./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2045049306 <...> Warning: Permanently added '10.128.0.32' (ED25519) to the list of known hosts. execve("./syz-executor2045049306", ["./syz-executor2045049306"], 0x7ffcc9295f90 /* 10 vars */) = 0 brk(NULL) = 0x555574eaa000 brk(0x555574eaad00) = 0x555574eaad00 arch_prctl(ARCH_SET_FS, 0x555574eaa380) = 0 set_tid_address(0x555574eaa650) = 5074 set_robust_list(0x555574eaa660, 24) = 0 rseq(0x555574eaaca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2045049306", 4096) = 28 getrandom("\x31\x01\x29\xd9\xb1\xdf\xa2\xd9", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555574eaad00 brk(0x555574ecbd00) = 0x555574ecbd00 brk(0x555574ecc000) = 0x555574ecc000 mprotect(0x7f706ca7f000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5075 attached , child_tidptr=0x555574eaa650) = 5075 [pid 5075] set_robust_list(0x555574eaa660, 24) = 0 [pid 5075] mkdir("./syzkaller.QBv2Jg", 0700 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5076 attached [pid 5075] <... mkdir resumed>) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x555574eaa650) = 5076 [pid 5076] set_robust_list(0x555574eaa660, 24 [pid 5075] chmod("./syzkaller.QBv2Jg", 0777 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... set_robust_list resumed>) = 0 [pid 5075] <... chmod resumed>) = 0 [pid 5076] mkdir("./syzkaller.C7tnLu", 0700 [pid 5075] chdir("./syzkaller.QBv2Jg"./strace-static-x86_64: Process 5077 attached ) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x555574eaa650) = 5077 [pid 5077] set_robust_list(0x555574eaa660, 24 [pid 5075] mkdir("./0", 0777 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... mkdir resumed>) = 0 [pid 5077] <... set_robust_list resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5076] chmod("./syzkaller.C7tnLu", 0777./strace-static-x86_64: Process 5078 attached [pid 5077] mkdir("./syzkaller.fSKz15", 0700 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5074] <... clone resumed>, child_tidptr=0x555574eaa650) = 5078 [pid 5076] <... chmod resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5076] chdir("./syzkaller.C7tnLu" [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] set_robust_list(0x555574eaa660, 24 [pid 5077] chmod("./syzkaller.fSKz15", 0777 [pid 5075] <... openat resumed>) = 3 [pid 5078] <... set_robust_list resumed>) = 0 [pid 5077] <... chmod resumed>) = 0 [pid 5076] <... chdir resumed>) = 0 [pid 5078] mkdir("./syzkaller.HNwIxm", 0700 [pid 5075] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5079 attached [pid 5077] chdir("./syzkaller.fSKz15" [pid 5076] mkdir("./0", 0777 [pid 5074] <... clone resumed>, child_tidptr=0x555574eaa650) = 5079 [pid 5079] set_robust_list(0x555574eaa660, 24 [pid 5077] <... chdir resumed>) = 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... set_robust_list resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] mkdir("./0", 0777 [pid 5076] <... mkdir resumed>) = 0 [pid 5079] mkdir("./syzkaller.JYvgjm", 0700 [pid 5075] close(3) = 0 ./strace-static-x86_64: Process 5080 attached [pid 5079] <... mkdir resumed>) = 0 [pid 5078] chmod("./syzkaller.HNwIxm", 0777 [pid 5077] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] set_robust_list(0x555574eaa660, 24 [pid 5079] chmod("./syzkaller.JYvgjm", 0777 [pid 5074] <... clone resumed>, child_tidptr=0x555574eaa650) = 5080 [pid 5078] <... chmod resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... openat resumed>) = 3 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... set_robust_list resumed>) = 0 [pid 5079] <... chmod resumed>) = 0 ./strace-static-x86_64: Process 5081 attached [pid 5080] mkdir("./syzkaller.58CxBo", 0700 [pid 5079] chdir("./syzkaller.JYvgjm" [pid 5078] chdir("./syzkaller.HNwIxm" [pid 5077] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5081 [pid 5081] set_robust_list(0x555574eaa660, 24) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... chdir resumed>) = 0 [pid 5078] <... chdir resumed>) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5081] chdir("./0" [pid 5078] mkdir("./0", 0777 [pid 5076] close(3) = 0 [pid 5077] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] chmod("./syzkaller.58CxBo", 0777 [pid 5079] mkdir("./0", 0777 [pid 5078] <... mkdir resumed>) = 0 [pid 5081] <... chdir resumed>) = 0 [pid 5080] <... chmod resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] close(3 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5077] <... close resumed>) = 0 [pid 5081] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5081] setpgid(0, 0) = 0 [pid 