./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3040699276 <...> Warning: Permanently added '10.128.0.249' (ED25519) to the list of known hosts. execve("./syz-executor3040699276", ["./syz-executor3040699276"], 0x7ffde1d8a710 /* 10 vars */) = 0 brk(NULL) = 0x555556150000 brk(0x555556150d00) = 0x555556150d00 arch_prctl(ARCH_SET_FS, 0x555556150380) = 0 set_tid_address(0x555556150650) = 5072 set_robust_list(0x555556150660, 24) = 0 rseq(0x555556150ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3040699276", 4096) = 28 getrandom("\x3f\xc1\x67\x0f\x72\xe2\xa1\x28", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556150d00 brk(0x555556171d00) = 0x555556171d00 brk(0x555556172000) = 0x555556172000 mprotect(0x7fa180d8e000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 mkdir("./syzkaller.KlPlSG", 0700) = 0 chmod("./syzkaller.KlPlSG", 0777) = 0 chdir("./syzkaller.KlPlSG") = 0 mkdir("./0", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5074 attached , child_tidptr=0x555556150650) = 5074 [pid 5074] set_robust_list(0x555556150660, 24) = 0 [pid 5074] chdir("./0") = 0 [pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5074] setpgid(0, 0) = 0 [pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5074] write(3, "1000", 4) = 4 [pid 5074] close(3) = 0 [pid 5074] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5074] memfd_create("syzkaller", 0) = 3 [pid 5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5074] munmap(0x7fa178800000, 138412032) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5074] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5074] close(3) = 0 [pid 5074] close(4) = 0 [pid 5074] mkdir("./file0", 0777) = 0 [pid 5074] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5074] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5074] chdir("./file0") = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 56.035827][ T5074] loop0: detected capacity change from 0 to 1024 [pid 5074] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5074] exit_group(0) = ? [pid 5074] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5074, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/binderfs") = 0 umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./0/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 56.228927][ T5072] [ 56.231284][ T5072] ============================================ [ 56.237417][ T5072] WARNING: possible recursive locking detected [ 56.243562][ T5072] 6.9.0-rc6-syzkaller-00053-g0106679839f7 #0 Not tainted [ 56.250583][ T5072] -------------------------------------------- [ 56.256730][ T5072] syz-executor304/5072 is trying to acquire lock: [ 56.263124][ T5072] ffff888079f49548 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_get_block+0x383/0x14f0 [ 56.274002][ T5072] [ 56.274002][ T5072] but task is already holding lock: [ 56.281356][ T5072] ffff888079f4b048 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x2da/0xb50 [ 56.292480][ T5072] [ 56.292480][ T5072] other info that might help us debug this: [ 56.300516][ T5072] Possible unsafe locking scenario: [ 56.300516][ T5072] [ 56.307940][ T5072] CPU0 [ 56.311208][ T5072] ---- [ 56.314462][ T5072] lock(&HFSPLUS_I(inode)->extents_lock); [ 56.320247][ T5072] lock(&HFSPLUS_I(inode)->extents_lock); [ 56.326029][ T5072] [ 56.326029][ T5072] *** DEADLOCK *** [ 56.326029][ T5072] [ 56.334183][ T5072] May be due to missing lock nesting notation [ 56.334183][ T5072] [ 56.342476][ T5072] 6 locks held by syz-executor304/5072: [ 56.348009][ T5072] #0: ffff888024084420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 [ 56.357139][ T5072] #1: ffff888079f49e00 (&type->i_mutex_dir_key#6/1){+.+.}-{3:3}, at: do_unlinkat+0x26a/0x830 [ 56.367396][ T5072] #2: ffff888079f4b240 (&sb->s_type->i_mutex_key#14){+.+.}-{3:3}, at: vfs_unlink+0xe4/0x600 [ 56.377558][ T5072] #3: ffff88802393e998 (&sbi->vh_mutex){+.+.}-{3:3}, at: hfsplus_unlink+0x161/0x790 [ 56.387008][ T5072] #4: ffff888079f4b048 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x2da/0xb50 [ 56.398549][ T5072] #5: ffff88802393e8f8 (&sbi->alloc_mutex){+.+.}-{3:3}, at: hfsplus_block_free+0xbb/0x4e0 [ 56.408526][ T5072] [ 56.408526][ T5072] stack backtrace: [ 56.414405][ T5072] CPU: 1 PID: 5072 Comm: syz-executor304 Not tainted 6.9.0-rc6-syzkaller-00053-g0106679839f7 #0 [ 56.424805][ T5072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 56.434837][ T5072] Call Trace: [ 56.438121][ T5072] [ 56.441035][ T5072] dump_stack_lvl+0x241/0x360 [ 56.445709][ T5072] ? __pfx_dump_stack_lvl+0x10/0x10 [ 56.450889][ T5072] ? print_deadlock_bug+0x479/0x620 [ 56.456066][ T5072] ? _find_first_zero_bit+0xd4/0x100 [ 56.461341][ T5072] validate_chain+0x15c1/0x58e0 [ 56.466192][ T5072] ? __pfx_stack_trace_save+0x10/0x10 [ 56.471545][ T5072] ? check_noncircular+0x259/0x4a0 [ 56.476640][ T5072] ? __pfx_validate_chain+0x10/0x10 [ 56.481816][ T5072] ? __pfx_check_noncircular+0x10/0x10 [ 56.487256][ T5072] ? lockdep_unlock+0x16a/0x300 [ 56.492092][ T5072] ? __pfx_lockdep_unlock+0x10/0x10 [ 56.497279][ T5072] ? add_lock_to_list+0x1de/0x2e0 [ 56.502281][ T5072] ? look_up_lock_class+0x77/0x160 [ 56.507376][ T5072] ? register_lock_class+0x102/0x980 [ 56.512656][ T5072] ? validate_chain+0x15a2/0x58e0 [ 56.517661][ T5072] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 56.523797][ T5072] ? __pfx_register_lock_class+0x10/0x10 [ 56.529436][ T5072] ? mark_lock+0x9a/0x350 [ 56.533742][ T5072] __lock_acquire+0x1346/0x1fd0 [ 56.538575][ T5072] lock_acquire+0x1ed/0x550 [ 56.543054][ T5072] ? hfsplus_get_block+0x383/0x14f0 [ 56.548255][ T5072] ? __pfx_lock_acquire+0x10/0x10 [ 56.553259][ T5072] ? __pfx___might_resched+0x10/0x10 [ 56.558521][ T5072] ? do_read_cache_page+0x30/0x200 [ 56.563614][ T5072] ? __pfx_register_lock_class+0x10/0x10 [ 56.569221][ T5072] ? hfsplus_delete_inode+0x174/0x220 [ 56.574585][ T5072] ? vfs_unlink+0x365/0x600 [ 56.579064][ T5072] ? do_unlinkat+0x4ae/0x830 [ 56.583632][ T5072] __mutex_lock+0x136/0xd70 [ 56.588112][ T5072] ? hfsplus_get_block+0x383/0x14f0 [ 56.593307][ T5072] ? hfsplus_get_block+0x383/0x14f0 [ 56.598508][ T5072] ? __pfx___mutex_lock+0x10/0x10 [ 56.604307][ T5072] hfsplus_get_block+0x383/0x14f0 [ 56.609317][ T5072] ? __pfx_hfsplus_get_block+0x10/0x10 [ 56.614883][ T5072] ? _raw_spin_unlock+0x28/0x50 [ 56.619774][ T5072] ? create_empty_buffers+0x53e/0x740 [ 56.625142][ T5072] block_read_full_folio+0x42e/0xe10 [ 56.630460][ T5072] ? __pfx_hfsplus_get_block+0x10/0x10 [ 56.635916][ T5072] ? __pfx_block_read_full_folio+0x10/0x10 [ 56.641720][ T5072] ? __pfx_lru_add_fn+0x10/0x10 [ 56.646575][ T5072] ? folio_add_lru+0x4b3/0x9e0 [ 56.651439][ T5072] ? folio_add_lru+0x27b/0x9e0 [ 56.656237][ T5072] filemap_read_folio+0x1a0/0x790 [ 56.661388][ T5072] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 56.666962][ T5072] ? __pfx_filemap_read_folio+0x10/0x10 [ 56.672514][ T5072] ? __filemap_get_folio+0x92d/0xbb0 [ 56.677802][ T5072] ? hfsplus_block_free+0xbb/0x4e0 [ 56.682907][ T5072] do_read_cache_folio+0x134/0x820 [ 56.688094][ T5072] ? __pfx_hfsplus_read_folio+0x10/0x10 [ 56.693645][ T5072] do_read_cache_page+0x30/0x200 [ 56.698762][ T5072] hfsplus_block_free+0x128/0x4e0 [ 56.703800][ T5072] ? __kmalloc+0x251/0x4a0 [ 56.708215][ T5072] hfsplus_free_extents+0x17a/0xae0 [ 56.713446][ T5072] hfsplus_file_truncate+0x7d0/0xb50 [ 56.718770][ T5072] ? __pfx_hfsplus_file_truncate+0x10/0x10 [ 56.724571][ T5072] ? smk_access+0x4ab/0x4e0 [ 56.729059][ T5072] ? hfsplus_unlink+0x161/0x790 [ 56.734068][ T5072] hfsplus_delete_inode+0x174/0x220 [ 56.739251][ T5072] hfsplus_unlink+0x512/0x790 [ 56.743909][ T5072] ? __pfx_smack_inode_unlink+0x10/0x10 [ 56.749443][ T5072] ? __pfx_hfsplus_unlink+0x10/0x10 [ 56.754638][ T5072] ? __down_write_common+0x162/0x200 [ 56.759910][ T5072] ? bpf_lsm_inode_unlink+0x9/0x10 [ 56.765006][ T5072] ? security_inode_unlink+0xd5/0x120 [ 56.770360][ T5072] vfs_unlink+0x365/0x600 [ 56.774685][ T5072] do_unlinkat+0x4ae/0x830 [ 56.779092][ T5072] ? __pfx_do_unlinkat+0x10/0x10 [ 56.784009][ T5072] ? strncpy_from_user+0x1a4/0x2f0 [ 56.789106][ T5072] __x64_sys_unlink+0x49/0x60 [ 56.793790][ T5072] do_syscall_64+0xf5/0x240 [ 56.798279][ T5072] ? clear_bhb_loop+0x35/0x90 [ 56.802937][ T5072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.808826][ T5072] RIP: 0033:0x7fa180d19ad7 [ 56.813314][ T5072] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.833374][ T5072] RSP: 002b:00007ffdd7683708 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 [ 56.841986][ T5072] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa180d19ad7 [ 56.850027][ T5072] RDX: 00007ffdd7683730 RSI: 00007ffdd76837c0 RDI: 00007ffdd76837c0 [ 56.857999][ T5072] RBP: 00007ffdd76837c0 R08: 0000000000000000 R09: 0000000000000000 [ 56.865964][ T5072] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffdd76848b0 unlink("./0/file0/file.cold") = 0 umount2("./0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./0/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 [ 56.874093][ T5072] R13: 0000555556159700 R14: 0000000000000001 R15: 431bde82d7b634db [ 56.882050][ T5072] [ 56.889039][ T5072] hfsplus: unable to mark blocks free: error -5 [ 56.895331][ T5072] hfsplus: can't free extent umount2("./0/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/file0/file0/file0") = 0 umount2("./0/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./0/file0/file0") = 0 umount2("./0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 56.956982][ T5072] hfsplus: unable to mark blocks free: error -5 [ 56.963282][ T5072] hfsplus: can't free extent [ 56.970394][ T5072] hfsplus: unable to mark blocks free: error -5 [ 56.976731][ T5072] hfsplus: can't free extent unlink("./0/file0/file1") = 0 umount2("./0/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./0/file0/file2") = 0 umount2("./0/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./0/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 57.016146][ T5072] hfsplus: unable to mark blocks free: error -5 [ 57.022479][ T5072] hfsplus: can't free extent unlink("./0/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./0/file0") = -1 EBUSY (Device or resource busy) umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./0/file0") = 0 [ 57.061925][ T5072] hfsplus: unable to mark blocks free: error -5 [ 57.068286][ T5072] hfsplus: can't free extent getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./0") = 0 mkdir("./1", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5076 attached , child_tidptr=0x555556150650) = 5076 [pid 5076] set_robust_list(0x555556150660, 24) = 0 [pid 5076] chdir("./1") = 0 [pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5076] setpgid(0, 0) = 0 [pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5076] write(3, "1000", 4) = 4 [pid 5076] close(3) = 0 [pid 5076] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5076] memfd_create("syzkaller", 0) = 3 [pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5076] munmap(0x7fa178800000, 138412032) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5076] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5076] close(3) = 0 [pid 5076] close(4) = 0 [pid 5076] mkdir("./file0", 0777) = 0 [pid 5076] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5076] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5076] chdir("./file0") = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 57.302799][ T5076] loop0: detected capacity change from 0 to 1024 [pid 5076] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5076] exit_group(0) = ? [pid 5076] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./1/binderfs") = 0 umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./1/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./1/file0/file.cold") = 0 umount2("./1/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./1/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./1/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./1/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./1/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./1/file0/file0/file0") = 0 umount2("./1/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 57.451965][ T5072] hfsplus: unable to mark blocks free: error -5 [ 57.458264][ T5072] hfsplus: can't free extent [ 57.470335][ T5072] hfsplus: unable to mark blocks free: error -5 [ 57.476650][ T5072] hfsplus: can't free extent [ 57.493456][ T5072] hfsplus: unable to mark blocks free: error -5 unlink("./1/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./1/file0/file0") = 0 umount2("./1/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 57.499752][ T5072] hfsplus: can't free extent unlink("./1/file0/file1") = 0 umount2("./1/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./1/file0/file2") = 0 umount2("./1/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./1/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./1/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./1/file0") = -1 EBUSY (Device or resource busy) [ 57.538150][ T5072] hfsplus: unable to mark blocks free: error -5 [ 57.544417][ T5072] hfsplus: can't free extent [ 57.573431][ T5072] hfsplus: unable to mark blocks free: error -5 [ 57.579971][ T5072] hfsplus: can't free extent umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./1/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./1") = 0 mkdir("./2", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556150650) = 5078 ./strace-static-x86_64: Process 5078 attached [pid 5078] set_robust_list(0x555556150660, 24) = 0 [pid 5078] chdir("./2") = 0 [pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] setpgid(0, 0) = 0 [pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "1000", 4) = 4 [pid 5078] close(3) = 0 [pid 5078] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] memfd_create("syzkaller", 0) = 3 [pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5078] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5078] munmap(0x7fa178800000, 138412032) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5078] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5078] close(3) = 0 [pid 5078] close(4) = 0 [pid 5078] mkdir("./file0", 0777) = 0 [pid 5078] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5078] chdir("./file0") = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5078] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5078] exit_group(0) = ? [pid 5078] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [ 57.723936][ T5078] loop0: detected capacity change from 0 to 1024 restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./2/binderfs") = 0 umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./2/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./2/file0/file.cold") = 0 umount2("./2/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./2/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./2/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./2/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 [ 57.872705][ T5072] hfsplus: unable to mark blocks free: error -5 [ 57.879141][ T5072] hfsplus: can't free extent umount2("./2/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./2/file0/file0/file0") = 0 umount2("./2/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./2/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./2/file0/file0") = 0 umount2("./2/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 57.950532][ T5072] hfsplus: unable to mark blocks free: error -5 [ 57.957028][ T5072] hfsplus: can't free extent [ 57.973715][ T5072] hfsplus: unable to mark blocks free: error -5 [ 57.980083][ T5072] hfsplus: can't free extent unlink("./2/file0/file1") = 0 umount2("./2/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./2/file0/file2") = 0 umount2("./2/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./2/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 58.008422][ T5072] hfsplus: unable to mark blocks free: error -5 [ 58.014784][ T5072] hfsplus: can't free extent unlink("./2/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./2/file0") = -1 EBUSY (Device or resource busy) umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./2/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./2") = 