(3 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./112/file0" [pid 5087] <... close resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5087] rmdir("./112") = 0 [pid 5086] getdents64(3, [pid 5087] mkdir("./113", 0777 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5086] close(3) = 0 [ 165.068309][ T6229] loop4: detected capacity change from 0 to 4096 [ 165.088641][ T6229] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5086] rmdir("./112" [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... ioctl resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5088] close(3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] <... rmdir resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6232 attached [pid 5086] mkdir("./113", 0777 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6232 [pid 6229] <... mount resumed>) = 0 [pid 6232] set_robust_list(0x555580b0d6a0, 24 [pid 6231] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5086] <... mkdir resumed>) = 0 [pid 6232] <... set_robust_list resumed>) = 0 [pid 6229] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6232] chdir("./113" [pid 6229] <... openat resumed>) = 3 [pid 6232] <... chdir resumed>) = 0 [pid 6232] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6229] chdir("./file0" [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6232] <... prctl resumed>) = 0 [pid 6229] <... chdir resumed>) = 0 [pid 6229] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6229] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6229] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6231] <... write resumed>) = 2097152 [pid 6232] setpgid(0, 0 [pid 6228] <... futex resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 5087] close(3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 5087] <... close resumed>) = 0 [ 165.154290][ T6229] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6232] <... setpgid resumed>) = 0 [pid 6231] munmap(0x7f1df2200000, 138412032 [pid 6228] exit_group(0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6233 attached [pid 6232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6231] <... munmap resumed>) = 0 [pid 6229] <... futex resumed>) = ? [pid 6228] <... exit_group resumed>) = ? [pid 6233] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6233 [pid 6233] <... set_robust_list resumed>) = 0 [pid 6232] <... openat resumed>) = 3 [pid 6233] chdir("./113" [pid 6229] +++ exited with 0 +++ [pid 6228] +++ exited with 0 +++ [pid 6233] <... chdir resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6228, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6232] write(3, "1000", 4 [pid 6233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6233] setpgid(0, 0 [pid 6232] <... write resumed>) = 4 [pid 6231] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6233] <... setpgid resumed>) = 0 [pid 6232] close(3 [pid 6231] <... openat resumed>) = 4 [pid 5089] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6232] <... close resumed>) = 0 [pid 6232] symlink("/dev/binderfs", "./binderfs" [pid 6231] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... openat resumed>) = 3 [pid 6233] <... openat resumed>) = 3 [pid 6232] <... symlink resumed>) = 0 [pid 6233] write(3, "1000", 4) = 4 [pid 6233] close(3) = 0 [pid 5089] newfstatat(3, "", [pid 6233] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6233] <... symlink resumed>) = 0 [pid 5089] getdents64(3, [pid 6233] write(1, "executing program\n", 18 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6233] <... write resumed>) = 18 [pid 5089] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6233] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6233] <... futex resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./112/binderfs", executing program [pid 6233] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, executing program [pid 6232] write(1, "executing program\n", 18 [pid 6231] <... ioctl resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6232] <... write resumed>) = 18 [pid 6233] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6233] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6233] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6233] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6232] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6233] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6232] <... futex resumed>) = 0 [pid 6231] close(3 [pid 5089] unlink("./112/binderfs" [pid 6232] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6231] <... close resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 6232] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6231] close(4 [pid 5089] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6233] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6232] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6231] <... close resumed>) = 0 [pid 6233] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6234]}, 88) = 6234 ./strace-static-x86_64: Process 6234 attached [pid 6233] rt_sigprocmask(SIG_SETMASK, [], [pid 6234] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6233] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6232] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6231] mkdir("./file0", 0777 [pid 6234] <... rseq resumed>) = 0 [pid 6233] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6232] <... mmap resumed>) = 0x7f1dfa693000 [pid 6234] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6233] <... futex resumed>) = 0 [pid 6234] <... set_robust_list resumed>) = 0 [pid 6233] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6234] rt_sigprocmask(SIG_SETMASK, [], [pid 6231] <... mkdir resumed>) = 0 [pid 6232] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6234] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6234] memfd_create("syzkaller", 0 [pid 6232] <... mprotect resumed>) = 0 [pid 6231] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6232] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6234] <... memfd_create resumed>) = 3 [pid 6234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6232] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 6232] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 6235 attached [pid 5089] newfstatat(AT_FDCWD, "./112/file0", [pid 5086] close(3) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6235] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6232] <... clone3 resumed> => {parent_tid=[6235]}, 88) = 6235 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6235] <... rseq resumed>) = 0 [pid 6232] rt_sigprocmask(SIG_SETMASK, [], [pid 5089] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6232] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6235] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6232] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6235] <... set_robust_list resumed>) = 0 [pid 6232] <... futex resumed>) = 0 ./strace-static-x86_64: Process 6236 attached [pid 6235] rt_sigprocmask(SIG_SETMASK, [], [pid 6232] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] <... openat resumed>) = 4 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6236 [pid 6236] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6236] chdir("./113" [pid 6235] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] newfstatat(4, "", [pid 6236] <... chdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6236] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6236] setpgid(0, 0) = 0 [pid 6236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6235] memfd_create("syzkaller", 0 [pid 5089] getdents64(4, [pid 6236] <... openat resumed>) = 3 [pid 6236] write(3, "1000", 4 [pid 6235] <... memfd_create resumed>) = 3 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6236] <... write resumed>) = 4 [ 165.244664][ T6231] loop0: detected capacity change from 0 to 4096 [ 165.277980][ T6231] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5089] getdents64(4, [pid 6236] close(3 [pid 6235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6236] <... close resumed>) = 0 [pid 6235] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] close(4 [pid 6236] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./112/file0") = 0 [pid 5089] getdents64(3, [pid 6236] write(1, "executing program\n", 18executing program ) = 18 [pid 6236] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6236] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6236] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6236] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6236] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6236] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5089] close(3 [pid 6236] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./112" [pid 6236] <... clone3 resumed> => {parent_tid=[6237]}, 88) = 6237 [pid 6236] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 6237 attached NULL, 8) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 6237] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6236] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6237] <... rseq resumed>) = 0 [pid 6236] <... futex resumed>) = 0 [pid 5089] mkdir("./113", 0777 [pid 6237] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6236] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6234] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6237] <... set_robust_list resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 6237] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6237] memfd_create("syzkaller", 0) = 3 [pid 6237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6231] <... mount resumed>) = 0 [pid 6235] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6231] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6231] chdir("./file0") = 0 [pid 6231] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6237] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6231] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... ioctl resumed>) = 0 [pid 6231] <... futex resumed>) = 1 [pid 6231] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6230] <... futex resumed>) = 0 [pid 6230] exit_group(0 [pid 6231] <... futex resumed>) = ? [pid 6230] <... exit_group resumed>) = ? [pid 6231] +++ exited with 0 +++ [pid 6230] +++ exited with 0 +++ [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6230, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [ 165.391146][ T6231] ntfs3: loop0: Failed to initialize $Extend/$ObjId. ./strace-static-x86_64: Process 6238 attached [pid 6234] <... write resumed>) = 2097152 [pid 5085] umount2("./112", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6234] munmap(0x7f1df2200000, 138412032 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./112", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", [pid 6234] <... munmap resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6238 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, [pid 6238] set_robust_list(0x555580b0d6a0, 24 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6238] <... set_robust_list resumed>) = 0 [pid 5085] umount2("./112/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./112/binderfs", [pid 6238] chdir("./113" [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./112/binderfs") = 0 [pid 6238] <... chdir resumed>) = 0 [pid 5085] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6238] setpgid(0, 0) = 0 [pid 6238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6237] <... write resumed>) = 2097152 [pid 6234] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 executing program [pid 6238] <... openat resumed>) = 3 [pid 6237] munmap(0x7f1df2200000, 138412032 [pid 6234] ioctl(4, LOOP_SET_FD, 3 [pid 6238] write(3, "1000", 4) = 4 [pid 6238] close(3) = 0 [pid 6238] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 6238] write(1, "executing program\n", 18 [pid 5085] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6238] <... write resumed>) = 18 [pid 6235] <... write resumed>) = 2097152 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6238] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5085] newfstatat(AT_FDCWD, "./112/file0", [pid 6238] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6238] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5085] umount2("./112/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6238] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6238] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6235] munmap(0x7f1df2200000, 138412032 [pid 5085] openat(AT_FDCWD, "./112/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6238] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6237] <... munmap resumed>) = 0 [pid 6235] <... munmap resumed>) = 0 [pid 6234] <... ioctl resumed>) = 0 [pid 5085] <... openat resumed>) = 4 [pid 6238] <... mmap resumed>) = 0x7f1dfa693000 [pid 6238] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5085] newfstatat(4, "", [pid 6238] <... mprotect resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6238] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6234] close(3 [pid 6237] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6238] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6237] <... openat resumed>) = 4 [pid 6235] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6234] <... close resumed>) = 0 [pid 5085] getdents64(4, [pid 6238] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6237] ioctl(4, LOOP_SET_FD, 3 [pid 6235] <... openat resumed>) = 4 [pid 6234] close(4 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6239 attached [pid 6235] ioctl(4, LOOP_SET_FD, 3 [pid 6238] <... clone3 resumed> => {parent_tid=[6239]}, 88) = 6239 [pid 6234] <... close resumed>) = 0 [pid 5085] close(4 [pid 6239] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6234] mkdir("./file0", 0777 [pid 6239] <... rseq resumed>) = 0 [pid 6238] rt_sigprocmask(SIG_SETMASK, [], [pid 6237] <... ioctl resumed>) = 0 [pid 6235] <... ioctl resumed>) = 0 [pid 6234] <... mkdir resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 6239] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6238] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6237] close(3 [pid 6235] close(3 [pid 5085] rmdir("./112/file0" [pid 6239] <... set_robust_list resumed>) = 0 [pid 6238] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6237] <... close resumed>) = 0 [pid 6235] <... close resumed>) = 0 [pid 6239] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6238] <... futex resumed>) = 0 [pid 6237] close(4 [pid 6235] close(4 [pid 6234] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... rmdir resumed>) = 0 [pid 6239] memfd_create("syzkaller", 0 [pid 6238] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6237] <... close resumed>) = 0 [pid 6235] <... close resumed>) = 0 [pid 5085] getdents64(3, [pid 6239] <... memfd_create resumed>) = 3 [ 165.489459][ T6234] loop2: detected capacity change from 0 to 4096 [ 165.518532][ T6237] loop1: detected capacity change from 0 to 4096 [ 165.526904][ T6235] loop3: detected capacity change from 0 to 4096 [pid 6237] mkdir("./file0", 0777 [pid 6235] mkdir("./file0", 0777 [pid 6239] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6237] <... mkdir resumed>) = 0 [pid 6235] <... mkdir resumed>) = 0 [pid 5085] close(3 [pid 6235] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... close resumed>) = 0 [pid 6239] <... mmap resumed>) = 0x7f1df2200000 [pid 5085] rmdir("./112") = 0 [pid 5085] mkdir("./113", 0777) = 0 [pid 6237] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 165.541946][ T6234] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 165.558789][ T6235] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 165.582078][ T6237] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6239] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6239] munmap(0x7f1df2200000, 138412032 [pid 5085] <... ioctl resumed>) = 0 [pid 6239] <... munmap resumed>) = 0 [pid 6234] <... mount resumed>) = 0 [pid 6234] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] close(3 [pid 6234] <... openat resumed>) = 3 [pid 5085] <... close resumed>) = 0 [pid 6234] chdir("./file0" [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6234] <... chdir resumed>) = 0 [pid 6234] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6235] <... mount resumed>) = 0 [pid 6234] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6234] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6240 attached [pid 6235] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6234] <... futex resumed>) = 1 [pid 6233] <... futex resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6240 [pid 6240] set_robust_list(0x555580b0d6a0, 24 [pid 6234] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6233] exit_group(0 [pid 6240] <... set_robust_list resumed>) = 0 [pid 6235] <... openat resumed>) = 3 [pid 6234] <... futex resumed>) = ? [pid 6233] <... exit_group resumed>) = ? [pid 6234] +++ exited with 0 +++ [pid 6240] chdir("./113") = 0 [pid 6240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6240] setpgid(0, 0) = 0 [pid 6240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6235] chdir("./file0") = 0 [pid 6240] <... openat resumed>) = 3 [pid 6240] write(3, "1000", 4 [ 165.665854][ T6234] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 165.693842][ T6235] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 6235] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6240] <... write resumed>) = 4 executing program [pid 6235] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6240] close(3) = 0 [pid 6235] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6240] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6240] write(1, "executing program\n", 18) = 18 [pid 6240] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6240] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6240] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6240] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6240] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6233] +++ exited with 0 +++ [pid 6239] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6235] <... futex resumed>) = 1 [pid 6232] <... futex resumed>) = 0 [pid 6240] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6239] <... openat resumed>) = 4 [pid 6235] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6232] exit_group(0 [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6233, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 6239] ioctl(4, LOOP_SET_FD, 3 [pid 6232] <... exit_group resumed>) = ? [pid 6235] <... futex resumed>) = ? [pid 6240] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6240] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6241]}, 88) = 6241 [pid 6240] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 6241 attached NULL, 8) = 0 [pid 6240] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6240] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6241] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6241] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6241] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6241] memfd_create("syzkaller", 0 [pid 6235] +++ exited with 0 +++ [pid 6232] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6232, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5087] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6239] <... ioctl resumed>) = 0 [pid 5088] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6241] <... memfd_create resumed>) = 3 [pid 6241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] <... openat resumed>) = 3 [pid 5088] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6239] close(3 [pid 5087] newfstatat(3, "", [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6241] <... mmap resumed>) = 0x7f1df2200000 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6239] <... close resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] getdents64(3, [pid 5088] <... openat resumed>) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6239] close(4 [pid 5088] getdents64(3, [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6239] <... close resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6239] mkdir("./file0", 0777) = 0 [pid 5087] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6237] <... mount resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 165.717953][ T6237] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 165.733609][ T6239] loop4: detected capacity change from 0 to 4096 [pid 5087] newfstatat(AT_FDCWD, "./113/binderfs", [pid 5088] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6239] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6237] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] newfstatat(AT_FDCWD, "./113/binderfs", [pid 5087] unlink("./113/binderfs") = 0 [pid 6237] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6237] chdir("./file0" [pid 5088] unlink("./113/binderfs" [pid 6237] <... chdir resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5087] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6237] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6237] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6237] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6236] <... futex resumed>) = 0 [pid 6237] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6236] exit_group(0 [pid 6237] <... futex resumed>) = ? [pid 6236] <... exit_group resumed>) = ? [pid 6237] +++ exited with 0 +++ [pid 6236] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6236, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5086] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5086] unlink("./113/binderfs") = 0 [pid 5086] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW [ 165.761907][ T6239] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 5086] newfstatat(AT_FDCWD, "./113/file0", [pid 6241] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] newfstatat(AT_FDCWD, "./113/file0", [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] getdents64(4, [pid 5088] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(4, "", [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] close(4 [pid 5088] <... openat resumed>) = 4 [pid 