5081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] chdir("./syzkaller.58CxBo" [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] <... chdir resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5082 ./strace-static-x86_64: Process 5082 attached [pid 5082] set_robust_list(0x555574eaa660, 24) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5083 attached [pid 5082] chdir("./0" [pid 5081] <... openat resumed>) = 3 [pid 5080] mkdir("./0", 0777 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5082] <... chdir resumed>) = 0 [pid 5082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5081] write(3, "1000", 4 [pid 5078] close(3 [pid 5082] setpgid(0, 0 [pid 5081] <... write resumed>) = 4 [pid 5078] <... close resumed>) = 0 [pid 5082] <... setpgid resumed>) = 0 [pid 5081] close(3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5081] <... close resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5083 [pid 5083] set_robust_list(0x555574eaa660, 24 [pid 5082] <... openat resumed>) = 3 [pid 5081] symlink("/dev/binderfs", "./binderfs" [pid 5083] <... set_robust_list resumed>) = 0 [pid 5079] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5083] chdir("./0" [pid 5081] <... symlink resumed>) = 0 [pid 5079] close(3 [pid 5083] <... chdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5082] write(3, "1000", 4 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5083] <... prctl resumed>) = 0 [pid 5082] <... write resumed>) = 4 [pid 5081] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5084 attached [pid 5082] close(3 [pid 5084] set_robust_list(0x555574eaa660, 24 [pid 5082] <... close resumed>) = 0 [pid 5081] <... memfd_create resumed>) = 3 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5084 [pid 5082] symlink("/dev/binderfs", "./binderfs" [pid 5084] <... set_robust_list resumed>) = 0 [pid 5083] setpgid(0, 0 [pid 5082] <... symlink resumed>) = 0 [pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5084] chdir("./0" [pid 5083] <... setpgid resumed>) = 0 [pid 5084] <... chdir resumed>) = 0 [pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5081] <... mmap resumed>) = 0x7f7064400000 [pid 5080] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5085 attached [pid 5084] <... prctl resumed>) = 0 [pid 5083] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5084] setpgid(0, 0 [pid 5082] memfd_create("syzkaller", 0 [pid 5084] <... setpgid resumed>) = 0 [pid 5082] <... memfd_create resumed>) = 3 [pid 5085] set_robust_list(0x555574eaa660, 24 [pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5083] write(3, "1000", 4 [pid 5080] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5085 [pid 5085] <... set_robust_list resumed>) = 0 [pid 5084] <... openat resumed>) = 3 [pid 5083] <... write resumed>) = 4 [pid 5082] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] close(3 [pid 5085] chdir("./0" [pid 5084] write(3, "1000", 4 [pid 5083] close(3 [pid 5082] <... mmap resumed>) = 0x7f7064400000 [pid 5085] <... chdir resumed>) = 0 [pid 5084] <... write resumed>) = 4 [pid 5083] <... close resumed>) = 0 [pid 5082] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5081] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] <... close resumed>) = 0 [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5083] symlink("/dev/binderfs", "./binderfs" [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5084] close(3) = 0 [pid 5084] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5083] <... symlink resumed>) = 0 [pid 5085] <... prctl resumed>) = 0 [pid 5085] setpgid(0, 0 [pid 5084] memfd_create("syzkaller", 0 [pid 5083] memfd_create("syzkaller", 0 [pid 5085] <... setpgid resumed>) = 0 [pid 5084] <... memfd_create resumed>) = 3 [pid 5081] <... write resumed>) = 524288 ./strace-static-x86_64: Process 5086 attached [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5083] <... memfd_create resumed>) = 3 [pid 5083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5086 [pid 5086] set_robust_list(0x555574eaa660, 24 [pid 5085] <... openat resumed>) = 3 [pid 5084] <... mmap resumed>) = 0x7f7064400000 [pid 5083] <... mmap resumed>) = 0x7f7064400000 [pid 5086] <... set_robust_list resumed>) = 0 [pid 5085] write(3, "1000", 4 [pid 5086] chdir("./0" [pid 5085] <... write resumed>) = 4 [pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5083] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5085] close(3 [pid 5081] munmap(0x7f7064400000, 138412032 [pid 5086] <... chdir resumed>) = 0 [pid 5085] <... close resumed>) = 0 [pid 5084] <... write resumed>) = 524288 [pid 5082] <... write resumed>) = 524288 [pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5085] symlink("/dev/binderfs", "./binderfs" [pid 5086] <... prctl resumed>) = 0 [pid 5086] setpgid(0, 0 [pid 5085] <... symlink resumed>) = 0 [pid 5084] munmap(0x7f7064400000, 138412032 [pid 5081] <... munmap resumed>) = 0 [pid 5086] <... setpgid resumed>) = 0 [pid 5082] munmap(0x7f7064400000, 138412032 [pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5084] <... munmap resumed>) = 0 [pid 5082] <... munmap resumed>) = 0 [pid 5081] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5086] <... openat resumed>) = 3 [pid 5085] memfd_create("syzkaller", 0 [pid 5084] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5083] <... write resumed>) = 524288 [pid 5082] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5081] <... openat resumed>) = 4 [pid 5081] ioctl(4, LOOP_SET_FD, 3 [pid 5086] write(3, "1000", 4 [pid 5085] <... memfd_create resumed>) = 3 [pid 5084] <... openat resumed>) = 4 [pid 5083] munmap(0x7f7064400000, 138412032 [pid 5082] <... openat resumed>) = 4 [pid 5086] <... write resumed>) = 4 [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5084] ioctl(4, LOOP_SET_FD, 3 [pid 5083] <... munmap resumed>) = 0 [pid 5082] ioctl(4, LOOP_SET_FD, 3 [pid 5081] <... ioctl resumed>) = 0 [pid 5086] close(3 [pid 5085] <... mmap resumed>) = 0x7f7064400000 [pid 5081] close(3 [pid 5086] <... close resumed>) = 0 [pid 5081] <... close resumed>) = 0 [pid 5081] close(4) = 0 [pid 5081] mkdir("./file1", 0777) = 0 [pid 5086] symlink("/dev/binderfs", "./binderfs" [pid 5084] <... ioctl resumed>) = 0 [pid 5083] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5086] <... symlink resumed>) = 0 [pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5082] <... ioctl resumed>) = 0 [ 112.024205][ T5081] loop0: detected capacity change from 0 to 1024 [ 112.033378][ T5082] loop1: detected capacity change from 0 to 1024 [ 112.043662][ T5084] loop3: detected capacity change from 0 to 1024 [ 112.064354][ T5081] ======================================================= [pid 5081] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5086] memfd_create("syzkaller", 0) = 3 [pid 5086] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5082] close(3) = 0 [pid 5082] close(4 [pid 5086] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5083] <... openat resumed>) = 4 [pid 5082] <... close resumed>) = 0 [pid 5083] ioctl(4, LOOP_SET_FD, 3 [pid 5084] close(3 [pid 5082] mkdir("./file1", 0777 [pid 5084] <... close resumed>) = 0 [pid 5082] <... mkdir resumed>) = 0 [pid 5084] close(4) = 0 [pid 5082] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5084] mkdir("./file1", 0777) = 0 [pid 5085] <... write resumed>) = 524288 [pid 5086] <... write resumed>) = 524288 [pid 5085] munmap(0x7f7064400000, 138412032 [pid 5084] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5085] <... munmap resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [ 112.064354][ T5081] WARNING: The mand mount option has been deprecated and [ 112.064354][ T5081] and is ignored by this kernel. Remove the mand [ 112.064354][ T5081] option from the mount to silence this warning. [ 112.064354][ T5081] ======================================================= [ 112.072012][ T5083] loop2: detected capacity change from 0 to 1024 [pid 5085] ioctl(4, LOOP_SET_FD, 3 [pid 5086] munmap(0x7f7064400000, 138412032) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5086] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5085] <... ioctl resumed>) = 0 [pid 5085] close(3) = 0 [pid 5085] close(4 [pid 5086] close(3 [pid 5085] <... close resumed>) = 0 [pid 5086] <... close resumed>) = 0 [pid 5085] mkdir("./file1", 0777 [pid 5084] <... mount resumed>) = 0 [pid 5082] <... mount resumed>) = 0 [pid 5085] <... mkdir resumed>) = 0 [pid 5084] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5082] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5084] <... openat resumed>) = 3 [pid 5082] <... openat resumed>) = 3 [pid 5084] chdir("./file1" [pid 5082] chdir("./file1" [pid 5086] close(4 [pid 5085] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5086] <... close resumed>) = 0 [pid 5084] <... chdir resumed>) = 0 [pid 5082] <... chdir resumed>) = 0 [pid 5084] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5086] mkdir("./file1", 0777 [pid 5085] <... mount resumed>) = 0 [pid 5084] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5082] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5086] <... mkdir resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5082] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5086] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5085] <... openat