0 mkdir("./3", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 58.053524][ T5072] hfsplus: unable to mark blocks free: error -5 [ 58.060040][ T5072] hfsplus: can't free extent ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556150650) = 5080 ./strace-static-x86_64: Process 5080 attached [pid 5080] set_robust_list(0x555556150660, 24) = 0 [pid 5080] chdir("./3") = 0 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5080] setpgid(0, 0) = 0 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] write(3, "1000", 4) = 4 [pid 5080] close(3) = 0 [pid 5080] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] memfd_create("syzkaller", 0) = 3 [pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5080] munmap(0x7fa178800000, 138412032) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5080] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5080] close(3) = 0 [pid 5080] close(4) = 0 [pid 5080] mkdir("./file0", 0777) = 0 [pid 5080] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] chdir("./file0") = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5080] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5080] exit_group(0) = ? [pid 5080] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 58.253679][ T5080] loop0: detected capacity change from 0 to 1024 openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./3/binderfs") = 0 umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./3/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./3/file0/file.cold") = 0 umount2("./3/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./3/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./3/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./3/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 [ 58.372426][ T5072] hfsplus: unable to mark blocks free: error -5 [ 58.378759][ T5072] hfsplus: can't free extent umount2("./3/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./3/file0/file0/file0") = 0 umount2("./3/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./3/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./3/file0/file0") = 0 umount2("./3/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 58.449212][ T5072] hfsplus: unable to mark blocks free: error -5 [ 58.455631][ T5072] hfsplus: can't free extent [ 58.472486][ T5072] hfsplus: unable to mark blocks free: error -5 [ 58.478827][ T5072] hfsplus: can't free extent unlink("./3/file0/file1") = 0 umount2("./3/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./3/file0/file2") = 0 umount2("./3/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./3/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./3/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./3/file0") = -1 EBUSY (Device or resource busy) umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./3/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 [ 58.497280][ T5072] hfsplus: unable to mark blocks free: error -5 [ 58.503594][ T5072] hfsplus: can't free extent [ 58.531905][ T5072] hfsplus: unable to mark blocks free: error -5 [ 58.538279][ T5072] hfsplus: can't free extent close(3) = 0 rmdir("./3") = 0 mkdir("./4", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5082 attached , child_tidptr=0x555556150650) = 5082 [pid 5082] set_robust_list(0x555556150660, 24) = 0 [pid 5082] chdir("./4") = 0 [pid 5082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5082] setpgid(0, 0) = 0 [pid 5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5082] write(3, "1000", 4) = 4 [pid 5082] close(3) = 0 [pid 5082] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5082] memfd_create("syzkaller", 0) = 3 [pid 5082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5082] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5082] munmap(0x7fa178800000, 138412032) = 0 [pid 5082] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5082] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5082] close(3) = 0 [pid 5082] close(4) = 0 [pid 5082] mkdir("./file0", 0777) = 0 [pid 5082] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5082] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5082] chdir("./file0") = 0 [ 58.713534][ T5082] loop0: detected capacity change from 0 to 1024 [pid 5082] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5082] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5082] exit_group(0) = ? [pid 5082] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./4/binderfs") = 0 umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./4/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./4/file0/file.cold") = 0 umount2("./4/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./4/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./4/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./4/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./4/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 58.906013][ T5072] hfsplus: unable to mark blocks free: error -5 [ 58.912592][ T5072] hfsplus: can't free extent unlink("./4/file0/file0/file0") = 0 umount2("./4/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./4/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./4/file0/file0") = 0 umount2("./4/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 58.953851][ T5072] hfsplus: unable to mark blocks free: error -5 [ 58.960343][ T5072] hfsplus: can't free extent [ 58.976564][ T5072] hfsplus: unable to mark blocks free: error -5 [ 58.982917][ T5072] hfsplus: can't free extent unlink("./4/file0/file1") = 0 umount2("./4/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./4/file0/file2") = 0 umount2("./4/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./4/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 59.000820][ T5072] hfsplus: unable to mark blocks free: error -5 [ 59.007108][ T5072] hfsplus: can't free extent unlink("./4/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./4/file0") = -1 EBUSY (Device or resource busy) umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./4/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 [ 59.055000][ T5072] hfsplus: unable to mark blocks free: error -5 [ 59.061378][ T5072] hfsplus: can't free extent close(3) = 0 rmdir("./4") = 0 mkdir("./5", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5084 attached [pid 5084] set_robust_list(0x555556150660, 24) = 0 [pid 5084] chdir("./5") = 0 [pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] <... clone resumed>, child_tidptr=0x555556150650) = 5084 [pid 5084] <... prctl resumed>) = 0 [pid 5084] setpgid(0, 0) = 0 [pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5084] write(3, "1000", 4) = 4 [pid 5084] close(3) = 0 [pid 5084] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5084] memfd_create("syzkaller", 0) = 3 [pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5084] munmap(0x7fa178800000, 138412032) = 0 [pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5084] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5084] close(3) = 0 [pid 5084] close(4) = 0 [pid 5084] mkdir("./file0", 0777) = 0 [pid 5084] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5084] chdir("./file0") = 0 [pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5084] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5084] exit_group(0) = ? [pid 5084] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [ 59.273703][ T5084] loop0: detected capacity change from 0 to 1024 restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./5/binderfs") = 0 umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./5/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./5/file0/file.cold") = 0 umount2("./5/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./5/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./5/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./5/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 [ 59.420090][ T5072] hfsplus: unable to mark blocks free: error -5 [ 59.426467][ T5072] hfsplus: can't free extent umount2("./5/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./5/file0/file0/file0") = 