5086] <... close resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] rmdir("./113/file0" [pid 5088] newfstatat(4, "", [pid 5087] getdents64(4, [pid 5086] <... rmdir resumed>) = 0 [pid 6239] <... mount resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(3, [pid 6239] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] getdents64(4, [pid 5087] getdents64(4, [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(3 [pid 6239] <... openat resumed>) = 3 [pid 5088] getdents64(4, [pid 5087] close(4 [pid 5086] <... close resumed>) = 0 [pid 6239] chdir("./file0" [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... close resumed>) = 0 [pid 5086] rmdir("./113" [pid 6239] <... chdir resumed>) = 0 [pid 5088] close(4 [pid 5087] rmdir("./113/file0" [pid 5086] <... rmdir resumed>) = 0 [pid 6239] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] mkdir("./114", 0777 [pid 5087] <... rmdir resumed>) = 0 [pid 6239] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] getdents64(3, [pid 5086] <... mkdir resumed>) = 0 [pid 6239] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... close resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6239] <... futex resumed>) = 1 [pid 6238] <... futex resumed>) = 0 [pid 5087] close(3 [pid 6239] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6238] exit_group(0 [pid 5088] rmdir("./113/file0" [pid 5087] <... close resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6239] <... futex resumed>) = ? [pid 6238] <... exit_group resumed>) = ? [pid 5086] <... openat resumed>) = 3 [pid 5088] <... rmdir resumed>) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6239] +++ exited with 0 +++ [pid 6238] +++ exited with 0 +++ [pid 5088] getdents64(3, [pid 5087] rmdir("./113" [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6238, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5088] close(3 [pid 5087] <... rmdir resumed>) = 0 [pid 5089] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... close resumed>) = 0 [pid 5087] mkdir("./114", 0777 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] rmdir("./113" [pid 5089] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", [pid 5087] <... mkdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6241] <... write resumed>) = 2097152 [pid 5089] getdents64(3, [pid 5088] <... rmdir resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] mkdir("./114", 0777 [pid 5089] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./113/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 5089] unlink("./113/binderfs" [pid 6241] munmap(0x7f1df2200000, 138412032 [pid 5089] <... unlink resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] <... openat resumed>) = 3 [pid 5089] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... openat resumed>) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5089] <... umount2 resumed>) = 0 [ 165.820293][ T6239] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6241] <... munmap resumed>) = 0 [pid 5089] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6241] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6241] <... openat resumed>) = 4 [pid 6241] ioctl(4, LOOP_SET_FD, 3 [pid 5089] newfstatat(AT_FDCWD, "./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./113/file0") = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./113") = 0 [pid 5089] mkdir("./114", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6241] <... ioctl resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5088] close(3) = 0 [pid 5087] close(3 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... close resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6241] close(3) = 0 ./strace-static-x86_64: Process 6243 attached [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6242 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6243 ./strace-static-x86_64: Process 6242 attached [ 165.895725][ T6241] loop0: detected capacity change from 0 to 4096 [pid 6241] close(4 [pid 6243] set_robust_list(0x555580b0d6a0, 24 [pid 6242] set_robust_list(0x555580b0d6a0, 24 [pid 6241] <... close resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 6243] <... set_robust_list resumed>) = 0 [pid 6242] <... set_robust_list resumed>) = 0 [pid 6241] mkdir("./file0", 0777 [pid 6242] chdir("./114" [pid 6241] <... mkdir resumed>) = 0 [pid 6243] chdir("./114" [pid 6242] <... chdir resumed>) = 0 [pid 5086] close(3) = 0 [pid 6242] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6241] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6243] <... chdir resumed>) = 0 [pid 6242] <... prctl resumed>) = 0 [pid 6243] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 6244 attached [pid 6243] setpgid(0, 0 [pid 6242] setpgid(0, 0) = 0 [pid 6242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6244] set_robust_list(0x555580b0d6a0, 24 [pid 6243] <... setpgid resumed>) = 0 [pid 6242] <... openat resumed>) = 3 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6244 [pid 6244] <... set_robust_list resumed>) = 0 [pid 6243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6244] chdir("./114" [pid 6242] write(3, "1000", 4 [pid 6244] <... chdir resumed>) = 0 [pid 6244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6243] <... openat resumed>) = 3 [pid 6242] <... write resumed>) = 4 [pid 6244] setpgid(0, 0 [pid 6242] close(3 [pid 6244] <... setpgid resumed>) = 0 [pid 6243] write(3, "1000", 4 [pid 6242] <... close resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 6242] symlink("/dev/binderfs", "./binderfs" [pid 6244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6243] <... write resumed>) = 4 [pid 6242] <... symlink resumed>) = 0 [pid 6244] <... openat resumed>) = 3 [pid 6243] close(3executing program ) = 0 [pid 6242] write(1, "executing program\n", 18) = 18 [pid 6244] write(3, "1000", 4 [pid 6243] symlink("/dev/binderfs", "./binderfs" [pid 6242] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] close(3 [pid 6244] <... write resumed>) = 4 [pid 6243] <... symlink resumed>) = 0 [pid 6242] <... futex resumed>) = 0 executing program [pid 5089] <... close resumed>) = 0 [pid 6244] close(3 [pid 6243] write(1, "executing program\n", 18 [pid 6242] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6243] <... write resumed>) = 18 [pid 6242] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6242] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6243] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6242] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6244] <... close resumed>) = 0 [pid 6243] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6242] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6244] symlink("/dev/binderfs", "./binderfs" [pid 6243] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6242] <... mmap resumed>) = 0x7f1dfa693000 [pid 6243] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6242] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6244] <... symlink resumed>) = 0 [pid 6243] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6242] <... mprotect resumed>) = 0 [pid 6243] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6242] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6243] <... mmap resumed>) = 0x7f1dfa693000 [ 165.982371][ T6241] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). executing program [pid 6243] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE./strace-static-x86_64: Process 6245 attached [pid 6244] write(1, "executing program\n", 18 [pid 6243] <... mprotect resumed>) = 0 [pid 6245] set_robust_list(0x555580b0d6a0, 24 [pid 6244] <... write resumed>) = 18 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6245 [pid 6245] <... set_robust_list resumed>) = 0 [pid 6244] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6243] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6244] <... futex resumed>) = 0 [pid 6245] chdir("./114" [pid 6244] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6243] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6245] <... chdir resumed>) = 0 [pid 6244] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6243] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6244] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6245] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6244] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6244] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6245] <... prctl resumed>) = 0 [pid 6244] <... mmap resumed>) = 0x7f1dfa693000 [pid 6242] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6245] setpgid(0, 0 [pid 6244] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6243] <... clone3 resumed> => {parent_tid=[6246]}, 88) = 6246 [pid 6245] <... setpgid resumed>) = 0 [pid 6244] <... mprotect resumed>) = 0 [pid 6243] rt_sigprocmask(SIG_SETMASK, [], [pid 6242] <... clone3 resumed> => {parent_tid=[6247]}, 88) = 6247 ./strace-static-x86_64: Process 6247 attached [pid 6243] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6242] rt_sigprocmask(SIG_SETMASK, [], [pid 6245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6243] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6246 attached [pid 6247] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6244] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6243] <... futex resumed>) = 0 [pid 6242] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6247] <... rseq resumed>) = 0 [pid 6246] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6245] <... openat resumed>) = 3 [pid 6243] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6242] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6247] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6246] <... rseq resumed>) = 0 [pid 6244] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6242] <... futex resumed>) = 0 [pid 6247] <... set_robust_list resumed>) = 0 [pid 6246] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6245] write(3, "1000", 4 [pid 6244] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6242] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6247] rt_sigprocmask(SIG_SETMASK, [], [pid 6246] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 6248 attached [pid 6247] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6246] rt_sigprocmask(SIG_SETMASK, [], [pid 6245] <... write resumed>) = 4 [pid 6248] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6247] memfd_create("syzkaller", 0 [pid 6246] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6248] <... rseq resumed>) = 0 [pid 6246] memfd_create("syzkaller", 0 [pid 6245] close(3 [pid 6244] <... clone3 resumed> => {parent_tid=[6248]}, 88) = 6248 [pid 6247] <... memfd_create resumed>) = 3 [pid 6246] <... memfd_create resumed>) = 3 [pid 6247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6245] <... close resumed>) = 0 [pid 6244] rt_sigprocmask(SIG_SETMASK, [], [pid 6248] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6247] <... mmap resumed>) = 0x7f1df2200000 [pid 6246] <... mmap resumed>) = 0x7f1df2200000 [pid 6245] symlink("/dev/binderfs", "./binderfs" [pid 6244] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6248] rt_sigprocmask(SIG_SETMASK, [], [pid 6245] <... symlink resumed>) = 0 [pid 6248] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6244] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6245] write(1, "executing program\n", 18executing program [pid 6248] memfd_create("syzkaller", 0 [pid 6245] <... write resumed>) = 18 [pid 6244] <... futex resumed>) = 0 [pid 6241] <... mount resumed>) = 0 [pid 6245] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6244] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6241] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6245] <... futex resumed>) = 0 [pid 6245] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6241] <... openat resumed>) = 3 [pid 6248] <... memfd_create resumed>) = 3 [pid 6245] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6241] chdir("./file0" [pid 6248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6245] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6241] <... chdir resumed>) = 0 [pid 6245] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6241] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6245] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6248] <... mmap resumed>) = 0x7f1df2200000 [pid 6247] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6245] <... mmap resumed>) = 0x7f1dfa693000 [pid 6241] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6245] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [ 166.071936][ T6241] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6241] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6247] <... write resumed>) = 2097152 [pid 6245] <... mprotect resumed>) = 0 [pid 6241] <... futex resumed>) = 1 [pid 6240] <... futex resumed>) = 0 [pid 6247] munmap(0x7f1df2200000, 138412032 [pid 6245] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6241] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6247] <... munmap resumed>) = 0 [pid 6245] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6240] exit_group(0 [pid 6241] <... futex resumed>) = ? [pid 6240] <... exit_group resumed>) = ? [pid 6245] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6249]}, 88) = 6249 [pid 6245] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 6249 attached [pid 6245] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6241] +++ exited with 0 +++ [pid 6240] +++ exited with 0 +++ [pid 6245] <... futex resumed>) = 0 [pid 6249] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6240, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 6245] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6249] <... rseq resumed>) = 0 [pid 6249] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6247] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6249] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] umount2("./113", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6249] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6247] <... openat resumed>) = 4 [pid 6247] ioctl(4, LOOP_SET_FD, 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6249] memfd_create("syzkaller", 0 [pid 6248] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6247] <... ioctl resumed>) = 0 [pid 6246] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5085] openat(AT_FDCWD, "./113", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6247] close(3 [pid 6249] <... memfd_create resumed>) = 3 [pid 5085] <... openat resumed>) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, [pid 6247] <... close resumed>) = 0 [pid 6249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6247] close(4 [pid 5085] umount2("./113/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./113/binderfs", [pid 6249] <... mmap resumed>) = 0x7f1df2200000 [pid 6247] <... close resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6247] mkdir("./file0", 0777) = 0 [pid 5085] unlink("./113/binderfs" [pid 6247] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... unlink resumed>) = 0 [ 166.161965][ T6247] loop3: detected capacity change from 0 to 4096 [pid 5085] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6248] <... write resumed>) = 2097152 [pid 6246] <... write resumed>) = 2097152 [pid 5085] <... umount2 resumed>) = 0 [pid 6246] munmap(0x7f1df2200000, 138412032 [pid 5085] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./113/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./113/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6248] munmap(0x7f1df2200000, 138412032 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6246] <... munmap resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./113/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6246] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6249] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6246] <... openat resumed>) = 4 [ 166.202840][ T6247] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5085] <... openat resumed>) = 4 [pid 6246] ioctl(4, LOOP_SET_FD, 3 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, [pid 6246] <... ioctl resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6246] close(3 [pid 5085] close(4 [pid 6248] <... munmap resumed>) = 0 [pid 6246] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 6248] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6248] ioctl(4, LOOP_SET_FD, 3 [pid 6246] close(4 [pid 5085] rmdir("./113/file0" [pid 6248] <... ioctl resumed>) = 0 [pid 6246] <... close resumed>) = 0 [pid 6248] close(3) = 0 [pid 6246] mkdir("./file0", 0777 [pid 5085] <... rmdir resumed>) = 0 [pid 6248] close(4) = 0 [pid 6248] mkdir("./file0", 0777) = 0 [pid 6246] <... mkdir resumed>) = 0 [pid 5085] getdents64(3, [pid 6248] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [ 166.250486][ T6246] loop2: detected capacity change from 0 to 4096 [ 166.276342][ T6247] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 166.278932][ T6248] loop1: detected capacity change from 0 to 4096 [pid 6246] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6247] <... mount resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3 [pid 6249] <... write resumed>) = 2097152 [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./113") = 0 [pid 6249] munmap(0x7f1df2200000, 138412032 [pid 6247] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] mkdir("./114", 0777) = 0 [pid 6247] <... openat resumed>) = 3 [pid 6247] chdir("./file0" [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6247] <... chdir resumed>) = 0 [pid 6247] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... openat resumed>) = 3 [pid 6249] <... munmap resumed>) = 0 [pid 6247] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6247] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6249] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6247] <... futex resumed>) = 1 [pid 6242] <... futex resumed>) = 0 [pid 6247] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6242] exit_group(0 [pid 6247] <... futex resumed>) = ? [pid 6242] <... exit_group resumed>) = ? [pid 6247] +++ exited with 0 +++ [pid 6242] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6242, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5088] restart_syscall(<... resuming interrupted clone ...> [pid 6249] <... openat resumed>) = 4 [ 166.299323][ T6248] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 166.313715][ T6246] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5088] <... restart_syscall resumed>) = 0 [pid 6249] ioctl(4, LOOP_SET_FD, 3 [pid 5088] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./114/binderfs" [pid 6249] <... ioctl resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 5088] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6249] close(3) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 6249] close(4) = 0 [pid 5088] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6249] mkdir("./file0", 0777 [pid 5088] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 166.361390][ T6249] loop4: detected capacity change from 0 to 4096 [ 166.377701][ T6248] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6249] <... mkdir resumed>) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./114/file0") = 0 [pid 6248] <... mount resumed>) = 0 [pid 5088] getdents64(3, [pid 6248] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6248] <... openat resumed>) = 3 [pid 5088] close(3 [pid 6249] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... close resumed>) = 0 [pid 5088] rmdir("./114") = 0 [pid 6248] chdir("./file0") = 0 [pid 6248] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] mkdir("./115", 0777 [pid 6248] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6248] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... mkdir resumed>) = 0 [pid 6248] <... futex resumed>) = 1 [pid 6244] <... futex resumed>) = 0 [pid 6244] exit_group(0 [pid 6246] <... mount resumed>) = 0 [pid 6246] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6244] <... exit_group resumed>) = ? [pid 6248] +++ exited with 0 +++ [pid 6246] <... openat resumed>) = 3 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6246] chdir("./file0" [pid 6244] +++ exited with 0 +++ [pid 5088] <... openat resumed>) = 3 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6244, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6246] <... chdir resumed>) = 0 [pid 5086] restart_syscall(<... resuming interrupted clone ...