resumed>) = 3 [pid 5082] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5085] chdir("./file1" [pid 5084] <... openat resumed>) = 4 [pid 5082] <... openat resumed>) = 4 [pid 5081] <... mount resumed>) = 0 [pid 5085] <... chdir resumed>) = 0 [pid 5084] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5082] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5085] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [ 112.137116][ T5085] loop4: detected capacity change from 0 to 1024 [ 112.153583][ T5086] loop5: detected capacity change from 0 to 1024 [pid 5086] <... mount resumed>) = 0 [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5081] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5086] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5085] <... openat resumed>) = 4 [pid 5086] <... openat resumed>) = 3 [pid 5085] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5086] chdir("./file1" [pid 5083] <... ioctl resumed>) = 0 [pid 5086] <... chdir resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5083] close(3 [pid 5086] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5083] <... close resumed>) = 0 [pid 5086] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5083] close(4 [pid 5086] <... openat resumed>) = 4 [pid 5083] <... close resumed>) = 0 [pid 5081] <... openat resumed>) = 3 [pid 5086] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5083] mkdir("./file1", 0777 [pid 5081] chdir("./file1") = 0 [pid 5083] <... mkdir resumed>) = 0 [pid 5083] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5081] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5081] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5081] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5084] <... ioctl resumed>) = 0 [pid 5082] <... ioctl resumed>) = 0 [pid 5084] exit_group(0 [pid 5082] exit_group(0 [pid 5084] <... exit_group resumed>) = ? [pid 5085] <... ioctl resumed>) = 0 [pid 5082] <... exit_group resumed>) = ? [pid 5085] exit_group(0 [pid 5084] +++ exited with 0 +++ [pid 5082] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5086] <... ioctl resumed>) = 0 [pid 5085] <... exit_group resumed>) = ? [pid 5081] <... ioctl resumed>) = 0 [pid 5086] exit_group(0 [pid 5085] +++ exited with 0 +++ [pid 5081] exit_group(0 [pid 5076] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5086] <... exit_group resumed>) = ? [pid 5083] <... mount resumed>) = 0 [pid 5081] <... exit_group resumed>) = ? [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5086] +++ exited with 0 +++ [pid 5083] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5081] +++ exited with 0 +++ [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5083] <... openat resumed>) = 3 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5086, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5076] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5081, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5083] chdir("./file1" [pid 5079] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5083] <... chdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(3, "", [pid 5083] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5083] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5076] getdents64(3, [pid 5083] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] newfstatat(3, "", [pid 5078] newfstatat(3, "", [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5083] <... openat resumed>) = 4 [pid 5080] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5083] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] getdents64(3, [pid 5078] getdents64(3, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5083] <... ioctl resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5075] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5083] exit_group(0 [pid 5080] <... openat resumed>) = 3 [pid 5079] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5083] <... exit_group resumed>) = ? [pid 5080] newfstatat(3, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] unlink("./0/binderfs" [pid 5075] newfstatat(3, "", [pid 5083] +++ exited with 0 +++ [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5078] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5075] getdents64(3, [pid 5079] unlink("./0/binderfs" [pid 5078] unlink("./0/binderfs" [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... unlink resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5075] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(3, [pid 