0 umount2("./5/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 59.487260][ T5072] hfsplus: unable to mark blocks free: error -5 [ 59.493573][ T5072] hfsplus: can't free extent unlink("./5/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./5/file0/file0") = 0 umount2("./5/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./5/file0/file1") = 0 umount2("./5/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./5/file0/file2") = 0 umount2("./5/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./5/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 59.540390][ T5072] hfsplus: unable to mark blocks free: error -5 [ 59.546917][ T5072] hfsplus: can't free extent [ 59.574820][ T5072] hfsplus: unable to mark blocks free: error -5 [ 59.581245][ T5072] hfsplus: can't free extent unlink("./5/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./5/file0") = -1 EBUSY (Device or resource busy) umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./5/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./5") = 0 mkdir("./6", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 59.619135][ T5072] hfsplus: unable to mark blocks free: error -5 [ 59.625448][ T5072] hfsplus: can't free extent ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5086 attached , child_tidptr=0x555556150650) = 5086 [pid 5086] set_robust_list(0x555556150660, 24) = 0 [pid 5086] chdir("./6") = 0 [pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5086] setpgid(0, 0) = 0 [pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "1000", 4) = 4 [pid 5086] close(3) = 0 [pid 5086] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5086] memfd_create("syzkaller", 0) = 3 [pid 5086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5086] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5086] munmap(0x7fa178800000, 138412032) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5086] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5086] close(3) = 0 [pid 5086] close(4) = 0 [pid 5086] mkdir("./file0", 0777) = 0 [pid 5086] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5086] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5086] chdir("./file0") = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 59.845531][ T5086] loop0: detected capacity change from 0 to 1024 [pid 5086] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5086] exit_group(0) = ? [pid 5086] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5086, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./6/binderfs") = 0 umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./6/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./6/file0/file.cold") = 0 umount2("./6/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./6/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./6/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./6/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./6/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 60.014457][ T5072] hfsplus: unable to mark blocks free: error -5 [ 60.020838][ T5072] hfsplus: can't free extent unlink("./6/file0/file0/file0") = 0 umount2("./6/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./6/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./6/file0/file0") = 0 umount2("./6/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 60.072131][ T5072] hfsplus: unable to mark blocks free: error -5 [ 60.078593][ T5072] hfsplus: can't free extent [ 60.095443][ T5072] hfsplus: unable to mark blocks free: error -5 [ 60.101751][ T5072] hfsplus: can't free extent unlink("./6/file0/file1") = 0 umount2("./6/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./6/file0/file2") = 0 umount2("./6/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./6/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 60.140605][ T5072] hfsplus: unable to mark blocks free: error -5 [ 60.147066][ T5072] hfsplus: can't free extent unlink("./6/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./6/file0") = -1 EBUSY (Device or resource busy) umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./6/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./6") = 0 mkdir("./7", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 60.185674][ T5072] hfsplus: unable to mark blocks free: error -5 [ 60.192084][ T5072] hfsplus: can't free extent ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5088 attached , child_tidptr=0x555556150650) = 5088 [pid 5088] set_robust_list(0x555556150660, 24) = 0 [pid 5088] chdir("./7") = 0 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] setpgid(0, 0) = 0 [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5088] write(3, "1000", 4) = 4 [pid 5088] close(3) = 0 [pid 5088] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5088] memfd_create("syzkaller", 0) = 3 [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5088] munmap(0x7fa178800000, 138412032) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5088] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5088] close(3) = 0 [pid 5088] close(4) = 0 [pid 5088] mkdir("./file0", 0777) = 0 [pid 5088] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5088] chdir("./file0") = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 60.353251][ T5088] loop0: detected capacity change from 0 to 1024 [pid 5088] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5088] exit_group(0) = ? [pid 5088] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./7/binderfs") = 0 umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./7/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./7/file0/file.cold") = 0 umount2("./7/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./7/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./7/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./7/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 [ 60.514562][ T5072] hfsplus: unable to mark blocks free: error -5 [ 60.520996][ T5072] hfsplus: can't free extent umount2("./7/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./7/file0/file0/file0") = 0 umount2("./7/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./7/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./7/file0/file0") = 0 umount2("./7/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 60.590627][ T5072] hfsplus: unable to mark blocks free: error -5 [ 60.596959][ T5072] hfsplus: can't free extent [ 60.613330][ T5072] hfsplus: unable to mark blocks free: error -5 [ 60.619700][ T5072] hfsplus: can't free extent unlink("./7/file0/file1") = 0 umount2("./7/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./7/file0/file2") = 0 umount2("./7/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./7/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 60.658142][ T5072] hfsplus: unable to mark blocks free: error -5 [ 60.664426][ T5072] hfsplus: can't free extent unlink("./7/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./7/file0") = -1 EBUSY (Device or resource busy) umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./7/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./7") = 0 mkdir("./8", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 60.703184][ T5072] hfsplus: unable to mark blocks free: error -5 [ 60.709513][ T5072] hfsplus: can't free extent ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5090 attached , child_tidptr=0x555556150650) = 5090 [pid 5090] set_robust_list(0x555556150660, 24) = 0 [pid 5090] chdir("./8") = 0 [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] setpgid(0, 0) = 0 [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] write(3, "1000", 4) = 4 [pid 5090] close(3) = 0 [pid 5090] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5090] memfd_create("syzkaller", 0) = 3 [pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5090] munmap(0x7fa178800000, 138412032) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5090] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5090] close(3) = 0 [pid 5090] close(4) = 0 [pid 5090] mkdir("./file0", 0777) = 0 [pid 