> [pid 6246] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5086] <... restart_syscall resumed>) = 0 [pid 6246] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5086] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6246] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... ioctl resumed>) = 0 [pid 6243] <... futex resumed>) = 0 [pid 5086] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] close(3 [ 166.404721][ T6246] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 166.416119][ T6249] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 6243] exit_group(0) = ? [pid 6246] <... futex resumed>) = ? [pid 5086] <... openat resumed>) = 3 [pid 6246] +++ exited with 0 +++ [pid 6243] +++ exited with 0 +++ [pid 5086] newfstatat(3, "", [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6243, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] <... close resumed>) = 0 [pid 5086] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./114/binderfs", [pid 5087] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] unlink("./114/binderfs" [pid 5087] newfstatat(3, "", [pid 5086] <... unlink resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./114/binderfs", [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6250 ./strace-static-x86_64: Process 6250 attached [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6250] set_robust_list(0x555580b0d6a0, 24 [pid 5087] unlink("./114/binderfs"executing program [pid 6250] <... set_robust_list resumed>) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 6250] chdir("./114" [pid 5087] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6250] <... chdir resumed>) = 0 [pid 6250] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6250] setpgid(0, 0) = 0 [pid 6250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6250] write(3, "1000", 4) = 4 [pid 6250] close(3) = 0 [pid 6250] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6250] write(1, "executing program\n", 18) = 18 [pid 6250] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6250] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6250] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6250] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6250] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 6250] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] <... ioctl resumed>) = 0 [pid 5086] <... umount2 resumed>) = 0 [pid 6250] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6250] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5087] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./114/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] close(3 [pid 5087] <... openat resumed>) = 4 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6250] <... clone3 resumed> => {parent_tid=[6251]}, 88) = 6251 [pid 5087] newfstatat(4, "", [pid 6250] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] newfstatat(AT_FDCWD, "./114/file0", ./strace-static-x86_64: Process 6251 attached [pid 6250] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] getdents64(4, [pid 6251] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6250] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6250] <... futex resumed>) = 0 [pid 5087] getdents64(4, [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6250] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] close(4 [pid 6251] <... rseq resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6251] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5087] rmdir("./114/file0" [pid 6251] <... set_robust_list resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 6251] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] getdents64(3, [pid 6251] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... close resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6251] memfd_create("syzkaller", 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] close(3) = 0 [pid 6251] <... memfd_create resumed>) = 3 [pid 5087] rmdir("./114") = 0 [pid 6251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5087] mkdir("./115", 0777 [pid 5086] <... openat resumed>) = 4 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6252 [pid 5086] newfstatat(4, "", ./strace-static-x86_64: Process 6252 attached [pid 5087] <... mkdir resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6252] set_robust_list(0x555580b0d6a0, 24 [pid 5086] getdents64(4, [pid 6252] <... set_robust_list resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6252] chdir("./115" [pid 5087] <... openat resumed>) = 3 [pid 5086] getdents64(4, [pid 6252] <... chdir resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6252] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6252] <... prctl resumed>) = 0 [pid 5086] close(4 [pid 6252] setpgid(0, 0) = 0 [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./114/file0" [pid 6252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] <... rmdir resumed>) = 0 [pid 6252] write(3, "1000", 4) = 4 [pid 6252] close(3) = 0 [pid 5086] getdents64(3, [pid 6252] symlink("/dev/binderfs", "./binderfs" [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3executing program ) = 0 [pid 5086] rmdir("./114" [pid 6252] <... symlink resumed>) = 0 [pid 6252] write(1, "executing program\n", 18 [pid 5086] <... rmdir resumed>) = 0 [pid 6252] <... write resumed>) = 18 [pid 6252] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] mkdir("./115", 0777 [pid 6252] <... futex resumed>) = 0 [pid 6252] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6249] <... mount resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6252] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6252] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6252] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6249] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5086] <... openat resumed>) = 3 [pid 6252] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6249] <... openat resumed>) = 3 [pid 6252] <... mprotect resumed>) = 0 [pid 6252] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6249] chdir("./file0") = 0 [pid 6252] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6249] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6252] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6249] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6252] <... clone3 resumed> => {parent_tid=[6253]}, 88) = 6253 [pid 6249] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6252] rt_sigprocmask(SIG_SETMASK, [], [pid 6249] <... futex resumed>) = 1 [pid 6245] <... futex resumed>) = 0 ./strace-static-x86_64: Process 6253 attached [pid 6252] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6249] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6245] exit_group(0 [pid 6253] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6252] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6249] <... futex resumed>) = ? [pid 6245] <... exit_group resumed>) = ? [pid 6253] <... rseq resumed>) = 0 [pid 6252] <... futex resumed>) = 0 [pid 6249] +++ exited with 0 +++ [pid 6252] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6253] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6253] rt_sigprocmask(SIG_SETMASK, [], [pid 6251] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6245] +++ exited with 0 +++ [pid 6253] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6245, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [ 166.546955][ T6249] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6253] memfd_create("syzkaller", 0 [pid 5089] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6253] <... memfd_create resumed>) = 3 [pid 6253] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] newfstatat(3, "", [pid 6253] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./114/binderfs") = 0 [pid 5089] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... ioctl resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6254 attached [pid 6253] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... umount2 resumed>) = 0 [pid 5086] <... ioctl resumed>) = 0 [pid 6254] set_robust_list(0x555580b0d6a0, 24 [pid 5089] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6254 [pid 6251] <... write resumed>) = 2097152 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] close(3 [pid 5089] newfstatat(AT_FDCWD, "./114/file0", [pid 5086] <... close resumed>) = 0 [pid 6254] <... set_robust_list resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6254] chdir("./115" [pid 6251] munmap(0x7f1df2200000, 138412032 [pid 5089] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6254] <... chdir resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6254] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6254] <... prctl resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6255 [pid 6254] setpgid(0, 0 [pid 5089] newfstatat(4, "", [pid 6254] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 6255 attached [pid 6254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, [pid 6255] set_robust_list(0x555580b0d6a0, 24 [pid 6254] <... openat resumed>) = 3 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6255] <... set_robust_list resumed>) = 0 [pid 5089] getdents64(4, [pid 6255] chdir("./115" [pid 6254] write(3, "1000", 4 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6255] <... chdir resumed>) = 0 [pid 6254] <... write resumed>) = 4 [pid 5089] close(4 [pid 6255] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... close resumed>) = 0 [pid 6255] <... prctl resumed>) = 0 [pid 6254] close(3 [pid 5089] rmdir("./114/file0" [pid 6251] <... munmap resumed>) = 0 [pid 6255] setpgid(0, 0 [pid 6254] <... close resumed>) = 0 [pid 6251] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... rmdir resumed>) = 0 [pid 6255] <... setpgid resumed>) = 0 [pid 6255] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6254] symlink("/dev/binderfs", "./binderfs" [pid 5089] getdents64(3, [pid 6255] <... openat resumed>) = 3 [pid 6254] <... symlink resumed>) = 0 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 6255] write(3, "1000", 4) = 4 [pid 6254] write(1, "executing program\n", 18executing program [pid 5089] <... close resumed>) = 0 [pid 6255] close(3 [pid 6254] <... write resumed>) = 18 [pid 6251] <... openat resumed>) = 4 [pid 6255] <... close resumed>) = 0 [pid 6254] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] rmdir("./114" [pid 6255] symlink("/dev/binderfs", "./binderfs" [pid 6251] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... rmdir resumed>) = 0 [pid 6254] <... futex resumed>) = 0 [pid 5089] mkdir("./115", 0777) = 0 [pid 6254] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6254] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] <... openat resumed>) = 3 [pid 6254] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6254] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6254] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6255] <... symlink resumed>) = 0 [pid 6254] <... mprotect resumed>) = 0 [pid 6254] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6254] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}executing program [pid 6255] write(1, "executing program\n", 18./strace-static-x86_64: Process 6256 attached ) = 18 [pid 6256] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6255] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6254] <... clone3 resumed> => {parent_tid=[6256]}, 88) = 6256 [pid 6256] <... rseq resumed>) = 0 [pid 6255] <... futex resumed>) = 0 [pid 6254] rt_sigprocmask(SIG_SETMASK, [], [pid 6256] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6254] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6256] <... set_robust_list resumed>) = 0 [pid 6254] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6256] rt_sigprocmask(SIG_SETMASK, [], [pid 6255] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6254] <... futex resumed>) = 0 [pid 6256] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6255] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6254] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6253] <... write resumed>) = 2097152 [pid 6251] <... ioctl resumed>) = 0 [pid 6255] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6255] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6256] memfd_create("syzkaller", 0 [pid 6255] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6253] munmap(0x7f1df2200000, 138412032 [pid 6251] close(3 [pid 6256] <... memfd_create resumed>) = 3 [pid 6255] <... mprotect resumed>) = 0 [pid 6251] <... close resumed>) = 0 [pid 6255] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6255] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6251] close(4 [pid 6253] <... munmap resumed>) = 0 [pid 6251] <... close resumed>) = 0 [pid 6255] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6257]}, 88) = 6257 [pid 6255] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6255] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6255] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 6257 attached [pid 6257] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6257] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6257] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6253] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6251] mkdir("./file0", 0777 [pid 6257] memfd_create("syzkaller", 0 [pid 6253] <... openat resumed>) = 4 [pid 6251] <... mkdir resumed>) = 0 [ 166.714643][ T6251] loop0: detected capacity change from 0 to 4096 [pid 6253] ioctl(4, LOOP_SET_FD, 3 [pid 6257] <... memfd_create resumed>) = 3 [pid 6257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6251] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6253] <... ioctl resumed>) = 0 [pid 6253] close(3) = 0 [pid 6253] close(4) = 0 [pid 6253] mkdir("./file0", 0777 [pid 5089] <... ioctl resumed>) = 0 [pid 6253] <... mkdir resumed>) = 0 [pid 5089] close(3 [pid 6253] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... close resumed>) = 0 [ 166.762717][ T6253] loop3: detected capacity change from 0 to 4096 [ 166.781321][ T6251] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6258 attached [pid 6257] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6258] set_robust_list(0x555580b0d6a0, 24 [pid 6256] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6258 [pid 6258] <... set_robust_list resumed>) = 0 [pid 6258] chdir("./115") = 0 [ 166.820423][ T6253] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6258] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6258] setpgid(0, 0) = 0 [pid 6257] <... write resumed>) = 2097152 [pid 6258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6257] munmap(0x7f1df2200000, 138412032 [pid 6256] <... write resumed>) = 2097152 [pid 6251] <... mount resumed>) = 0 [pid 6258] <... openat resumed>) = 3 [pid 6257] <... munmap resumed>) = 0 [pid 6256] munmap(0x7f1df2200000, 138412032 [pid 6251] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6258] write(3, "1000", 4) = 4 [pid 6258] close(3) = 0 [pid 6258] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6256] <... munmap resumed>) = 0 [pid 6251] <... openat resumed>) = 3 [pid 6258] write(1, "executing program\n", 18 executing program [pid 6257] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6258] <... write resumed>) = 18 [pid 6258] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6258] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6258] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6258] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6257] <... openat resumed>) = 4 [pid 6251] chdir("./file0" [pid 6258] <... mmap resumed>) = 0x7f1dfa693000 [pid 6258] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6257] ioctl(4, LOOP_SET_FD, 3 [pid 6251] <... chdir resumed>) = 0 [pid 6258] <... mprotect resumed>) = 0 [pid 6258] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6258] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6259 attached [pid 6256] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6259] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6258] <... clone3 resumed> => {parent_tid=[6259]}, 88) = 6259 [pid 6256] <... openat resumed>) = 4 [pid 6259] <... rseq resumed>) = 0 [pid 6258] rt_sigprocmask(SIG_SETMASK, [], [pid 6259] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6258] <... rt_sigprocmask resumed>NULL, 8) = 0 [ 166.893780][ T6251] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 166.919769][ T6253] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 166.936384][ T6257] loop1: detected capacity change from 0 to 4096 [pid 6256] ioctl(4, LOOP_SET_FD, 3 [pid 6259] <... set_robust_list resumed>) = 0 [pid 6258] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6256] <... ioctl resumed>) = 0 [pid 6251] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6259] rt_sigprocmask(SIG_SETMASK, [], [pid 6258] <... futex resumed>) = 0 [pid 6256] close(3 [pid 6251] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6259] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6258] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6256] <... close resumed>) = 0 [pid 6251] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6259] memfd_create("syzkaller", 0 [pid 6256] close(4 [pid 6251] <... futex resumed>) = 1 [pid 6250] <... futex resumed>) = 0 [pid 6257] <... ioctl resumed>) = 0 [pid 6256] <... close resumed>) = 0 [pid 6253] <... mount resumed>) = 0 [pid 6251] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6250] exit_group(0 [pid 6259] <... memfd_create resumed>) = 3 [pid 6257] close(3 [pid 6256] mkdir("./file0", 0777 [pid 6253] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6257] <... close resumed>) = 0 [pid 6256] <... mkdir resumed>) = 0 [pid 6253] <... openat resumed>) = 3 [pid 6251] <... futex resumed>) = ? [pid 6250] <... exit_group resumed>) = ? [pid 6259] <... mmap resumed>) = 0x7f1df2200000 [pid 6257] close(4 [pid 6256] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6253] chdir("./file0" [pid 6251] +++ exited with 0 +++ [pid 6250] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6250, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6257] <... close resumed>) = 0 [pid 6253] <... chdir resumed>) = 0 [pid 5085] restart_syscall(<... resuming interrupted clone ...> [pid 6257] mkdir("./file0", 0777 [pid 6253] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5085] <... restart_syscall resumed>) = 0 [pid 6257] <... mkdir resumed>) = 0 [pid 6257] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6253] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 166.941949][ T6256] loop2: detected capacity change from 0 to 4096 [ 166.978722][ T6256] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 5085] umount2("./114", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6253] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./114", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./114/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./114/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./114/binderfs") = 0 [pid 5085] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6253] <... futex resumed>) = 1 [pid 6253] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6252] <... futex resumed>) = 0 [pid 6252] exit_group(0 [pid 5085] <... umount2 resumed>) = 0 [pid 6253] <... futex resumed>) = ? [pid 6252] <... exit_group resumed>) = ? [pid 6253] +++ exited with 0 +++ [pid 6252] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6252, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5085] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./114/file0", [pid 5088] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 166.989008][ T6257] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5088] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] umount2("./114/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] newfstatat(3, "", [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6259] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] openat(AT_FDCWD, "./114/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] getdents64(3, [pid 5085] <... openat resumed>) = 4 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] newfstatat(4, "", [pid 5088] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] getdents64(4, [pid 5088] newfstatat(AT_FDCWD, "./115/binderfs", [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] getdents64(4, [pid 5088] unlink("./115/binderfs" [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4 [pid 5088] <... unlink resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5088] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] rmdir("./114/file0") = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5085] getdents64(3, [pid 5088] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./115/file0", [pid 5085] close(3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... close resumed>) = 0 [pid 5088] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] rmdir("./114" [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... rmdir resumed>) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] mkdir("./115", 0777) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5088] getdents64(4, [pid 6256] <... mount resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6257] <... mount resumed>) = 0 [pid 5088] getdents64(4, [pid 6256] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6256] chdir("./file0") = 0 [pid 6257] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6256] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] close(4 [pid 6259] <... write resumed>) = 2097152 [pid 6257] <... openat resumed>) = 3 [pid 6256] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] <... close resumed>) = 0 [pid 6259] munmap(0x7f1df2200000, 138412032 [pid 6257] chdir("./file0" [pid 6256] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] rmdir("./115/file0" [pid 6257] <... chdir resumed>) = 0 [pid 6256] <... futex resumed>) = 1 [pid 6254] <... futex resumed>) = 0 [pid 5088] <... rmdir resumed>) = 0 [pid 6257] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6254] exit_group(0 [pid 5088] getdents64(3, [pid 6257] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6254] <... exit_group resumed>) = ? [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6257] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] close(3 [pid 6257] <... futex resumed>) = 1 [pid 6255] <... futex resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 6257] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6255] exit_group(0 [pid 5088] rmdir("./115" [pid 6257] <... futex resumed>) = ? [pid 6255] <... exit_group resumed>) = ? [pid 5088] <... rmdir resumed>) = 0 [pid 6257] +++ exited with 0 +++ [pid 6255] +++ exited with 0 +++ [pid 5088] mkdir("./116", 0777) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 6256] +++ exited with 0 +++ [pid 6254] +++ exited with 0 +++ [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6254, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6255, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 6259] <... munmap resumed>) = 0 [pid 6259] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 167.070936][ T6256] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 167.081763][ T6257] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5087] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6259] ioctl(4, LOOP_SET_FD, 3 [pid 5086] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6259] <... ioctl resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] <... openat resumed>) = 3 [pid 6259] close(3 [pid 5087] newfstatat(3, "", [pid 5086] newfstatat(3, "", [pid 5085] <... ioctl resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6259] <... close resumed>) = 0 [pid 5086] getdents64(3, [pid 5087] getdents64(3, [pid 5085] close(3) = 0 [pid 6259] close(4) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6259] mkdir("./file0", 0777./strace-static-x86_64: Process 6260 attached ) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6260] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 