5090] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5090] chdir("./file0") = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 60.873954][ T5090] loop0: detected capacity change from 0 to 1024 [pid 5090] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5090] exit_group(0) = ? [pid 5090] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./8/binderfs") = 0 umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./8/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./8/file0/file.cold") = 0 umount2("./8/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./8/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./8/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./8/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./8/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 61.054012][ T5072] hfsplus: unable to mark blocks free: error -5 [ 61.060341][ T5072] hfsplus: can't free extent newfstatat(AT_FDCWD, "./8/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./8/file0/file0/file0") = 0 umount2("./8/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 61.119726][ T5072] hfsplus: unable to mark blocks free: error -5 [ 61.126013][ T5072] hfsplus: can't free extent unlink("./8/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./8/file0/file0") = 0 umount2("./8/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 61.163362][ T5072] hfsplus: unable to mark blocks free: error -5 [ 61.169800][ T5072] hfsplus: can't free extent unlink("./8/file0/file1") = 0 umount2("./8/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./8/file0/file2") = 0 umount2("./8/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./8/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./8/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./8/file0") = -1 EBUSY (Device or resource busy) umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./8/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 [ 61.208465][ T5072] hfsplus: unable to mark blocks free: error -5 [ 61.214797][ T5072] hfsplus: can't free extent [ 61.242529][ T5072] hfsplus: unable to mark blocks free: error -5 [ 61.248982][ T5072] hfsplus: can't free extent close(3) = 0 rmdir("./8") = 0 mkdir("./9", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5092 attached , child_tidptr=0x555556150650) = 5092 [pid 5092] set_robust_list(0x555556150660, 24) = 0 [pid 5092] chdir("./9") = 0 [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5092] setpgid(0, 0) = 0 [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5092] write(3, "1000", 4) = 4 [pid 5092] close(3) = 0 [pid 5092] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5092] memfd_create("syzkaller", 0) = 3 [pid 5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5092] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5092] munmap(0x7fa178800000, 138412032) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5092] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5092] close(3) = 0 [pid 5092] close(4) = 0 [pid 5092] mkdir("./file0", 0777) = 0 [pid 5092] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5092] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 61.423950][ T5092] loop0: detected capacity change from 0 to 1024 [pid 5092] chdir("./file0") = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5092] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5092] exit_group(0) = ? [pid 5092] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./9/binderfs") = 0 umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./9/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./9/file0/file.cold") = 0 umount2("./9/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./9/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./9/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./9/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./9/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 61.580359][ T5072] hfsplus: unable to mark blocks free: error -5 [ 61.586807][ T5072] hfsplus: can't free extent unlink("./9/file0/file0/file0") = 0 umount2("./9/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./9/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./9/file0/file0") = 0 umount2("./9/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 61.628202][ T5072] hfsplus: unable to mark blocks free: error -5 [ 61.634611][ T5072] hfsplus: can't free extent [ 61.651749][ T5072] hfsplus: unable to mark blocks free: error -5 [ 61.658183][ T5072] hfsplus: can't free extent unlink("./9/file0/file1") = 0 umount2("./9/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./9/file0/file2") = 0 umount2("./9/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./9/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./9/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./9/file0") = -1 EBUSY (Device or resource busy) umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./9/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./9") = 0 [ 61.677249][ T5072] hfsplus: unable to mark blocks free: error -5 [ 61.683608][ T5072] hfsplus: can't free extent [ 61.712946][ T5072] hfsplus: unable to mark blocks free: error -5 [ 61.719314][ T5072] hfsplus: can't free extent mkdir("./10", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5094 attached , child_tidptr=0x555556150650) = 5094 [pid 5094] set_robust_list(0x555556150660, 24) = 0 [pid 5094] chdir("./10") = 0 [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5094] setpgid(0, 0) = 0 [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "1000", 4) = 4 [pid 5094] close(3) = 0 [pid 5094] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5094] memfd_create("syzkaller", 0) = 3 [pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5094] munmap(0x7fa178800000, 138412032) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5094] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5094] close(3) = 0 [pid 5094] close(4) = 0 [pid 5094] mkdir("./file0", 0777) = 0 [pid 5094] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5094] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5094] chdir("./file0") = 0 [ 61.892986][ T5094] loop0: detected capacity change from 0 to 1024 [pid 5094] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5094] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5094] exit_group(0) = ? [pid 5094] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./10/binderfs") = 0 umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./10/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./10/file0/file.cold") = 0 umount2("./10/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./10/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./10/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./10/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./10/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 62.074588][ T5072] hfsplus: unable to mark blocks free: error -5 [ 62.080939][ T5072] hfsplus: can't free extent unlink("./10/file0/file0/file0") = 0 umount2("./10/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./10/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./10/file0/file0") = 0 umount2("./10/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 62.141764][ T5072] hfsplus: unable to mark blocks free: error -5 [ 62.148253][ T5072] hfsplus: can't free extent [ 62.175130][ T5072] hfsplus: unable to mark blocks free: error -5 [ 62.181495][ T5072] hfsplus: can't free extent unlink("./10/file0/file1") = 0 umount2("./10/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./10/file0/file2") = 0 umount2("./10/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./10/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 62.219586][ T5072] hfsplus: unable to mark blocks free: error -5 [ 62.225863][ T5072] hfsplus: can't free extent unlink("./10/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./10/file0") = -1 EBUSY (Device or resource busy) umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./10/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./10") = 0 mkdir("./11", 0777) = 0 [ 62.264598][ T5072] hfsplus: unable to mark blocks free: error -5 [ 62.270929][ T5072] hfsplus: can't free extent openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5096 attached [pid 5096] set_robust_list(0x555556150660, 24) = 0 [pid 5096] chdir("./11" [pid 5072] <... clone resumed>, child_tidptr=0x555556150650) = 5096 [pid 5096] <... chdir resumed>) = 0 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5096] setpgid(0, 0) = 0 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5096] write(3, "1000", 4) = 4 [pid 5096] close(3) = 0 [pid 5096] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5096] memfd_create("syzkaller", 0) = 3 [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5096] munmap(0x7fa178800000, 138412032) = 0 [pid 5096] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5096] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5096] close(3) = 0 [pid 5096] close(4) = 0 [pid 5096] mkdir("./file0", 0777) = 0 [pid 5096] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [ 62.471140][ T5096] loop0: detected capacity change from 0 to 1024 [pid 5096] chdir("./file0") = 0 [pid 5096] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5096] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5096] exit_group(0) = ? [pid 5096] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./11/binderfs") = 0 umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./11/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./11/file0/file.cold") = 0 umount2("./11/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./11/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./11/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./11/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 [ 62.647290][ T5072] hfsplus: unable to mark blocks free: error -5 [ 62.653566][ T5072] hfsplus: can't free extent umount2("./11/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./11/file0/file0/file0") = 0 umount2("./11/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./11/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./11/file0/file0") = 0 umount2("./11/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 62.724279][ T5072] hfsplus: unable to mark blocks free: error -5 [ 62.730720][ T5072] hfsplus: can't free extent [ 62.738686][ T5072] hfsplus: unable to mark blocks free: error -5 [ 62.745028][ T5072] hfsplus: can't free extent unlink("./11/file0/file1") = 0 umount2("./11/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./11/file0/file2") = 0 umount2("./11/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./11/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 62.773199][ T5072] hfsplus: unable to mark blocks free: error -5 [ 62.779552][ T5072] hfsplus: can't free extent unlink("./11/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./11/file0") = -1 EBUSY (Device or resource busy) umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./11/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 [ 62.817561][ T5072] hfsplus: unable to mark blocks free: error -5 [ 62.823840][ T5072] hfsplus: can't free extent rmdir("./11") = 0 mkdir("./12", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5098 attached , child_tidptr=0x555556150650) = 5098 [pid 5098] set_robust_list(0x555556150660, 24) = 0 [pid 5098] chdir("./12") = 0 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5098] setpgid(0, 0) = 0 [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5098] write(3, "1000", 4) = 4 [pid 5098] close(3) = 0 [pid 5098] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5098] memfd_create("syzkaller", 0) = 3 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5098] munmap(0x7fa178800000, 138412032) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5098] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5098] close(3) = 0 [pid 5098] close(4) = 0 [pid 5098] mkdir("./file0", 0777) = 0 [pid 5098] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5098] chdir("./file0") = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5098] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5098] exit_group(0) = ? [ 63.032059][ T5098] loop0: detected capacity change from 0 to 1024 [pid 5098] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./12/binderfs") = 0 umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./12/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./12/file0/file.cold") = 0 umount2("./12/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./12/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./12/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./12/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 [ 63.250790][ T5072] hfsplus: unable to mark blocks free: error -5 [ 63.257132][ T5072] hfsplus: can't free extent newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./12/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./12/file0/file0/file0") = 0 umount2("./12/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./12/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./12/file0/file0") = 0 umount2("./12/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 63.319074][ T5072] hfsplus: unable to mark blocks free: error -5 [ 63.325393][ T5072] hfsplus: can't free extent [ 63.352241][ T5072] hfsplus: unable to mark blocks free: error -5 [ 63.358754][ T5072] hfsplus: can't free extent unlink("./12/file0/file1") = 0 umount2("./12/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./12/file0/file2") = 0 umount2("./12/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./12/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 63.387759][ T5072] hfsplus: unable to mark blocks free: error -5 [ 63.394056][ T5072] hfsplus: can't free extent unlink("./12/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./12/file0") = -1 EBUSY (Device or resource busy) umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./12/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./12") = 0 [ 63.432790][ T5072] hfsplus: unable to mark blocks free: error -5 [ 63.439180][ T5072] hfsplus: can't free extent mkdir("./13", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5100 attached [pid 5100] set_robust_list(0x555556150660, 24) = 0 [pid 5100] chdir("./13" [pid 5072] <... clone resumed>, child_tidptr=0x555556150650) = 5100 [pid 5100] <... chdir resumed>) = 0 [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5100] setpgid(0, 0) = 0 [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5100] write(3, "1000", 4) = 4 [pid 5100] close(3) = 0 [pid 5100] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5100] memfd_create("syzkaller", 0) = 3 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5100] munmap(0x7fa178800000, 138412032) = 0 [pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5100] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5100] close(3) = 0 [pid 5100] close(4) = 0 [pid 5100] mkdir("./file0", 0777) = 0 [pid 5100] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5100] chdir("./file0") = 0 [pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 63.642082][ T5100] loop0: detected capacity change from 0 to 1024 [pid 5100] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5100] exit_group(0) = ? [pid 5100] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./13/binderfs") = 0 umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./13/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./13/file0/file.cold") = 0 umount2("./13/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./13/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./13/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./13/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./13/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 63.770269][ T5072] hfsplus: unable to mark blocks free: error -5 [ 63.776579][ T5072] hfsplus: can't free extent unlink("./13/file0/file0/file0") = 0 umount2("./13/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./13/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./13/file0/file0") = 0 umount2("./13/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./13/file0/file1") = 0 