5087] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6259] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6260] chdir("./115" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./115/binderfs", [pid 5087] newfstatat(AT_FDCWD, "./115/binderfs", [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 167.130977][ T6259] loop4: detected capacity change from 0 to 4096 [pid 6260] <... chdir resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./115/binderfs" [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6260 [pid 6260] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] unlink("./115/binderfs" [pid 5086] <... unlink resumed>) = 0 [pid 6260] <... prctl resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5087] <... unlink resumed>) = 0 [pid 5086] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6260] setpgid(0, 0 [pid 5087] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6260] <... setpgid resumed>) = 0 [pid 6260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5088] close(3 [pid 6260] write(3, "1000", 4 [pid 5088] <... close resumed>) = 0 [pid 6260] <... write resumed>) = 4 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6260] close(3./strace-static-x86_64: Process 6261 attached ) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6261 [pid 5086] <... umount2 resumed>) = 0 [pid 6261] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... umount2 resumed>) = 0 [pid 6261] <... set_robust_list resumed>) = 0 [pid 6260] symlink("/dev/binderfs", "./binderfs" [pid 6261] chdir("./116" [pid 6260] <... symlink resumed>) = 0 [pid 6261] <... chdir resumed>) = 0 [pid 6261] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6261] setpgid(0, 0) = 0 [pid 6261] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6260] write(1, "executing program\n", 18executing program [pid 6261] <... openat resumed>) = 3 [pid 6260] <... write resumed>) = 18 [pid 6261] write(3, "1000", 4 [pid 6260] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6261] <... write resumed>) = 4 [pid 6260] <... futex resumed>) = 0 [pid 5087] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6260] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6260] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] newfstatat(AT_FDCWD, "./115/file0", [pid 5086] newfstatat(AT_FDCWD, "./115/file0", [pid 6260] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6261] close(3 [pid 6260] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6261] <... close resumed>) = 0 [pid 6260] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6261] symlink("/dev/binderfs", "./binderfs" [pid 6260] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6261] <... symlink resumed>) = 0 [pid 6260] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORYexecuting program [pid 6261] write(1, "executing program\n", 18 [pid 6260] <... mprotect resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6261] <... write resumed>) = 18 [pid 5087] <... openat resumed>) = 4 [pid 6261] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6260] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5086] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6261] <... futex resumed>) = 0 [pid 5087] newfstatat(4, "", [pid 6261] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... openat resumed>) = 4 [pid 6261] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6260] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] getdents64(4, [pid 5086] newfstatat(4, "", [pid 6261] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [ 167.188172][ T6259] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 6261] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6260] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6261] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 6262 attached [pid 6261] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] getdents64(4, [pid 5086] getdents64(4, [pid 6262] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6261] <... mprotect resumed>) = 0 [pid 6260] <... clone3 resumed> => {parent_tid=[6262]}, 88) = 6262 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6262] <... rseq resumed>) = 0 [pid 6261] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6262] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6260] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] close(4 [pid 5086] getdents64(4, [pid 6262] <... set_robust_list resumed>) = 0 [pid 6261] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6260] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6262] rt_sigprocmask(SIG_SETMASK, [], [pid 6261] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6260] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... close resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6263 attached [pid 6262] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6260] <... futex resumed>) = 0 [pid 5087] rmdir("./115/file0" [pid 5086] close(4) = 0 [pid 5086] rmdir("./115/file0" [pid 6260] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6263] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6262] memfd_create("syzkaller", 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 6263] <... rseq resumed>) = 0 [pid 6261] <... clone3 resumed> => {parent_tid=[6263]}, 88) = 6263 [pid 6263] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6261] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] getdents64(3, [pid 5086] getdents64(3, [pid 6263] <... set_robust_list resumed>) = 0 [pid 6262] <... memfd_create resumed>) = 3 [pid 6261] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6263] rt_sigprocmask(SIG_SETMASK, [], [pid 6262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6261] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6263] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6262] <... mmap resumed>) = 0x7f1df2200000 [pid 6261] <... futex resumed>) = 0 [pid 6263] memfd_create("syzkaller", 0 [pid 6261] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6259] <... mount resumed>) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6263] <... memfd_create resumed>) = 3 [pid 6263] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6259] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5087] close(3 [pid 5086] close(3 [pid 5087] <... close resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5087] rmdir("./115" [pid 5086] rmdir("./115" [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... rmdir resumed>) = 0 [pid 5087] mkdir("./116", 0777 [pid 5086] mkdir("./116", 0777 [pid 6259] <... openat resumed>) = 3 [pid 6259] chdir("./file0" [pid 5087] <... mkdir resumed>) = 0 [pid 6259] <... chdir resumed>) = 0 [pid 5086] <... mkdir resumed>) = 0 [pid 6259] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6259] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6259] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... openat resumed>) = 3 [pid 6259] <... futex resumed>) = 1 [pid 6258] <... futex resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6259] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6258] exit_group(0 [pid 6262] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6259] <... futex resumed>) = ? [pid 6258] <... exit_group resumed>) = ? [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6259] +++ exited with 0 +++ [pid 6263] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6258] +++ exited with 0 +++ [ 167.271148][ T6259] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6258, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 6262] <... write resumed>) = 2097152 [pid 6262] munmap(0x7f1df2200000, 138412032 [pid 5089] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5089] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./115/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6262] <... munmap resumed>) = 0 [pid 5089] unlink("./115/binderfs") = 0 [pid 5089] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6262] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] <... ioctl resumed>) = 0 [pid 6262] <... openat resumed>) = 4 [pid 6262] ioctl(4, LOOP_SET_FD, 3 [pid 5086] close(3 [pid 5087] <... ioctl resumed>) = 0 [pid 6263] <... write resumed>) = 2097152 [pid 6262] <... ioctl resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./115/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5087] close(3 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6264 [pid 5087] <... close resumed>) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] newfstatat(4, "", [pid 6263] munmap(0x7f1df2200000, 138412032 [pid 6262] close(3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6262] <... close resumed>) = 0 ./strace-static-x86_64: Process 6264 attached [pid 5089] getdents64(4, ./strace-static-x86_64: Process 6265 attached [pid 6264] set_robust_list(0x555580b0d6a0, 24 [pid 5089] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6265] set_robust_list(0x555580b0d6a0, 24 [pid 5089] close(4) = 0 [pid 6264] <... set_robust_list resumed>) = 0 [pid 6264] chdir("./116" [pid 6265] <... set_robust_list resumed>) = 0 [pid 5089] rmdir("./115/file0" [pid 6265] chdir("./116" [pid 5089] <... rmdir resumed>) = 0 [pid 6265] <... chdir resumed>) = 0 [pid 6265] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6265] setpgid(0, 0 [pid 6264] <... chdir resumed>) = 0 [pid 6264] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6265] <... setpgid resumed>) = 0 [pid 6264] setpgid(0, 0 [pid 6262] close(4 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6265 [pid 6265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6264] <... setpgid resumed>) = 0 [pid 6263] <... munmap resumed>) = 0 [pid 6262] <... close resumed>) = 0 [pid 5089] getdents64(3, [pid 6264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6264] write(3, "1000", 4) = 4 [pid 6264] close(3) = 0 [pid 6264] symlink("/dev/binderfs", "./binderfs" [pid 6265] <... openat resumed>) = 3 [pid 6264] <... symlink resumed>) = 0 [pid 6263] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6262] mkdir("./file0", 0777 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6265] write(3, "1000", 4 [pid 5089] close(3) = 0 executing program [pid 6262] <... mkdir resumed>) = 0 [pid 6265] <... write resumed>) = 4 [pid 6264] write(1, "executing program\n", 18 [pid 6263] <... openat resumed>) = 4 [pid 5089] rmdir("./115" [pid 6262] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6265] close(3 [pid 6264] <... write resumed>) = 18 [pid 6263] ioctl(4, LOOP_SET_FD, 3 [pid 6265] <... close resumed>) = 0 [pid 6264] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5089] <... rmdir resumed>) = 0 [pid 6264] <... futex resumed>) = 0 [ 167.380587][ T6262] loop0: detected capacity change from 0 to 4096 [pid 6264] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6264] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6264] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6264] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6265] symlink("/dev/binderfs", "./binderfs" [pid 6263] <... ioctl resumed>) = 0 [pid 5089] mkdir("./116", 0777 [pid 6264] <... mprotect resumed>) = 0 executing program [pid 6263] close(3 [pid 5089] <... mkdir resumed>) = 0 [pid 6265] <... symlink resumed>) = 0 [pid 6264] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6263] <... close resumed>) = 0 [pid 6265] write(1, "executing program\n", 18 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6265] <... write resumed>) = 18 [pid 6263] close(4 [pid 5089] <... openat resumed>) = 3 [pid 6265] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6263] <... close resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6265] <... futex resumed>) = 0 [pid 6263] mkdir("./file0", 0777 [pid 6265] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6264] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6265] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6264] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6266 attached [pid 6265] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6263] <... mkdir resumed>) = 0 [pid 6265] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6264] <... clone3 resumed> => {parent_tid=[6266]}, 88) = 6266 [pid 6263] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6266] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6265] <... mmap resumed>) = 0x7f1dfa693000 [pid 6264] rt_sigprocmask(SIG_SETMASK, [], [pid 6266] <... rseq resumed>) = 0 [pid 6265] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6264] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6265] <... mprotect resumed>) = 0 [pid 6266] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6264] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6265] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6264] <... futex resumed>) = 0 [pid 6266] <... set_robust_list resumed>) = 0 [pid 6264] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6266] rt_sigprocmask(SIG_SETMASK, [], [pid 6265] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6266] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6265] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6267 attached [pid 6266] memfd_create("syzkaller", 0) = 3 [pid 6266] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6267] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6266] <... mmap resumed>) = 0x7f1df2200000 [pid 6267] <... rseq resumed>) = 0 [pid 6267] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6267] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6267] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6265] <... clone3 resumed> => {parent_tid=[6267]}, 88) = 6267 [pid 6265] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6265] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6267] <... futex resumed>) = 0 [pid 6265] <... futex resumed>) = 1 [pid 6265] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6267] memfd_create("syzkaller", 0) = 3 [ 167.439775][ T6263] loop3: detected capacity change from 0 to 4096 [ 167.448040][ T6262] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 167.468393][ T6263] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6262] <... mount resumed>) = 0 [pid 6267] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6266] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... ioctl resumed>) = 0 [pid 6262] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6262] chdir("./file0") = 0 [pid 5089] close(3 [pid 6262] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6268 attached [pid 6262] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6262] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6262] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6260] <... futex resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6268 [pid 6268] set_robust_list(0x555580b0d6a0, 24) = 0 [ 167.534707][ T6262] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6260] exit_group(0 [pid 6268] chdir("./116" [pid 6262] <... futex resumed>) = ? [pid 6260] <... exit_group resumed>) = ? [pid 6268] <... chdir resumed>) = 0 [pid 6262] +++ exited with 0 +++ [pid 6260] +++ exited with 0 +++ [pid 6268] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6263] <... mount resumed>) = 0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6260, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 6268] <... prctl resumed>) = 0 [pid 6263] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5085] restart_syscall(<... resuming interrupted clone ...> [pid 6268] setpgid(0, 0) = 0 [pid 6263] <... openat resumed>) = 3 [pid 5085] <... restart_syscall resumed>) = 0 [pid 6268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6263] chdir("./file0") = 0 [pid 6268] <... openat resumed>) = 3 [pid 6263] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6268] write(3, "1000", 4 [pid 6263] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6268] <... write resumed>) = 4 [pid 6263] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] umount2("./115", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6268] close(3 [pid 6263] <... futex resumed>) = 1 [pid 6261] <... futex resumed>) = 0 [pid 6268] <... close resumed>) = 0 [pid 6266] <... write resumed>) = 2097152 [pid 6263] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6261] exit_group(0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6268] symlink("/dev/binderfs", "./binderfs" [pid 6266] munmap(0x7f1df2200000, 138412032 [pid 6263] <... futex resumed>) = ? [pid 6261] <... exit_group resumed>) = ? [pid 5085] openat(AT_FDCWD, "./115", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6268] <... symlink resumed>) = 0 [pid 6267] <... write resumed>) = 2097152 [pid 6263] +++ exited with 0 +++ [pid 6268] write(1, "executing program\n", 18executing program ) = 18 [pid 5085] <... openat resumed>) = 3 [pid 6268] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] newfstatat(3, "", [pid 6268] <... futex resumed>) = 0 [pid 6267] munmap(0x7f1df2200000, 138412032 [pid 6268] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6268] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5085] getdents64(3, [pid 6268] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6261] +++ exited with 0 +++ [pid 6268] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6267] <... munmap resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6268] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6267] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6266] <... munmap resumed>) = 0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6261, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5085] umount2("./115/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6268] <... mmap resumed>) = 0x7f1dfa693000 [pid 6267] <... openat resumed>) = 4 [pid 6266] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6268] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [ 167.599364][ T6263] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 6267] ioctl(4, LOOP_SET_FD, 3 [pid 6268] <... mprotect resumed>) = 0 [pid 6266] <... openat resumed>) = 4 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./115/binderfs", [pid 6268] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6266] ioctl(4, LOOP_SET_FD, 3 [pid 5088] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6268] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6267] <... ioctl resumed>) = 0 [pid 6268] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6266] <... ioctl resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5085] unlink("./115/binderfs" [pid 6267] close(3 [pid 5088] newfstatat(3, "", [pid 5085] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 6269 attached [pid 6266] close(3 [pid 6269] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6266] <... close resumed>) = 0 [pid 6269] <... rseq resumed>) = 0 [pid 6266] close(4 [pid 6269] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6268] <... clone3 resumed> => {parent_tid=[6269]}, 88) = 6269 [pid 6267] <... close resumed>) = 0 [pid 6266] <... close resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6269] rt_sigprocmask(SIG_SETMASK, [], [pid 6267] close(4) = 0 [pid 6267] mkdir("./file0", 0777) = 0 [pid 6267] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6269] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6268] rt_sigprocmask(SIG_SETMASK, [], [pid 6266] mkdir("./file0", 0777 [pid 5088] getdents64(3, [pid 5085] <... umount2 resumed>) = 0 [ 167.645052][ T6267] loop2: detected capacity change from 0 to 4096 [ 167.646860][ T6266] loop1: detected capacity change from 0 to 4096 [pid 6269] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6268] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6266] <... mkdir resumed>) = 0 [pid 6269] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6268] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6269] memfd_create("syzkaller", 0 [pid 6268] <... futex resumed>) = 0 [pid 5088] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6268] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./115/file0", [pid 5088] newfstatat(AT_FDCWD, "./116/binderfs", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./115/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] unlink("./116/binderfs" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... unlink resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./115/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] newfstatat(4, "", [pid 6269] <... memfd_create resumed>) = 3 [pid 6266] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] getdents64(4, [pid 6269] <... mmap resumed>) = 0x7f1df2200000 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5085] rmdir("./115/file0") = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./115") = 0 [pid 5085] mkdir("./116", 0777) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5088] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./116/file0", [pid 5085] <... openat resumed>) = 3 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 167.694531][ T6267] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 167.722006][ T6266] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 5088] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5088] close(4) = 0 [pid 5088] rmdir("./116/file0") = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6269] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6266] <... mount resumed>) = 0 [pid 5088] close(3) = 0 [pid 6266] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5088] rmdir("./116" [pid 6266] chdir("./file0") = 0 [pid 6266] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] <... rmdir resumed>) = 0 [pid 6266] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6266] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6266] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6264] <... futex resumed>) = 0 [pid 5088] mkdir("./117", 0777 [pid 6264] exit_group(0 [pid 6266] <... futex resumed>) = ? [pid 6264] <... exit_group resumed>) = ? [pid 6267] <... mount resumed>) = 0 [pid 6266] +++ exited with 0 +++ [pid 5088] <... mkdir resumed>) = 0 [pid 6267] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6267] <... openat resumed>) = 3 [pid 5088] <... openat resumed>) = 3 [pid 6267] chdir("./file0" [pid 6264] +++ exited with 0 +++ [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6267] <... chdir resumed>) = 0 [pid 6267] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6264, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 6267] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6267] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6267] <... futex resumed>) = 1 [pid 6265] <... futex resumed>) = 0 [pid 6267] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6265] exit_group(0 [pid 5086] <... openat resumed>) = 3 [pid 5086] newfstatat(3, "", [pid 6267] <... futex resumed>) = ? [pid 6265] <... exit_group resumed>) = ? [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6267] +++ exited with 0 +++ [pid 6265] +++ exited with 0 +++ [pid 5086] getdents64(3, [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6265, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5086] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./116/binderfs", [pid 5087] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 167.787142][ T6266] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 167.798570][ T6267] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5087] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] unlink("./116/binderfs" [pid 5085] <... ioctl resumed>) = 0 [pid 5087] <... openat resumed>) = 3 [pid 5086] <... unlink resumed>) = 0 [pid 5087] newfstatat(3, "", [pid 5085] close(3 [pid 5086] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... close resumed>) = 0 [pid 5087] getdents64(3, [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] newfstatat(AT_FDCWD, "./116/binderfs", [pid 5086] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 6270 attached [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6270 [pid 6270] set_robust_list(0x555580b0d6a0, 24 [pid 6269] <... write resumed>) = 2097152 [pid 5087] unlink("./116/binderfs" [pid 5086] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6270] <... set_robust_list resumed>) = 0 [pid 6269] munmap(0x7f1df2200000, 138412032 [pid 5087] <... unlink resumed>) = 0 [pid 6270] chdir("./116" [pid 6269] <... munmap resumed>) = 0 [pid 5087] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6270] <... chdir resumed>) = 0 [pid 6270] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] <... ioctl resumed>) = 0 [pid 5087] <... umount2 resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6270] <... prctl resumed>) = 0 [pid 5087] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] newfstatat(AT_FDCWD, "./116/file0", [pid 6270] setpgid(0, 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] newfstatat(AT_FDCWD, "./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6270] <... setpgid resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... openat resumed>) = 4 [pid 6270] <... openat resumed>) = 3 [pid 5087] <... openat resumed>) = 4 [pid 5086] newfstatat(4, "", [pid 6270] write(3, "1000", 4 [pid 6269] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] newfstatat(4, "", [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6270] <... write resumed>) = 4 [pid 6269] <... openat resumed>) = 4 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, [pid 6270] close(3 [pid 5087] getdents64(4, [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6270] <... close resumed>) = 0 [pid 6269] ioctl(4, LOOP_SET_FD, 3executing program [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, [pid 6270] symlink("/dev/binderfs", "./binderfs" [pid 5088] close(3 [pid 6270] <... symlink resumed>) = 0 [pid 5087] getdents64(4, [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./116/file0" [pid 6270] write(1, "executing program\n", 18 [pid 5087] close(4 [pid 5086] <... rmdir resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 6270] <... write resumed>) = 18 [pid 5087] <... close resumed>) = 0 [pid 5086] getdents64(3, [pid 6270] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] rmdir("./116/file0" [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6270] <... futex resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] close(3 [pid 6270] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./116" [pid 5087] getdents64(3, [pid 5086] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6271 attached [pid 6270] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] mkdir("./117", 0777 [pid 6271] set_robust_list(0x555580b0d6a0, 24 [pid 6270] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] close(3 [pid 5086] <... mkdir resumed>) = 0 [pid 6271] <... set_robust_list resumed>) = 0 [pid 6270] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... close resumed>) = 0 [pid 6270] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] rmdir("./116" [pid 6271] chdir("./117" [pid 6270] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... rmdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6271] <... chdir resumed>) = 0 [pid 6270] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6271 [pid 5087] mkdir("./117", 0777 [pid 5086] <... openat resumed>) = 3 [pid 6271] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6270] <... mprotect resumed>) = 0 [pid 6269] <... ioctl resumed>) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6271] <... prctl resumed>) = 0 [pid 6270] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6269] close(3 [pid 6271] setpgid(0, 0 [pid 6270] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6269] <... close resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6271] <... setpgid resumed>) = 0 [pid 6270] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6269] close(4./strace-static-x86_64: Process 6272 attached [pid 6271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] <... openat resumed>) = 3 [pid 6272] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6270] <... clone3 resumed> => {parent_tid=[6272]}, 88) = 6272 [pid 6269] <... close resumed>) = 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 6272] <... rseq resumed>) = 0 [pid 6271] <... openat resumed>) = 3 [pid 6270] rt_sigprocmask(SIG_SETMASK, [], [pid 6269] mkdir("./file0", 0777 [pid 6272] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6271] write(3, "1000", 4) = 4 [pid 6270] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6271] close(3) = 0 [pid 6271] symlink("/dev/binderfs", "./binderfs" [pid 6272] <... set_robust_list resumed>) = 0 [pid 6270] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6269] <... mkdir resumed>) = 0 [pid 6272] rt_sigprocmask(SIG_SETMASK, [], [pid 6271] <... symlink resumed>) = 0 [pid 6270] <... futex resumed>) = 0 [pid 6269] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6272] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6270] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} executing program [pid 6271] write(1, "executing program\n", 18) = 18 [pid 6271] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6271] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [ 167.898076][ T6269] loop4: detected capacity change from 0 to 4096 [pid 6271] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6271] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6271] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6272] memfd_create("syzkaller", 0) = 3 [pid 6271] <... mprotect resumed>) = 0 [pid 6272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 6271] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6271] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6273]}, 88) = 6273 [pid 6271] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6271] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6271] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 6273 attached [pid 6273] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6273] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6273] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [ 167.941050][ T6269] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [pid 6273] memfd_create("syzkaller", 0 [pid 5086] <... ioctl resumed>) = 0 [pid 6273] <... memfd_create resumed>) = 3 [pid 6273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5086] close(3 [pid 6273] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555580b0d690) = 6274 ./strace-static-x86_64: Process 6274 attached [pid 6269] <... mount resumed>) = 0 [pid 6274] set_robust_list(0x555580b0d6a0, 24 [pid 5087] <... ioctl resumed>) = 0 [pid 6274] <... set_robust_list resumed>) = 0 [pid 6274] chdir("./117") = 0 [pid 6272] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] close(3 [pid 6274] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6274] setpgid(0, 0) = 0 [pid 5087] <... close resumed>) = 0 [pid 6274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6274] <... openat resumed>) = 3 [pid 6274] write(3, "1000", 4) = 4 ./strace-static-x86_64: Process 6275 attached [pid 6274] close(3 [pid 6269] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6275] set_robust_list(0x555580b0d6a0, 24 [pid 6274] <... close resumed>) = 0 [pid 6269] <... openat resumed>) = 3 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6275 [pid 6275] <... set_robust_list resumed>) = 0 [pid 6274] symlink("/dev/binderfs", "./binderfs" [pid 6275] chdir("./117" [pid 6274] <... symlink resumed>) = 0 [pid 6269] chdir("./file0" executing program [pid 6275] <... chdir resumed>) = 0 [pid 6274] write(1, "executing program\n", 18 [pid 6269] <... chdir resumed>) = 0 [pid 6275] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6274] <... write resumed>) = 18 [pid 6269] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6275] <... prctl resumed>) = 0 [pid 6274] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6269] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6275] setpgid(0, 0 [pid 6274] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6275] <... setpgid resumed>) = 0 [pid 6274] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6269] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6274] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6269] <... futex resumed>) = 1 [pid 6268] <... futex resumed>) = 0 [pid 6275] <... openat resumed>) = 3 [pid 6274] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6269] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6268] exit_group(0 [ 168.021687][ T6269] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [pid 6275] write(3, "1000", 4 [pid 6274] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6268] <... exit_group resumed>) = ? [pid 6269] <... futex resumed>) = ? [pid 6275] <... write resumed>) = 4 [pid 6274] <... mmap resumed>) = 0x7f1dfa693000 [pid 6274] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6274] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6274] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6276 attached [pid 6275] close(3) = 0 [pid 6274] <... clone3 resumed> => {parent_tid=[6276]}, 88) = 6276 [pid 6276] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6275] symlink("/dev/binderfs", "./binderfs" [pid 6274] rt_sigprocmask(SIG_SETMASK, [], [pid 6276] <... rseq resumed>) = 0 [pid 6274] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6276] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6274] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6276] <... set_robust_list resumed>) = 0 [pid 6274] <... futex resumed>) = 0 executing program [pid 6269] +++ exited with 0 +++ [pid 6268] +++ exited with 0 +++ [pid 6276] rt_sigprocmask(SIG_SETMASK, [], [pid 6275] <... symlink resumed>) = 0 [pid 6273] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6276] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6275] write(1, "executing program\n", 18 [pid 6274] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6268, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 6276] memfd_create("syzkaller", 0 [pid 6275] <... write resumed>) = 18 [pid 6275] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5089] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6276] <... memfd_create resumed>) = 3 [pid 6275] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6275] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5089] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6276] <... mmap resumed>) = 0x7f1df2200000 [pid 6275] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5089] <... openat resumed>) = 3 [pid 6275] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] newfstatat(3, "", [pid 6275] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6275] <... mmap resumed>) = 0x7f1dfa693000 [pid 5089] getdents64(3, [pid 6275] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6275] <... mprotect resumed>) = 0 [pid 6272] <... write resumed>) = 2097152 [pid 5089] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6275] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6272] munmap(0x7f1df2200000, 138412032 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./116/binderfs") = 0 [pid 6275] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6273] <... write resumed>) = 2097152 [pid 6272] <... munmap resumed>) = 0 [pid 5089] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6275] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6277 attached => {parent_tid=[6277]}, 88) = 6277 [pid 6275] rt_sigprocmask(SIG_SETMASK, [], [pid 6277] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6275] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6277] <... rseq resumed>) = 0 [pid 6275] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6277] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6275] <... futex resumed>) = 0 [pid 6277] <... set_robust_list resumed>) = 0 [pid 6273] munmap(0x7f1df2200000, 138412032 [pid 6272] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6275] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6273] <... munmap resumed>) = 0 [pid 6277] rt_sigprocmask(SIG_SETMASK, [], [pid 6272] <... openat resumed>) = 4 [pid 5089] <... umount2 resumed>) = 0 [pid 6277] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6272] ioctl(4, LOOP_SET_FD, 3 [pid 5089] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6277] memfd_create("syzkaller", 0 [pid 6276] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6273] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6272] <... ioctl resumed>) = 0 [pid 6277] <... memfd_create resumed>) = 3 [pid 6272] close(3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6277] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6272] <... close resumed>) = 0 [pid 6277] <... mmap resumed>) = 0x7f1df2200000 [pid 6273] <... openat resumed>) = 4 [pid 6272] close(4 [pid 5089] newfstatat(AT_FDCWD, "./116/file0", [pid 6272] <... close resumed>) = 0 [pid 6272] mkdir("./file0", 0777) = 0 [pid 6272] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6273] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6273] <... ioctl resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", [pid 6273] close(3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6273] <... close resumed>) = 0 [pid 6273] close(4) = 0 [pid 6273] mkdir("./file0", 0777) = 0 [pid 5089] getdents64(4, [pid 6273] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [ 168.152681][ T6272] loop0: detected capacity change from 0 to 4096 [ 168.185309][ T6273] loop3: detected capacity change from 0 to 4096 [ 168.193425][ T6272] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./116/file0") = 0 [pid 5089] getdents64(3, [pid 6276] <... write resumed>) = 2097152 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 6276] munmap(0x7f1df2200000, 138412032 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./116" [pid 6277] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6276] <... munmap resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 6276] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] mkdir("./117", 0777 [pid 6276] <... openat resumed>) = 4 [pid 6276] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... mkdir resumed>) = 0 [ 168.233947][ T6273] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 6276] <... ioctl resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6277] <... write resumed>) = 2097152 [pid 6276] close(3 [pid 5089] <... openat resumed>) = 3 [pid 6277] munmap(0x7f1df2200000, 138412032 [pid 6276] <... close resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6276] close(4) = 0 [pid 6276] mkdir("./file0", 0777) = 0 [ 168.292844][ T6276] loop1: detected capacity change from 0 to 4096 [ 168.321145][ T6273] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 168.321779][ T6276] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 6276] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6273] <... mount resumed>) = 0 [pid 6277] <... munmap resumed>) = 0 [pid 6273] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6277] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6273] <... openat resumed>) = 3 [pid 6272] <... mount resumed>) = 0 [pid 6277] ioctl(4, LOOP_SET_FD, 3 [pid 6273] chdir("./file0" [pid 6272] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6273] <... chdir resumed>) = 0 [pid 6272] <... openat resumed>) = 3 [pid 6272] chdir("./file0") = 0 [pid 6273] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6272] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 6273] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6272] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6272] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6270] <... futex resumed>) = 0 [pid 6270] exit_group(0) = ? [pid 6272] <... futex resumed>) = ? [pid 6273] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6272] +++ exited with 0 +++ [pid 6271] <... futex resumed>) = 0 [pid 6270] +++ exited with 0 +++ [pid 6273] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6271] exit_group(0 [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6270, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 6273] <... futex resumed>) = ? [pid 6271] <... exit_group resumed>) = ? [pid 6273] +++ exited with 0 +++ [pid 6277] <... ioctl resumed>) = 0 [pid 5085] umount2("./116", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./116", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6277] close(3 [pid 5085] getdents64(3, [pid 6277] <... close resumed>) = 0 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6277] close(4 [pid 5085] umount2("./116/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6277] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6277] mkdir("./file0", 0777 [pid 5085] newfstatat(AT_FDCWD, "./116/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./116/binderfs" [pid 6277] <... mkdir resumed>) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 6277] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6271] +++ exited with 0 +++ [ 168.328534][ T6272] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 168.350842][ T6277] loop2: detected capacity change from 0 to 4096 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6271, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5085] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5088] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... ioctl resumed>) = 0 [pid 5089] close(3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... umount2 resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... openat resumed>) = 3 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(3, "", [pid 5085] newfstatat(AT_FDCWD, "./116/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./116/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./116/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] newfstatat(4, "", [pid 5088] getdents64(3, [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6278 [pid 5088] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 6278 attached [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] close(4 [pid 6278] set_robust_list(0x555580b0d6a0, 24 [pid 5088] newfstatat(AT_FDCWD, "./117/binderfs", [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./116/file0" [pid 6278] <... set_robust_list resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... rmdir resumed>) = 0 [pid 6278] chdir("./117" [pid 5088] unlink("./117/binderfs" [pid 5085] getdents64(3, [pid 6278] <... chdir resumed>) = 0 [pid 6276] <... mount resumed>) = 0 [pid 5088] <... unlink resumed>) = 0 [pid 6276] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6276] <... openat resumed>) = 3 [pid 5085] close(3 [pid 6276] chdir("./file0" [pid 5085] <... close resumed>) = 0 [pid 6276] <... chdir resumed>) = 0 [pid 5085] rmdir("./116" [pid 6276] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5085] <... rmdir resumed>) = 0 [pid 6276] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6278] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6276] <... futex resumed>) = 1 [pid 6274] <... futex resumed>) = 0 [pid 6274] exit_group(0 [pid 6276] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5085] mkdir("./117", 0777 [pid 6278] <... prctl resumed>) = 0 [pid 6274] <... exit_group resumed>) = ? [pid 6276] <... futex resumed>) = ? [ 168.406250][ T6277] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 168.430553][ T6276] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5085] <... mkdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6278] setpgid(0, 0) = 0 [pid 6278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6278] write(3, "1000", 4 [pid 5088] <... umount2 resumed>) = 0 [pid 6278] <... write resumed>) = 4 [pid 6276] +++ exited with 0 +++ [pid 6274] +++ exited with 0 +++ [pid 5088] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6278] close(3) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6278] symlink("/dev/binderfs", "./binderfs" [pid 5088] newfstatat(AT_FDCWD, "./117/file0", [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6274, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5086] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6278] <... symlink resumed>) = 0 executing program [pid 5086] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6278] write(1, "executing program\n", 18) = 18 [pid 5088] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... openat resumed>) = 3 [pid 6278] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(3, "", [pid 6278] <... futex resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6278] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5088] <... openat resumed>) = 4 [pid 5086] getdents64(3, [pid 6278] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6278] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5088] newfstatat(4, "", [pid 5086] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6278] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6278] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5088] getdents64(4, [pid 5086] newfstatat(AT_FDCWD, "./117/binderfs", [pid 6278] <... mmap resumed>) = 0x7f1dfa693000 [pid 6277] <... mount resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6278] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5086] unlink("./117/binderfs" [pid 5088] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6278] <... mprotect resumed>) = 0 [pid 6277] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6278] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] getdents64(4, [pid 5086] <... unlink resumed>) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 6278] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6277] <... openat resumed>) = 3 [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6278] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] close(3./strace-static-x86_64: Process 6279 attached [pid 6277] chdir("./file0" [pid 5088] close(4 [pid 5085] <... close resumed>) = 0 [pid 6279] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6278] <... clone3 resumed> => {parent_tid=[6279]}, 88) = 6279 [pid 6277] <... chdir resumed>) = 0 [pid 6279] <... rseq resumed>) = 0 [pid 6278] rt_sigprocmask(SIG_SETMASK, [], [pid 6277] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] <... close resumed>) = 0 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6279] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6278] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6277] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] rmdir("./117/file0" [pid 5086] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 6280 attached [pid 6279] <... set_robust_list resumed>) = 0 [pid 6278] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6277] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] <... rmdir resumed>) = 0 [pid 6279] rt_sigprocmask(SIG_SETMASK, [], [pid 6277] <... futex resumed>) = 1 [pid 6275] <... futex resumed>) = 0 [pid 6280] set_robust_list(0x555580b0d6a0, 24 [pid 6279] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6277] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6275] exit_group(0 [pid 6280] <... set_robust_list resumed>) = 0 [pid 6277] <... futex resumed>) = ? [pid 6275] <... exit_group resumed>) = ? [pid 6280] chdir("./117" [pid 6278] <... futex resumed>) = 0 [pid 5088] getdents64(3, [pid 6278] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6280 [pid 5088] <... close resumed>) = 0 [pid 6280] <... chdir resumed>) = 0 [pid 5088] rmdir("./117" [pid 5086] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6280] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] <... rmdir resumed>) = 0 [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] mkdir("./118", 0777 [ 168.504425][ T6277] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5086] newfstatat(AT_FDCWD, "./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6280] <... prctl resumed>) = 0 [pid 6279] memfd_create("syzkaller", 0 [pid 6277] +++ exited with 0 +++ [pid 6275] +++ exited with 0 +++ [pid 5088] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6275, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 6280] setpgid(0, 0) = 0 [pid 6279] <... memfd_create resumed>) = 3 [pid 5088] <... openat resumed>) = 3 [pid 5086] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6280] <... openat resumed>) = 3 [pid 6279] <... mmap resumed>) = 0x7f1df2200000 [pid 5086] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6280] write(3, "1000", 4 [pid 5086] <... openat resumed>) = 4 [pid 6280] <... write resumed>) = 4 [pid 5086] newfstatat(4, "", [pid 6280] close(3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6280] <... close resumed>) = 0 [pid 5087] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(4, [pid 6280] symlink("/dev/binderfs", "./binderfs" [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6280] <... symlink resumed>) = 0 executing program [pid 5087] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] getdents64(4, [pid 6280] write(1, "executing program\n", 18 [pid 5087] <... openat resumed>) = 3 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6280] <... write resumed>) = 18 [pid 5087] newfstatat(3, "", [pid 5086] close(4 [pid 6280] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] <... close resumed>) = 0 [pid 6280] <... futex resumed>) = 0 [pid 5087] getdents64(3, [pid 5086] rmdir("./117/file0" [pid 6280] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5086] <... rmdir resumed>) = 0 [pid 6280] <... rt_sigaction resumed>NULL, 8) = 0 [pid 5087] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] getdents64(3, [pid 6280] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6280] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] newfstatat(AT_FDCWD, "./117/binderfs", [pid 5086] close(3 [pid 6280] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] <... close resumed>) = 0 [pid 5087] unlink("./117/binderfs" [pid 5086] rmdir("./117" [pid 6280] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... unlink resumed>) = 0 [pid 6280] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... rmdir resumed>) = 0 [pid 6280] <... mprotect resumed>) = 0 [pid 6280] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6279] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5087] <... umount2 resumed>) = 0 [pid 5086] mkdir("./118", 0777 [pid 6280] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5087] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] <... mkdir resumed>) = 0 [pid 6280] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0}./strace-static-x86_64: Process 6281 attached [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5087] newfstatat(AT_FDCWD, "./117/file0", [pid 5086] <... openat resumed>) = 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6281] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6280] <... clone3 resumed> => {parent_tid=[6281]}, 88) = 6281 [pid 5087] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 6281] <... rseq resumed>) = 0 [pid 6280] rt_sigprocmask(SIG_SETMASK, [], [pid 5087] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5087] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] close(4) = 0 [pid 5087] rmdir("./117/file0") = 0 [pid 5087] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5087] close(3 [pid 6281] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6280] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5087] <... close resumed>) = 0 [pid 6281] <... set_robust_list resumed>) = 0 [pid 6281] rt_sigprocmask(SIG_SETMASK, [], [pid 6280] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] rmdir("./117" [pid 6281] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6280] <... futex resumed>) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 6281] memfd_create("syzkaller", 0 [pid 6280] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5087] mkdir("./118", 0777 [pid 6281] <... memfd_create resumed>) = 3 [pid 5087] <... mkdir resumed>) = 0 [pid 6281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5088] <... ioctl resumed>) = 0 [pid 6279] <... write resumed>) = 2097152 [pid 5088] close(3 [pid 6279] munmap(0x7f1df2200000, 138412032 [pid 5088] <... close resumed>) = 0 [pid 6279] <... munmap resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6281] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6282 ./strace-static-x86_64: Process 6282 attached [pid 5086] <... ioctl resumed>) = 0 [pid 6282] set_robust_list(0x555580b0d6a0, 24) = 0 [pid 6279] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6282] chdir("./118" [pid 6279] <... openat resumed>) = 4 [pid 6279] ioctl(4, LOOP_SET_FD, 3 [pid 6282] <... chdir resumed>) = 0 [pid 5086] close(3 [pid 6282] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6279] <... ioctl resumed>) = 0 [pid 6282] <... prctl resumed>) = 0 [pid 6282] setpgid(0, 0) = 0 [pid 5087] <... ioctl resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 6279] close(3 [pid 6282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6279] <... close resumed>) = 0 [pid 5087] close(3 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6282] <... openat resumed>) = 3 [pid 6281] <... write resumed>) = 2097152 [pid 6279] close(4 [pid 5087] <... close resumed>) = 0 [pid 6282] write(3, "1000", 4 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6282] <... write resumed>) = 4 [pid 6282] close(3 [pid 6279] <... close resumed>) = 0 [pid 6282] <... close resumed>) = 0 [pid 6279] mkdir("./file0", 0777./strace-static-x86_64: Process 6284 attached [pid 6282] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 6283 attached [pid 6284] set_robust_list(0x555580b0d6a0, 24 [pid 6282] <... symlink resumed>) = 0 [pid 6279] <... mkdir resumed>) = 0 [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6284 executing program [pid 6284] <... set_robust_list resumed>) = 0 [pid 6282] write(1, "executing program\n", 18 [ 168.704821][ T6279] loop4: detected capacity change from 0 to 4096 [pid 6281] munmap(0x7f1df2200000, 138412032 [pid 6279] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6283 [pid 6283] set_robust_list(0x555580b0d6a0, 24 [pid 6284] chdir("./118" [pid 6282] <... write resumed>) = 18 [pid 6281] <... munmap resumed>) = 0 [pid 6283] <... set_robust_list resumed>) = 0 [pid 6284] <... chdir resumed>) = 0 [pid 6282] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6284] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6282] <... futex resumed>) = 0 [pid 6283] chdir("./118" [pid 6284] <... prctl resumed>) = 0 [pid 6282] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6283] <... chdir resumed>) = 0 [pid 6284] setpgid(0, 0 [pid 6283] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6282] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6284] <... setpgid resumed>) = 0 [pid 6283] <... prctl resumed>) = 0 [pid 6282] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6283] setpgid(0, 0 [pid 6284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6282] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6281] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6283] <... setpgid resumed>) = 0 [pid 6281] <... openat resumed>) = 4 [pid 6281] ioctl(4, LOOP_SET_FD, 3 [pid 6283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6284] <... openat resumed>) = 3 [pid 6282] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6279] <... mount resumed>) = 0 [pid 6281] <... ioctl resumed>) = 0 [pid 6283] <... openat resumed>) = 3 [pid 6284] write(3, "1000", 4 [pid 6282] <... mmap resumed>) = 0x7f1dfa693000 [pid 6279] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6283] write(3, "1000", 4 [pid 6284] <... write resumed>) = 4 [pid 6282] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6281] close(3 [pid 6279] <... openat resumed>) = 3 [pid 6284] close(3 [pid 6282] <... mprotect resumed>) = 0 [pid 6281] <... close resumed>) = 0 [pid 6279] chdir("./file0" [pid 6283] <... write resumed>) = 4 [pid 6284] <... close resumed>) = 0 [pid 6282] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6281] close(4 [pid 6279] <... chdir resumed>) = 0 [pid 6283] close(3 [pid 6284] symlink("/dev/binderfs", "./binderfs" [pid 6281] <... close resumed>) = 0 [pid 6279] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6281] mkdir("./file0", 0777 [pid 6283] <... close resumed>) = 0 [pid 6284] <... symlink resumed>) = 0 [pid 6282] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6281] <... mkdir resumed>) = 0 [pid 6279] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6283] symlink("/dev/binderfs", "./binderfs" [pid 6284] write(1, "executing program\n", 18 [pid 6282] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6279] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000executing program [pid 6283] <... symlink resumed>) = 0 [pid 6284] <... write resumed>) = 18 [pid 6281] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6279] <... futex resumed>) = 1 [pid 6278] <... futex resumed>) = 0 ./strace-static-x86_64: Process 6285 attached [pid 6283] write(1, "executing program\n", 18 [pid 6284] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6282] <... clone3 resumed> => {parent_tid=[6285]}, 88) = 6285 [pid 6279] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [ 168.753790][ T6279] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 168.781993][ T6279] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 168.788141][ T6281] loop0: detected capacity change from 0 to 4096 [pid 6278] exit_group(0executing program [pid 6285] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6283] <... write resumed>) = 18 [pid 6284] <... futex resumed>) = 0 [pid 6282] rt_sigprocmask(SIG_SETMASK, [], [pid 6279] <... futex resumed>) = ? [pid 6278] <... exit_group resumed>) = ? [pid 6283] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6284] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6283] <... futex resumed>) = 0 [pid 6284] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6283] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6285] <... rseq resumed>) = 0 [pid 6283] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6284] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6283] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6284] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6283] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6284] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6282] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6285] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6283] <... mmap resumed>) = 0x7f1dfa693000 [pid 6283] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6284] <... mmap resumed>) = 0x7f1dfa693000 [pid 6284] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6282] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6285] <... set_robust_list resumed>) = 0 [pid 6283] <... mprotect resumed>) = 0 [pid 6282] <... futex resumed>) = 0 [pid 6285] rt_sigprocmask(SIG_SETMASK, [], [pid 6284] <... mprotect resumed>) = 0 [pid 6285] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6282] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6284] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6285] memfd_create("syzkaller", 0 [pid 6283] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6285] <... memfd_create resumed>) = 3 [pid 6285] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6284] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6283] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6285] <... mmap resumed>) = 0x7f1df2200000 [pid 6284] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6283] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6279] +++ exited with 0 +++ [pid 6278] +++ exited with 0 +++ ./strace-static-x86_64: Process 6287 attached ./strace-static-x86_64: Process 6286 attached [pid 6284] <... clone3 resumed> => {parent_tid=[6286]}, 88) = 6286 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6278, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 6287] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6286] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6283] <... clone3 resumed> => {parent_tid=[6287]}, 88) = 6287 [pid 6284] rt_sigprocmask(SIG_SETMASK, [], [pid 6287] <... rseq resumed>) = 0 [pid 6286] <... rseq resumed>) = 0 [pid 6283] rt_sigprocmask(SIG_SETMASK, [], [pid 6284] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6287] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6286] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6283] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6287] <... set_robust_list resumed>) = 0 [pid 6286] <... set_robust_list resumed>) = 0 [pid 6283] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6284] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6287] rt_sigprocmask(SIG_SETMASK, [], [pid 6286] rt_sigprocmask(SIG_SETMASK, [], [pid 6283] <... futex resumed>) = 0 [pid 6284] <... futex resumed>) = 0 [pid 5089] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6287] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6286] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6283] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6284] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6287] memfd_create("syzkaller", 0 [pid 6286] memfd_create("syzkaller", 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6287] <... memfd_create resumed>) = 3 [pid 6286] <... memfd_create resumed>) = 3 [pid 5089] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6287] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6287] <... mmap resumed>) = 0x7f1df2200000 [pid 6286] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... openat resumed>) = 3 [ 168.826491][ T6281] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6281] <... mount resumed>) = 0 [pid 5089] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6281] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./117/binderfs", [pid 6286] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6281] <... openat resumed>) = 3 [pid 6281] chdir("./file0") = 0 [pid 6285] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6281] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6281] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] unlink("./117/binderfs" [pid 6281] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6280] <... futex resumed>) = 0 [pid 6281] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6280] exit_group(0 [pid 6281] <... futex resumed>) = ? [pid 6280] <... exit_group resumed>) = ? [pid 5089] <... unlink resumed>) = 0 [pid 5089] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6287] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6281] +++ exited with 0 +++ [pid 6280] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6280, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [ 168.892361][ T6281] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 5085] umount2("./117", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./117", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] <... umount2 resumed>) = 0 [pid 5089] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(3, "", [pid 5089] newfstatat(AT_FDCWD, "./117/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6285] <... write resumed>) = 2097152 [pid 5089] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] getdents64(3, [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6285] munmap(0x7f1df2200000, 138412032 [pid 5089] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./117/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./117/binderfs", [pid 5089] <... openat resumed>) = 4 [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./117/binderfs" [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... unlink resumed>) = 0 [pid 5089] getdents64(4, [pid 5085] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 5085] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] rmdir("./117/file0" [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./117/file0", [pid 5089] <... rmdir resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] umount2("./117/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./117/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6285] <... munmap resumed>) = 0 [pid 5089] getdents64(3, [pid 5085] <... openat resumed>) = 4 [pid 6285] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] newfstatat(4, "", [pid 5089] close(3) = 0 [pid 6285] <... openat resumed>) = 4 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6285] ioctl(4, LOOP_SET_FD, 3 [pid 5089] rmdir("./117" [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5089] <... rmdir resumed>) = 0 [pid 5085] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5089] mkdir("./118", 0777 [pid 5085] close(4 [pid 6286] <... write resumed>) = 2097152 [pid 5085] <... close resumed>) = 0 [pid 5085] rmdir("./117/file0") = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5085] rmdir("./117" [pid 5089] <... mkdir resumed>) = 0 [pid 6287] <... write resumed>) = 2097152 [pid 5085] <... rmdir resumed>) = 0 [pid 6285] <... ioctl resumed>) = 0 [pid 6287] munmap(0x7f1df2200000, 138412032 [pid 6286] munmap(0x7f1df2200000, 138412032 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5085] mkdir("./118", 0777 [pid 5089] <... openat resumed>) = 3 [pid 5085] <... mkdir resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 6285] close(3 [pid 6287] <... munmap resumed>) = 0 [pid 6286] <... munmap resumed>) = 0 [pid 6286] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 6286] ioctl(4, LOOP_SET_FD, 3 [pid 6285] <... close resumed>) = 0 [ 168.993315][ T6285] loop3: detected capacity change from 0 to 4096 [ 169.023625][ T6286] loop2: detected capacity change from 0 to 4096 [pid 6287] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 6285] close(4 [pid 6287] ioctl(4, LOOP_SET_FD, 3 [pid 6285] <... close resumed>) = 0 [pid 6287] <... ioctl resumed>) = 0 [pid 6285] mkdir("./file0", 0777 [pid 6286] <... ioctl resumed>) = 0 [pid 6286] close(3) = 0 [pid 6286] close(4) = 0 [pid 6286] mkdir("./file0", 0777) = 0 [pid 6285] <... mkdir resumed>) = 0 [pid 6286] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6285] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5085] <... ioctl resumed>) = 0 [pid 6287] close(3 [pid 5085] close(3 [pid 6287] <... close resumed>) = 0 [pid 6287] close(4 [pid 5085] <... close resumed>) = 0 [pid 6287] <... close resumed>) = 0 [pid 6287] mkdir("./file0", 0777 [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6287] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 6288 attached [pid 6287] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... ioctl resumed>) = 0 [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6288 [pid 6288] set_robust_list(0x555580b0d6a0, 24 [pid 5089] close(3 [pid 6288] <... set_robust_list