umount2("./13/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./13/file0/file2") = 0 umount2("./13/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./13/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 63.828199][ T5072] hfsplus: unable to mark blocks free: error -5 [ 63.834628][ T5072] hfsplus: can't free extent [ 63.842896][ T5072] hfsplus: unable to mark blocks free: error -5 [ 63.849233][ T5072] hfsplus: can't free extent [ 63.858525][ T5072] hfsplus: unable to mark blocks free: error -5 [ 63.864799][ T5072] hfsplus: can't free extent unlink("./13/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./13/file0") = -1 EBUSY (Device or resource busy) umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./13/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./13") = 0 mkdir("./14", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 [ 63.873342][ T5072] hfsplus: unable to mark blocks free: error -5 [ 63.879711][ T5072] hfsplus: can't free extent clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5102 attached [pid 5102] set_robust_list(0x555556150660, 24) = 0 [pid 5102] chdir("./14" [pid 5072] <... clone resumed>, child_tidptr=0x555556150650) = 5102 [pid 5102] <... chdir resumed>) = 0 [pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5102] setpgid(0, 0) = 0 [pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5102] write(3, "1000", 4) = 4 [pid 5102] close(3) = 0 [pid 5102] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5102] memfd_create("syzkaller", 0) = 3 [pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5102] munmap(0x7fa178800000, 138412032) = 0 [pid 5102] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5102] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5102] close(3) = 0 [pid 5102] close(4) = 0 [pid 5102] mkdir("./file0", 0777) = 0 [pid 5102] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5102] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5102] chdir("./file0") = 0 [pid 5102] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 64.033361][ T5102] loop0: detected capacity change from 0 to 1024 [pid 5102] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5102] exit_group(0) = ? [pid 5102] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./14/binderfs") = 0 umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./14/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./14/file0/file.cold") = 0 umount2("./14/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./14/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./14/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./14/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 [ 64.178839][ T5072] hfsplus: unable to mark blocks free: error -5 [ 64.185137][ T5072] hfsplus: can't free extent umount2("./14/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./14/file0/file0/file0") = 0 umount2("./14/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./14/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./14/file0/file0") = 0 umount2("./14/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 64.256021][ T5072] hfsplus: unable to mark blocks free: error -5 [ 64.262787][ T5072] hfsplus: can't free extent [ 64.269447][ T5072] hfsplus: unable to mark blocks free: error -5 [ 64.275799][ T5072] hfsplus: can't free extent unlink("./14/file0/file1") = 0 umount2("./14/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./14/file0/file2") = 0 umount2("./14/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./14/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 64.314746][ T5072] hfsplus: unable to mark blocks free: error -5 [ 64.321145][ T5072] hfsplus: can't free extent unlink("./14/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./14/file0") = -1 EBUSY (Device or resource busy) umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./14/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 [ 64.359871][ T5072] hfsplus: unable to mark blocks free: error -5 [ 64.366350][ T5072] hfsplus: can't free extent close(3) = 0 rmdir("./14") = 0 mkdir("./15", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5104 attached [pid 5104] set_robust_list(0x555556150660, 24) = 0 [pid 5104] chdir("./15") = 0 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5072] <... clone resumed>, child_tidptr=0x555556150650) = 5104 [pid 5104] setpgid(0, 0) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5104] write(3, "1000", 4) = 4 [pid 5104] close(3) = 0 [pid 5104] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5104] memfd_create("syzkaller", 0) = 3 [pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5104] munmap(0x7fa178800000, 138412032) = 0 [pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5104] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5104] close(3) = 0 [pid 5104] close(4) = 0 [pid 5104] mkdir("./file0", 0777) = 0 [pid 5104] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5104] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5104] chdir("./file0") = 0 [ 64.608123][ T5104] loop0: detected capacity change from 0 to 1024 [pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5104] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5104] exit_group(0) = ? [pid 5104] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./15/binderfs") = 0 umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./15/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./15/file0/file.cold") = 0 umount2("./15/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./15/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./15/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./15/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 [ 64.800004][ T5072] hfsplus: unable to mark blocks free: error -5 [ 64.806433][ T5072] hfsplus: can't free extent getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./15/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./15/file0/file0/file0") = 0 umount2("./15/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./15/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./15/file0/file0") = 0 umount2("./15/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 64.867120][ T5072] hfsplus: unable to mark blocks free: error -5 [ 64.873399][ T5072] hfsplus: can't free extent [ 64.890575][ T5072] hfsplus: unable to mark blocks free: error -5 [ 64.897176][ T5072] hfsplus: can't free extent unlink("./15/file0/file1") = 0 umount2("./15/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./15/file0/file2") = 0 umount2("./15/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./15/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./15/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./15/file0") = -1 EBUSY (Device or resource busy) umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./15/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./15") = 0 mkdir("./16", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 64.935963][ T5072] hfsplus: unable to mark blocks free: error -5 [ 64.942377][ T5072] hfsplus: can't free extent [ 64.970463][ T5072] hfsplus: unable to mark blocks free: error -5 [ 64.976775][ T5072] hfsplus: can't free extent ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5106 attached , child_tidptr=0x555556150650) = 5106 [pid 5106] set_robust_list(0x555556150660, 24) = 0 [pid 5106] chdir("./16") = 0 [pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5106] setpgid(0, 0) = 0 [pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5106] write(3, "1000", 4) = 4 [pid 5106] close(3) = 0 [pid 5106] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5106] memfd_create("syzkaller", 0) = 3 [pid 5106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5106] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5106] munmap(0x7fa178800000, 138412032) = 0 [pid 5106] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5106] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5106] close(3) = 0 [pid 5106] close(4) = 0 [pid 5106] mkdir("./file0", 0777) = 0 [pid 5106] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5106] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5106] chdir("./file0") = 