resumed>) = 0 [pid 6288] chdir("./118" [pid 5089] <... close resumed>) = 0 [ 169.041935][ T6287] loop1: detected capacity change from 0 to 4096 [ 169.055138][ T6286] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 169.065022][ T6285] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6288] <... chdir resumed>) = 0 [pid 6288] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6288] setpgid(0, 0) = 0 [pid 6288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6289 ./strace-static-x86_64: Process 6289 attached [pid 6288] write(3, "1000", 4 [pid 6289] set_robust_list(0x555580b0d6a0, 24 [pid 6288] <... write resumed>) = 4 [pid 6289] <... set_robust_list resumed>) = 0 [pid 6288] close(3 [pid 6289] chdir("./118") = 0 [pid 6288] <... close resumed>) = 0 [ 169.100503][ T6287] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [pid 6289] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 6288] symlink("/dev/binderfs", "./binderfs" [pid 6289] <... prctl resumed>) = 0 [pid 6288] <... symlink resumed>) = 0 [pid 6289] setpgid(0, 0) = 0 [pid 6289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 6288] write(1, "executing program\n", 18executing program ) = 18 [pid 6289] <... openat resumed>) = 3 [pid 6288] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6289] write(3, "1000", 4 [pid 6288] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6289] <... write resumed>) = 4 [pid 6288] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6289] close(3) = 0 [pid 6288] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6289] symlink("/dev/binderfs", "./binderfs" [pid 6288] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6288] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0executing program [pid 6289] <... symlink resumed>) = 0 [pid 6288] <... mmap resumed>) = 0x7f1dfa693000 [pid 6288] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6289] write(1, "executing program\n", 18 [pid 6288] <... mprotect resumed>) = 0 [pid 6289] <... write resumed>) = 18 [pid 6289] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6288] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6289] <... futex resumed>) = 0 [pid 6289] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6288] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6289] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6288] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6289] <... rt_sigprocmask resumed>NULL, 8) = 0 ./strace-static-x86_64: Process 6290 attached [pid 6289] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6290] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6289] <... mmap resumed>) = 0x7f1dfa693000 [pid 6290] <... rseq resumed>) = 0 [pid 6289] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6288] <... clone3 resumed> => {parent_tid=[6290]}, 88) = 6290 [pid 6290] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6289] <... mprotect resumed>) = 0 [pid 6290] <... set_robust_list resumed>) = 0 [pid 6289] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6288] rt_sigprocmask(SIG_SETMASK, [], [pid 6285] <... mount resumed>) = 0 [pid 6290] rt_sigprocmask(SIG_SETMASK, [], [pid 6289] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6288] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6285] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6286] <... mount resumed>) = 0 [pid 6285] chdir("./file0" [pid 6286] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6285] <... chdir resumed>) = 0 [pid 6288] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6286] <... openat resumed>) = 3 [pid 6286] chdir("./file0" [pid 6285] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6286] <... chdir resumed>) = 0 [pid 6289] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 6288] <... futex resumed>) = 0 [pid 6285] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6286] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6285] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 6291 attached [pid 6290] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6288] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6286] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6285] <... futex resumed>) = 1 [pid 6282] <... futex resumed>) = 0 [pid 6291] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6290] memfd_create("syzkaller", 0 [pid 6289] <... clone3 resumed> => {parent_tid=[6291]}, 88) = 6291 [pid 6286] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6285] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6282] exit_group(0 [pid 6291] <... rseq resumed>) = 0 [pid 6289] rt_sigprocmask(SIG_SETMASK, [], [pid 6286] <... futex resumed>) = 1 [pid 6285] <... futex resumed>) = ? [pid 6284] <... futex resumed>) = 0 [pid 6282] <... exit_group resumed>) = ? [pid 6291] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6290] <... memfd_create resumed>) = 3 [pid 6289] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6286] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6285] +++ exited with 0 +++ [pid 6284] exit_group(0 [pid 6291] <... set_robust_list resumed>) = 0 [pid 6290] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6289] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6286] <... futex resumed>) = ? [pid 6284] <... exit_group resumed>) = ? [ 169.140888][ T6285] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 169.157407][ T6286] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 6291] rt_sigprocmask(SIG_SETMASK, [], [pid 6290] <... mmap resumed>) = 0x7f1df2200000 [pid 6289] <... futex resumed>) = 0 [pid 6286] +++ exited with 0 +++ [pid 6291] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6284] +++ exited with 0 +++ [pid 6282] +++ exited with 0 +++ [pid 6289] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6282, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6284, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5088] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] restart_syscall(<... resuming interrupted clone ...> [pid 5088] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... restart_syscall resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5088] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6291] memfd_create("syzkaller", 0 [pid 5088] getdents64(3, [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5087] <... openat resumed>) = 3 [pid 6291] <... memfd_create resumed>) = 3 [pid 5088] newfstatat(AT_FDCWD, "./118/binderfs", [pid 5087] newfstatat(3, "", [pid 6291] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] unlink("./118/binderfs") = 0 [pid 6291] <... mmap resumed>) = 0x7f1df2200000 [pid 5088] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./118/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5087] getdents64(3, [pid 5088] close(4) = 0 [pid 5088] rmdir("./118/file0") = 0 [pid 5088] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5088] close(3) = 0 [pid 5088] rmdir("./118") = 0 [pid 5088] mkdir("./119", 0777) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6290] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5087] newfstatat(AT_FDCWD, "./118/binderfs", [pid 5088] <... openat resumed>) = 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 5087] unlink("./118/binderfs" [pid 5088] <... ioctl resumed>) = 0 [pid 5088] close(3) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... unlink resumed>) = 0 [pid 6287] <... mount resumed>) = 0 [pid 5087] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6287] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6287] chdir("./file0") = 0 [pid 5088] <... clone resumed>, child_tidptr=0x555580b0d690) = 6292 [pid 6287] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 6292 attached [pid 5087] <... umount2 resumed>) = 0 [pid 6292] set_robust_list(0x555580b0d6a0, 24 [pid 6287] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6292] <... set_robust_list resumed>) = 0 [pid 6287] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6291] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6287] <... futex resumed>) = 1 [pid 6283] <... futex resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6287] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6283] exit_group(0 [pid 5087] newfstatat(AT_FDCWD, "./118/file0", [pid 6287] <... futex resumed>) = ? [pid 6283] <... exit_group resumed>) = ? [pid 6292] chdir("./119" [pid 6287] +++ exited with 0 +++ [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6292] <... chdir resumed>) = 0 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6292] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6292] <... prctl resumed>) = 0 [pid 6292] setpgid(0, 0) = 0 [pid 5087] <... openat resumed>) = 4 [pid 6292] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 169.237674][ T6287] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5087] newfstatat(4, "", [pid 6292] <... openat resumed>) = 3 [pid 5087] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6292] write(3, "1000", 4 [pid 5087] getdents64(4, [pid 6292] <... write resumed>) = 4 [pid 6292] close(3 [pid 5087] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6292] <... close resumed>) = 0 executing program [pid 5087] getdents64(4, [pid 6292] symlink("/dev/binderfs", "./binderfs" [pid 6283] +++ exited with 0 +++ [pid 5087] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6292] <... symlink resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6283, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 6292] write(1, "executing program\n", 18) = 18 [pid 5087] close(4 [pid 6292] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5087] <... close resumed>) = 0 [pid 6292] <... futex resumed>) = 0 [pid 5087] rmdir("./118/file0" [pid 6292] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 5087] <... rmdir resumed>) = 0 [pid 6292] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 5086] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6292] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6292] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 5087] getdents64(3, [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6292] <... mmap resumed>) = 0x7f1dfa693000 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6292] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 5087] close(3 [pid 5086] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6292] <... mprotect resumed>) = 0 [pid 5087] <... close resumed>) = 0 [pid 5086] <... openat resumed>) = 3 [pid 6292] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5087] rmdir("./118" [pid 5086] newfstatat(3, "", [pid 6292] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6292] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5086] getdents64(3, ./strace-static-x86_64: Process 6293 attached [pid 5087] <... rmdir resumed>) = 0 [pid 5086] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6293] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6292] <... clone3 resumed> => {parent_tid=[6293]}, 88) = 6293 [pid 5087] mkdir("./119", 0777 [pid 5086] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6293] <... rseq resumed>) = 0 [pid 6292] rt_sigprocmask(SIG_SETMASK, [], [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6292] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5086] newfstatat(AT_FDCWD, "./118/binderfs", [pid 6292] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6292] <... futex resumed>) = 0 [pid 5086] unlink("./118/binderfs" [pid 6292] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5086] <... unlink resumed>) = 0 [pid 5086] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6293] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5087] <... mkdir resumed>) = 0 [pid 6293] <... set_robust_list resumed>) = 0 [pid 6293] rt_sigprocmask(SIG_SETMASK, [], [pid 6290] <... write resumed>) = 2097152 [pid 5087] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6293] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6290] munmap(0x7f1df2200000, 138412032 [pid 6293] memfd_create("syzkaller", 0 [pid 5086] <... umount2 resumed>) = 0 [pid 5086] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6293] <... memfd_create resumed>) = 3 [pid 5087] <... openat resumed>) = 3 [pid 5086] newfstatat(AT_FDCWD, "./118/file0", [pid 6293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5087] ioctl(3, LOOP_CLR_FD [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6293] <... mmap resumed>) = 0x7f1df2200000 [pid 6291] <... write resumed>) = 2097152 [pid 5086] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5086] newfstatat(4, "", [pid 6291] munmap(0x7f1df2200000, 138412032 [pid 6290] <... munmap resumed>) = 0 [pid 5086] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, [pid 6290] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5086] <... getdents64 resumed>0x555580b16770 /* 2 entries */, 32768) = 48 [pid 6290] ioctl(4, LOOP_SET_FD, 3 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4 [pid 6291] <... munmap resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5086] rmdir("./118/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./118") = 0 [pid 5086] mkdir("./119", 0777) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6291] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 6290] <... ioctl resumed>) = 0 [pid 6291] ioctl(4, LOOP_SET_FD, 3 [pid 6290] close(3 [pid 6291] <... ioctl resumed>) = 0 [pid 6290] <... close resumed>) = 0 [pid 6291] close(3 [pid 6290] close(4 [pid 6291] <... close resumed>) = 0 [pid 6290] <... close resumed>) = 0 [pid 6290] mkdir("./file0", 0777) = 0 [ 169.359547][ T6290] loop0: detected capacity change from 0 to 4096 [ 169.392682][ T6291] loop4: detected capacity change from 0 to 4096 [pid 6290] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 6293] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6291] close(4 [pid 5087] <... ioctl resumed>) = 0 [pid 6291] <... close resumed>) = 0 [pid 5087] close(3) = 0 [pid 5087] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6294 attached [pid 6291] mkdir("./file0", 0777 [pid 6294] set_robust_list(0x555580b0d6a0, 24 [pid 6291] <... mkdir resumed>) = 0 [pid 6294] <... set_robust_list resumed>) = 0 [pid 6294] chdir("./119") = 0 [pid 6291] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5087] <... clone resumed>, child_tidptr=0x555580b0d690) = 6294 [pid 6294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 169.411474][ T6290] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [pid 6294] setpgid(0, 0 [pid 5086] <... ioctl resumed>) = 0 [pid 6294] <... setpgid resumed>) = 0 [pid 6294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5086] close(3 [pid 6294] <... openat resumed>) = 3 [pid 6294] write(3, "1000", 4) = 4 [pid 6294] close(3 [pid 5086] <... close resumed>) = 0 [pid 6294] <... close resumed>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6294] symlink("/dev/binderfs", "./binderfs" [pid 6290] <... mount resumed>) = 0 executing program [pid 6294] <... symlink resumed>) = 0 [pid 6290] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6294] write(1, "executing program\n", 18) = 18 [pid 6290] <... openat resumed>) = 3 [pid 5086] <... clone resumed>, child_tidptr=0x555580b0d690) = 6295 [pid 6294] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6290] chdir("./file0" [pid 6294] <... futex resumed>) = 0 [pid 6290] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6295 attached [pid 6294] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6290] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6295] set_robust_list(0x555580b0d6a0, 24 [pid 6294] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6293] <... write resumed>) = 2097152 [pid 6294] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6293] munmap(0x7f1df2200000, 138412032 [pid 6294] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6295] <... set_robust_list resumed>) = 0 [pid 6295] chdir("./119") = 0 [ 169.453341][ T6291] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 169.478704][ T6290] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [pid 6295] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6294] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6295] setpgid(0, 0) = 0 [pid 6295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6290] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6295] write(3, "1000", 4 [pid 6294] <... mmap resumed>) = 0x7f1dfa693000 [pid 6293] <... munmap resumed>) = 0 [pid 6291] <... mount resumed>) = 0 [pid 6290] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6295] <... write resumed>) = 4 [pid 6294] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE [pid 6293] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6291] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 6290] <... futex resumed>) = 1 [pid 6288] <... futex resumed>) = 0 [pid 6295] close(3 [pid 6294] <... mprotect resumed>) = 0 [pid 6293] <... openat resumed>) = 4 [pid 6291] <... openat resumed>) = 3 [pid 6290] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6288] exit_group(0 [pid 6295] <... close resumed>) = 0 [pid 6294] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6293] ioctl(4, LOOP_SET_FD, 3 [pid 6291] chdir("./file0" [pid 6290] <... futex resumed>) = ? [pid 6288] <... exit_group resumed>) = ? [pid 6295] symlink("/dev/binderfs", "./binderfs" [pid 6294] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6290] +++ exited with 0 +++ [pid 6288] +++ exited with 0 +++ [pid 6295] <... symlink resumed>) = 0 executing program [pid 6295] write(1, "executing program\n", 18) = 18 [pid 6294] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6288, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 6295] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 6291] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 6296 attached [pid 5085] restart_syscall(<... resuming interrupted clone ...> [pid 6296] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6295] <... futex resumed>) = 0 [pid 5085] <... restart_syscall resumed>) = 0 [pid 6296] <... rseq resumed>) = 0 [pid 6295] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, [pid 6294] <... clone3 resumed> => {parent_tid=[6296]}, 88) = 6296 [pid 6291] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6296] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6294] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6294] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 6294] <... futex resumed>) = 0 [pid 6291] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5085] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 6294] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6291] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5085] newfstatat(3, "", [pid 6296] <... set_robust_list resumed>) = 0 [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6296] rt_sigprocmask(SIG_SETMASK, [], [pid 5085] getdents64(3, [pid 6291] <... futex resumed>) = 1 [pid 5085] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6291] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5085] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6289] <... futex resumed>) = 0 [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6289] exit_group(0 [pid 5085] newfstatat(AT_FDCWD, "./118/binderfs", [pid 6296] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6289] <... exit_group resumed>) = ? [pid 6291] <... futex resumed>) = ? [pid 5085] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6291] +++ exited with 0 +++ [pid 5085] unlink("./118/binderfs" [pid 6296] memfd_create("syzkaller", 0 [pid 6295] <... rt_sigaction resumed>NULL, 8) = 0 [pid 6289] +++ exited with 0 +++ [pid 5085] <... unlink resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6289, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5085] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6293] <... ioctl resumed>) = 0 [pid 6295] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], [pid 6293] close(3 [pid 6295] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6293] <... close resumed>) = 0 [pid 5089] umount2("./118", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6295] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 [pid 6293] close(4 [pid 6295] <... mmap resumed>) = 0x7f1dfa693000 [pid 6295] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6295] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6293] <... close resumed>) = 0 [pid 5085] <... umount2 resumed>) = 0 [pid 6295] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6295] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6297]}, 88) = 6297 [pid 6295] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6295] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6296] <... memfd_create resumed>) = 3 [pid 6295] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 6297 attached [pid 6296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6293] mkdir("./file0", 0777 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6297] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6296] <... mmap resumed>) = 0x7f1df2200000 [pid 6297] <... rseq resumed>) = 0 [pid 6293] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./118", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6297] set_robust_list(0x7f1dfa6b39a0, 24 [pid 5085] newfstatat(AT_FDCWD, "./118/file0", [pid 5089] <... openat resumed>) = 3 [pid 6297] <... set_robust_list resumed>) = 0 [pid 5089] newfstatat(3, "", [pid 5085] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6297] rt_sigprocmask(SIG_SETMASK, [], [pid 6293] mount("/dev/loop3", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6297] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5089] getdents64(3, [pid 5085] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 169.523078][ T6291] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 169.544493][ T6293] loop3: detected capacity change from 0 to 4096 [pid 6297] memfd_create("syzkaller", 0) = 3 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] umount2("./118/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6297] <... mmap resumed>) = 0x7f1df2200000 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(4, [pid 5089] newfstatat(AT_FDCWD, "./118/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] close(4) = 0 [pid 5089] unlink("./118/binderfs") = 0 [pid 5085] rmdir("./118/file0" [pid 5089] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... rmdir resumed>) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5085] close(3 [pid 5089] <... umount2 resumed>) = 0 [pid 6296] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5085] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] rmdir("./118" [pid 5089] newfstatat(AT_FDCWD, "./118/file0", [pid 5085] <... rmdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] mkdir("./119", 0777 [pid 5089] umount2("./118/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./118/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] <... openat resumed>) = 3 [ 169.604874][ T6293] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [pid 5089] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5085] ioctl(3, LOOP_CLR_FD [pid 5089] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5089] close(4 [pid 5085] close(3 [pid 5089] <... close resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5089] rmdir("./118/file0" [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 6298 attached [pid 5089] getdents64(3, [pid 5085] <... clone resumed>, child_tidptr=0x555580b0d690) = 6298 [pid 5089] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6298] set_robust_list(0x555580b0d6a0, 24 [pid 5089] close(3 [pid 6298] <... set_robust_list resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 6298] chdir("./119" [pid 5089] rmdir("./118" [pid 6298] <... chdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 6298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6298] setpgid(0, 0 [pid 5089] mkdir("./119", 0777 [pid 6298] <... setpgid resumed>) = 0 [pid 6298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... mkdir resumed>) = 0 [pid 6298] <... openat resumed>) = 3 [pid 6297] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 6298] write(3, "1000", 4) = 4 [pid 5089] <... openat resumed>) = 3 [pid 6298] close(3) = 0 [pid 6298] symlink("/dev/binderfs", "./binderfs"executing program [pid 5089] ioctl(3, LOOP_CLR_FD [pid 6298] <... symlink resumed>) = 0 [pid 6298] write(1, "executing program\n", 18) = 18 [pid 6298] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6298] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6298] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6298] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6298] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6298] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6298] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6299]}, 88) = 6299 [pid 6298] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6298] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6298] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 6299 attached [pid 6296] <... write resumed>) = 2097152 [pid 6299] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053) = 0 [pid 6299] set_robust_list(0x7f1dfa6b39a0, 24) = 0 [pid 6299] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6299] memfd_create("syzkaller", 0) = 3 [pid 6296] munmap(0x7f1df2200000, 138412032 [pid 6299] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6297] <... write resumed>) = 2097152 [pid 6296] <... munmap resumed>) = 0 [pid 6299] <... mmap resumed>) = 0x7f1df2200000 [pid 6293] <... mount resumed>) = 0 [pid 6293] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6299] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6297] munmap(0x7f1df2200000, 138412032 [pid 6296] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 6293] chdir("./file0") = 0 [ 169.746931][ T6293] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [pid 6296] <... openat resumed>) = 4 [pid 6293] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6296] ioctl(4, LOOP_SET_FD, 3 [pid 6293] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 6293] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6293] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6296] <... ioctl resumed>) = 0 [pid 6292] <... futex resumed>) = 0 [pid 6292] exit_group(0 [pid 6297] <... munmap resumed>) = 0 [pid 6292] <... exit_group resumed>) = ? [pid 6297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 6293] <... futex resumed>) = ? [pid 6297] <... openat resumed>) = 4 [pid 6293] +++ exited with 0 +++ [pid 6292] +++ exited with 0 +++ [pid 5089] <... ioctl resumed>) = 0 [pid 6297] ioctl(4, LOOP_SET_FD, 3 [pid 6296] close(3 [pid 5089] close(3 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6292, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 6296] <... close resumed>) = 0 [pid 6299] <... write resumed>) = 2097152 [pid 6297] <... ioctl resumed>) = 0 [pid 6296] close(4 [pid 5089] <... close resumed>) = 0 [pid 6299] munmap(0x7f1df2200000, 138412032 [pid 6297] close(3 [pid 6296] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 6297] <... close resumed>) = 0 [pid 6296] mkdir("./file0", 0777./strace-static-x86_64: Process 6300 attached [pid 6297] close(4) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x555580b0d690) = 6300 [pid 5088] umount2("./119", MNT_FORCE|UMOUNT_NOFOLLOW [ 169.792640][ T6296] loop2: detected capacity change from 0 to 4096 [ 169.816652][ T6297] loop1: detected capacity change from 0 to 4096 [pid 6297] mkdir("./file0", 0777 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6297] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 6300] set_robust_list(0x555580b0d6a0, 24 [pid 6297] mount("/dev/loop1", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] <... openat resumed>) = 3 [pid 6300] <... set_robust_list resumed>) = 0 [pid 6299] <... munmap resumed>) = 0 [pid 6296] <... mkdir resumed>) = 0 [pid 6300] chdir("./119") = 0 [pid 6300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6300] setpgid(0, 0 [pid 6299] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 6296] mount("/dev/loop2", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] newfstatat(3, "", [pid 6300] <... setpgid resumed>) = 0 [pid 5088] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6299] <... openat resumed>) = 4 [pid 5088] getdents64(3, [pid 6300] write(3, "1000", 4 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5088] umount2("./119/binderfs", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 6300] <... write resumed>) = 4 [pid 6299] ioctl(4, LOOP_SET_FD, 3 [pid 6300] close(3 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6300] <... close resumed>) = 0 [pid 6300] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6300] write(1, "executing program\n", 18) = 18 [pid 6300] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6300] rt_sigaction(SIGRT_1, {sa_handler=0x7f1dfa722ee0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f1dfa714090}, NULL, 8) = 0 [pid 6300] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6300] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f1dfa693000 [pid 6300] mprotect(0x7f1dfa694000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6300] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5088] newfstatat(AT_FDCWD, "./119/binderfs", [pid 6300] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6300] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7f1dfa6b3990, parent_tid=0x7f1dfa6b3990, exit_signal=0, stack=0x7f1dfa693000, stack_size=0x20300, tls=0x7f1dfa6b36c0} => {parent_tid=[6301]}, 88) = 6301 [pid 6300] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ./strace-static-x86_64: Process 6301 attached [pid 5088] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 6301] rseq(0x7f1dfa6b3fe0, 0x20, 0, 0x53053053 [pid 6300] futex(0x7f1dfa7a36a8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6301] <... rseq resumed>) = 0 [pid 6300] <... futex resumed>) = 0 [pid 6301] set_robust_list(0x7f1dfa6b39a0, 24 [pid 6300] futex(0x7f1dfa7a36ac, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6301] <... set_robust_list resumed>) = 0 [pid 6301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6299] <... ioctl resumed>) = 0 [pid 5088] unlink("./119/binderfs" [pid 6301] memfd_create("syzkaller", 0 [pid 6299] close(3 [pid 5088] <... unlink resumed>) = 0 [pid 6299] <... close resumed>) = 0 [pid 5088] umount2("./119/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6299] close(4 [pid 6301] <... memfd_create resumed>) = 3 [pid 6301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1df2200000 [ 169.847286][ T6297] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 169.869813][ T6299] loop0: detected capacity change from 0 to 4096 [ 169.876540][ T6296] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [pid 6299] <... close resumed>) = 0 [pid 5088] <... umount2 resumed>) = 0 [pid 5088] umount2("./119/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6299] mkdir("./file0", 0777 [pid 6297] <... mount resumed>) = 0 [pid 6299] <... mkdir resumed>) = 0 [pid 5088] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5088] newfstatat(AT_FDCWD, "./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] umount2("./119/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5088] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5088] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 6299] mount("/dev/loop0", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5088] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5088] getdents64(4, [pid 6297] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... getdents64 resumed>0x555580b16770 /* 0 entries */, 32768) = 0 [pid 6297] <... openat resumed>) = 3 [ 169.918098][ T6297] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [pid 5088] close(4 [pid 6301] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\x20\x21\x6f\x11\xa9\xe0\x6c\x4c\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 6297] chdir("./file0") = 0 [pid 5088] <... close resumed>) = 0 [pid 6297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] rmdir("./119/file0" [pid 6297] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] <... rmdir resumed>) = 0 [pid 6297] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] getdents64(3, [pid 6297] <... futex resumed>) = 1 [pid 6295] <... futex resumed>) = 0 [pid 5088] <... getdents64 resumed>0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 6297] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5088] close(3 [pid 6296] <... mount resumed>) = 0 [pid 6295] exit_group(0 [pid 5088] <... close resumed>) = 0 [pid 6297] <... futex resumed>) = ? [pid 6295] <... exit_group resumed>) = ? [pid 5088] rmdir("./119" [pid 6297] +++ exited with 0 +++ [pid 6296] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] <... rmdir resumed>) = 0 [pid 5088] mkdir("./120", 0777 [pid 6296] <... openat resumed>) = 3 [pid 6296] chdir("./file0") = 0 [pid 5088] <... mkdir resumed>) = 0 [pid 6296] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 6296] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5088] <... openat resumed>) = 3 [pid 6296] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000 [pid 5088] ioctl(3, LOOP_CLR_FD [pid 6296] <... futex resumed>) = 1 [pid 6294] <... futex resumed>) = 0 [pid 6296] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6294] exit_group(0 [pid 6296] <... futex resumed>) = ? [pid 6294] <... exit_group resumed>) = ? [pid 6296] +++ exited with 0 +++ [pid 6294] +++ exited with 0 +++ [pid 6295] +++ exited with 0 +++ [pid 5087] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6294, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6295, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [ 169.964070][ T6299] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 169.969639][ T6296] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [pid 5086] umount2("./119", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5087] umount2("./119", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5086] umount2("./119/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5086] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5086] newfstatat(AT_FDCWD, "./119/binderfs", [pid 5087] <... openat resumed>) = 3 [pid 5086] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] unlink("./119/binderfs") = 0 [pid 5087] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] getdents64(3, [pid 5086] umount2("./119/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6301] <... write resumed>) = 2097152 [ 170.033779][ C0] ================================================================== [ 170.042097][ C0] BUG: KASAN: out-of-bounds in end_buffer_read_sync+0xc1/0xd0 [ 170.050651][ C0] Write of size 4 at addr ffffc9000a3ef6c0 by task ksoftirqd/0/16 [ 170.058767][ C0] [ 170.061147][ C0] CPU: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0 [ 170.070743][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 170.081524][ C0] Call Trace: [ 170.084870][ C0] [ 170.087909][ C0] dump_stack_lvl+0x241/0x360 [ 170.092623][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 170.097863][ C0] ? __pfx__printk+0x10/0x10 [ 170.102653][ C0] ? _printk+0xd5/0x120 [ 170.106884][ C0] print_report+0x169/0x550 [ 170.111579][ C0] ? __virt_addr_valid+0xbd/0x520 [ 170.117078][ C0] ? end_buffer_read_sync+0xc1/0xd0 [ 170.122418][ C0] kasan_report+0x143/0x180 [ 170.127045][ C0] ? wake_up_bit+0x153/0x1a0 [ 170.131844][ C0] ? end_buffer_read_sync+0xc1/0xd0 [ 170.137111][ C0] kasan_check_range+0x282/0x290 [ 170.142189][ C0] ? __pfx_end_buffer_read_sync+0x10/0x10 [ 170.148019][ C0] end_buffer_read_sync+0xc1/0xd0 [ 170.153086][ C0] end_bio_bh_io_sync+0xbf/0x120 [ 170.158033][ C0] blk_update_request+0x5e7/0x10d0 [ 170.163181][ C0] blk_mq_end_request+0x3e/0x70 [ 170.169346][ C0] blk_done_softirq+0x100/0x150 [ 170.174218][ C0] handle_softirqs+0x2d6/0x990 [ 170.178994][ C0] ? run_ksoftirqd+0xca/0x130 [ 170.183686][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 170.189062][ C0] run_ksoftirqd+0xca/0x130 [ 170.193602][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 170.198837][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 170.203971][ C0] smpboot_thread_fn+0x544/0xa30 [ 170.209021][ C0] ? smpboot_thread_fn+0x4e/0xa30 [ 170.214185][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 170.219650][ C0] kthread+0x2f0/0x390 [ 170.223732][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 170.229205][ C0] ? __pfx_kthread+0x10/0x10 [ 170.233809][ C0] ret_from_fork+0x4b/0x80 [ 170.238268][ C0] ? __pfx_kthread+0x10/0x10 [ 170.242871][ C0] ret_from_fork_asm+0x1a/0x30 [ 170.247657][ C0] [ 170.250852][ C0] [ 170.253181][ C0] The buggy address belongs to the virtual mapping at [ 170.253181][ C0] [ffffc9000a3e8000, ffffc9000a3f1000) created by: [ 170.253181][ C0] copy_process+0x5d1/0x3dc0 [ 170.271619][ C0] [ 170.273945][ C0] The buggy address belongs to the physical page: [ 170.280386][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x3 pfn:0x28089 [ 170.289259][ C0] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 170.296819][ C0] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 170.305406][ C0] raw: 0000000000000003 0000000000000000 00000001ffffffff 0000000000000000 [ 170.313991][ C0] page dumped because: kasan: bad access detected [ 170.320409][ C0] page_owner tracks the page as allocated [ 170.326122][ C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 6298, tgid 6298 (syz-executor232), ts 169721870491, free_ts 169245351265 [ 170.346114][ C0] post_alloc_hook+0x1f3/0x230 [ 170.350986][ C0] get_page_from_freelist+0x2e2d/0x2ee0 [ 170.356983][ C0] __alloc_pages_noprof+0x256/0x6c0 [ 170.362277][ C0] alloc_pages_mpol_noprof+0x3e8/0x680 [ 170.367743][ C0] __vmalloc_node_range_noprof+0x9a4/0x1490 [ 170.373666][ C0] dup_task_struct+0x444/0x8c0 [ 170.378451][ C0] copy_process+0x5d1/0x3dc0 [ 170.383218][ C0] kernel_clone+0x223/0x870 [ 170.387953][ C0] __se_sys_clone3+0x2cb/0x350 [ 170.392739][ C0] do_syscall_64+0xf5/0x240 [ 170.399677][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.405611][ C0] page last free pid 8 tgid 8 stack trace: [ 170.411433][ C0] free_unref_page+0xd19/0xea0 [ 170.416289][ C0] vfree+0x186/0x2e0 [ 170.420203][ C0] delayed_vfree_work+0x56/0x80 [ 170.425086][ C0] process_scheduled_works+0xa2c/0x1830 [ 170.430819][ C0] worker_thread+0x86d/0xd70 [ 170.435534][ C0] kthread+0x2f0/0x390 [ 170.439779][ C0] ret_from_fork+0x4b/0x80 [ 170.444328][ C0] ret_from_fork_asm+0x1a/0x30 [ 170.449227][ C0] [ 170.451659][ C0] Memory state around the buggy address: [ 170.457366][ C0] ffffc9000a3ef580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 170.465472][ C0] ffffc9000a3ef600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 170.473541][ C0] >ffffc9000a3ef680: 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 00 00 f2 [pid 6301] munmap(0x7f1df2200000, 138412032) = 0 [pid 5087] <... getdents64 resumed>0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 6301] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] umount2("./119/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6301] <... openat resumed>) = 4 [pid 5087] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 6301] ioctl(4, LOOP_SET_FD, 3 [pid 5087] newfstatat(AT_FDCWD, "./119/binderfs", [pid 6301] <... ioctl resumed>) = 0 [pid 5087] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] unlink("./119/binderfs" [pid 6301] close(3 [pid 5087] <... unlink resumed>) = 0 [pid 5087] umount2("./119/file0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 6301] <... close resumed>) = 0 [pid 6301] close(4 [pid 6299] <... mount resumed>) = 0 [pid 6301] <... close resumed>) = 0 [pid 6301] mkdir("./file0", 0777 [pid 6299] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6299] chdir("./file0") = 0 [pid 6299] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 170.481814][ C0] ^ [ 170.488521][ C0] ffffc9000a3ef700: f2 f2 f2 f2 00 f2 f2 f2 01 f3 f3 f3 00 00 00 00 [ 170.496620][ C0] ffffc9000a3ef780: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 [ 170.505160][ C0] ================================================================== [ 170.513451][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 170.520679][ C0] CPU: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.9.0-syzkaller-10323-g8f6a15f095a6 #0 [pid 6299] futex(0x7f1dfa7a36ac, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6299] futex(0x7f1dfa7a36a8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6301] <... mkdir resumed>) = 0 [pid 6301] mount("/dev/loop4", "./file0", "ntfs3", MS_DIRSYNC|MS_REC|MS_SILENT|MS_POSIXACL, "" [pid 5086] <... umount2 resumed>) = 0 [pid 5086] umount2("./119/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] newfstatat(AT_FDCWD, "./119/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5086] umount2("./119/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5086] openat(AT_FDCWD, "./119/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 170.530351][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 170.540535][ C0] Call Trace: [ 170.543864][ C0] [ 170.546838][ C0] dump_stack_lvl+0x241/0x360 [ 170.551918][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 170.557212][ C0] ? __pfx__printk+0x10/0x10 [ 170.561901][ C0] ? vscnprintf+0x5d/0x90 [ 170.566377][ C0] panic+0x349/0x860 [ 170.570335][ C0] ? check_panic_on_warn+0x21/0xb0 [ 170.576026][ C0] ? __pfx_panic+0x10/0x10 [pid 5086] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5086] getdents64(4, 0x555580b16770 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(4, 0x555580b16770 /* 0 entries */, 32768) = 0 [pid 5086] close(4) = 0 [pid 5086] rmdir("./119/file0") = 0 [pid 5086] getdents64(3, 0x555580b0e730 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 [pid 5086] rmdir("./119") = 0 [pid 5086] mkdir("./120", 0777) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [ 170.580614][ C0] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 170.587956][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 170.594790][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 170.601288][ C0] ? print_report+0x502/0x550 [ 170.606033][ C0] check_panic_on_warn+0x86/0xb0 [ 170.611382][ C0] ? end_buffer_read_sync+0xc1/0xd0 [ 170.617022][ C0] end_report+0x77/0x160 [ 170.621863][ C0] kasan_report+0x154/0x180 [ 170.626778][ C0] ? wake_up_bit+0x153/0x1a0 [pid 5086] ioctl(3, LOOP_CLR_FD [pid 6298] <... futex resumed>) = 0 [pid 6298] exit_group(0 [pid 6299] <... futex resumed>) = ? [pid 6298] <... exit_group resumed>) = ? [pid 6299] +++ exited with 0 +++ [ 170.631417][ C0] ? end_buffer_read_sync+0xc1/0xd0 [ 170.636861][ C0] kasan_check_range+0x282/0x290 [ 170.642022][ C0] ? __pfx_end_buffer_read_sync+0x10/0x10 [ 170.647796][ C0] end_buffer_read_sync+0xc1/0xd0 [ 170.652886][ C0] end_bio_bh_io_sync+0xbf/0x120 [ 170.657966][ C0] blk_update_request+0x5e7/0x10d0 [ 170.663154][ C0] blk_mq_end_request+0x3e/0x70 [ 170.668149][ C0] blk_done_softirq+0x100/0x150 [ 170.673327][ C0] handle_softirqs+0x2d6/0x990 [ 170.678147][ C0] ? run_ksoftirqd+0xca/0x130 [pid 6298] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=6298, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5085] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5085] umount2("./119", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] openat(AT_FDCWD, "./119", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5085] getdents64(3, 0x555580b0e730 /* 4 entries */, 32768) = 112 [pid 5085] umount2("./119/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5085] newfstatat(AT_FDCWD, "./119/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5085] unlink("./119/binderfs") = 0 [ 170.682939][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 170.688307][ C0] run_ksoftirqd+0xca/0x130 [ 170.692957][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 170.698140][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 170.703279][ C0] smpboot_thread_fn+0x544/0xa30 [ 170.708452][ C0] ? smpboot_thread_fn+0x4e/0xa30 [ 170.713596][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 170.719081][ C0] kthread+0x2f0/0x390 [ 170.723280][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 170.728781][ C0] ? __pfx_kthread+0x10/0x10 [ 170.733405][ C0] ret_from_fork+0x4b/0x80 [ 170.737861][ C0] ? __pfx_kthread+0x10/0x10 [ 170.742557][ C0] ret_from_fork_asm+0x1a/0x30 [ 170.747519][ C0] [ 170.750665][ C0] Kernel Offset: disabled [ 170.755252][ C0] Rebooting in 86400 seconds..