0 [pid 5106] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5106] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5106] exit_group(0) = ? [ 65.101827][ T5106] loop0: detected capacity change from 0 to 1024 [pid 5106] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./16/binderfs") = 0 umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./16/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./16/file0/file.cold") = 0 umount2("./16/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./16/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./16/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./16/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./16/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 65.330574][ T5072] hfsplus: unable to mark blocks free: error -5 [ 65.337170][ T5072] hfsplus: can't free extent newfstatat(AT_FDCWD, "./16/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./16/file0/file0/file0") = 0 umount2("./16/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./16/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./16/file0/file0") = 0 umount2("./16/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 65.396577][ T5072] hfsplus: unable to mark blocks free: error -5 [ 65.402867][ T5072] hfsplus: can't free extent [ 65.429764][ T5072] hfsplus: unable to mark blocks free: error -5 [ 65.436081][ T5072] hfsplus: can't free extent unlink("./16/file0/file1") = 0 umount2("./16/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./16/file0/file2") = 0 umount2("./16/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./16/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 65.474349][ T5072] hfsplus: unable to mark blocks free: error -5 [ 65.480775][ T5072] hfsplus: can't free extent unlink("./16/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./16/file0") = -1 EBUSY (Device or resource busy) umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./16/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./16") = 0 mkdir("./17", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 65.519022][ T5072] hfsplus: unable to mark blocks free: error -5 [ 65.525285][ T5072] hfsplus: can't free extent ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5108 attached [pid 5108] set_robust_list(0x555556150660, 24) = 0 [pid 5108] chdir("./17" [pid 5072] <... clone resumed>, child_tidptr=0x555556150650) = 5108 [pid 5108] <... chdir resumed>) = 0 [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5108] setpgid(0, 0) = 0 [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5108] write(3, "1000", 4) = 4 [pid 5108] close(3) = 0 [pid 5108] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5108] memfd_create("syzkaller", 0) = 3 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5108] munmap(0x7fa178800000, 138412032) = 0 [pid 5108] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5108] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5108] close(3) = 0 [pid 5108] close(4) = 0 [pid 5108] mkdir("./file0", 0777) = 0 [pid 5108] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5108] chdir("./file0") = 0 [pid 5108] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 65.662263][ T5108] loop0: detected capacity change from 0 to 1024 [pid 5108] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5108] exit_group(0) = ? [pid 5108] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./17/binderfs") = 0 umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./17/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./17/file0/file.cold") = 0 umount2("./17/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./17/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./17/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./17/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 umount2("./17/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./17/file0/file0/file0") = 0 umount2("./17/file0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/file0/file0/file1", {st_mode=S_IFLNK|0777, st_size=38, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./17/file0/file0/file1") = 0 getdents64(5, 0x555556161770 /* 0 entries */, 32768) = 0 close(5) = 0 rmdir("./17/file0/file0") = 0 umount2("./17/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 65.746563][ T5072] hfsplus: unable to mark blocks free: error -5 [ 65.752982][ T5072] hfsplus: can't free extent [ 65.765174][ T5072] hfsplus: unable to mark blocks free: error -5 [ 65.771749][ T5072] hfsplus: can't free extent [ 65.779521][ T5072] hfsplus: unable to mark blocks free: error -5 [ 65.785874][ T5072] hfsplus: can't free extent unlink("./17/file0/file1") = 0 umount2("./17/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./17/file0/file2") = 0 umount2("./17/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./17/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./17/file0/file3") = 0 getdents64(4, 0x555556159730 /* 0 entries */, 32768) = 0 close(4) = 0 rmdir("./17/file0") = -1 EBUSY (Device or resource busy) umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 rmdir("./17/file0") = 0 getdents64(3, 0x5555561516f0 /* 0 entries */, 32768) = 0 close(3) = 0 rmdir("./17") = 0 mkdir("./18", 0777) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 65.794690][ T5072] hfsplus: unable to mark blocks free: error -5 [ 65.801004][ T5072] hfsplus: can't free extent [ 65.809462][ T5072] hfsplus: unable to mark blocks free: error -5 [ 65.815713][ T5072] hfsplus: can't free extent ioctl(3, LOOP_CLR_FD) = 0 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5110 attached [pid 5110] set_robust_list(0x555556150660, 24) = 0 [pid 5110] chdir("./18") = 0 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] <... clone resumed>, child_tidptr=0x555556150650) = 5110 [pid 5110] <... prctl resumed>) = 0 [pid 5110] setpgid(0, 0) = 0 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5110] write(3, "1000", 4) = 4 [pid 5110] close(3) = 0 [pid 5110] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5110] memfd_create("syzkaller", 0) = 3 [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa178800000 [pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5110] munmap(0x7fa178800000, 138412032) = 0 [pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5110] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5110] close(3) = 0 [pid 5110] close(4) = 0 [pid 5110] mkdir("./file0", 0777) = 0 [pid 5110] mount("/dev/loop0", "./file0", "hfsplus", 0, "") = 0 [pid 5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5110] chdir("./file0") = 0 [pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 65.962016][ T5110] loop0: detected capacity change from 0 to 1024 [pid 5110] mount(NULL, "./file0", "bpf", 0, NULL) = 0 [pid 5110] exit_group(0) = ? [pid 5110] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 getdents64(3, 0x5555561516f0 /* 4 entries */, 32768) = 112 umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./18/binderfs") = 0 umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=8, ...}, AT_EMPTY_PATH) = 0 getdents64(4, 0x555556159730 /* 7 entries */, 32768) = 208 umount2("./18/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./18/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 unlink("./18/file0/file.cold") = 0 umount2("./18/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 umount2("./18/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./18/file0/file0", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_SYMLINK_NOFOLLOW) = 0 umount2("./18/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) openat(AT_FDCWD, "./18/file0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=4, ...}, AT_EMPTY_PATH) = 0 getdents64(5, 0x555556161770 /* 4 entries */, 32768) = 112 [ 66.200811][ T5072] hfsplus: unable to mark blocks free: error -5 [ 66.207418][ T5072] hfsplus: can't free extent umount2("./18/file0/file0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) newfstatat(AT_FDCWD, "./18/file0/file0/file0", {st_mode=S_IFREG|0755, st_size=1050, ...}, AT_SYMLINK_NOFOLLOW) = 0