5079] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5083, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] unlink("./0/binderfs") = 0 [pid 5075] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", [pid 5080] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] getdents64(3, [pid 5080] unlink("./0/binderfs" [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] <... unlink resumed>) = 0 [pid 5080] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = 0 [pid 5079] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5076] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] newfstatat(AT_FDCWD, "./0/file1", [pid 5077] unlink("./0/binderfs" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... unlink resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./0/file1", [pid 5075] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] newfstatat(AT_FDCWD, "./0/file1", [pid 5078] newfstatat(AT_FDCWD, "./0/file1", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... openat resumed>) = 4 [pid 5080] newfstatat(AT_FDCWD, "./0/file1", [pid 5079] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(4, "", [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(4, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... openat resumed>) = 4 [pid 5075] getdents64(4, [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... openat resumed>) = 4 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] newfstatat(4, "", [pid 5075] close(4 [pid 5080] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... close resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 5077] <... umount2 resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] rmdir("./0/file1" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 5075] <... rmdir resumed>) = 0 [pid 5078] getdents64(4, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] <... close resumed>) = 0 [pid 5079] getdents64(4, [pid 5078] rmdir("./0/file1" [pid 5080] getdents64(4, [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 5076] getdents64(4, [pid 5080] close(4 [pid 5079] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] rmdir("./0/file1" [pid 5076] close(4 [pid 5080] rmdir("./0/file1" [pid 5079] <... rmdir resumed>) = 0 [pid 5077] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, [pid 5076] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] rmdir("./0/file1" [pid 5078] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] getdents64(3, [pid 5080] getdents64(3, [pid 5079] getdents64(3, [pid 5078] <... close resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./0/file1", [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] rmdir("./0" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] close(3 [pid 5080] close(3 [pid 5079] close(3 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] umount2("./0/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5075] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] rmdir("./0" [pid 5077] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5080] rmdir("./0" [pid 5079] rmdir("./0" [pid 5077] <... openat resumed>) = 4 [pid 5076] close(3 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] mkdir("./1", 0777 [pid 5077] newfstatat(4, "", [pid 5076] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] rmdir("./0" [pid 5077] getdents64(4, [pid 5075] mkdir("./1", 0777 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5077] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 5080] <... rmdir resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5079] mkdir("./1", 0777 [pid 5080] mkdir("./1", 0777 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] rmdir("./0/file1" [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... rmdir resumed>) = 0 [pid 5076] mkdir("./1", 0777 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] <... openat resumed>) = 3 [pid 5075] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5078] <... ioctl resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5078] close(3 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... close resumed>) = 0 [pid 5077] getdents64(3, [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... openat resumed>) = 3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] close(3) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5077] rmdir("./0") = 0 ./strace-static-x86_64: Process 5088 attached [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5088] set_robust_list(0x555574eaa660, 24 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5088 [pid 5077] mkdir("./1", 0777 [pid 5088] <... set_robust_list resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5088] chdir("./1" [pid 5075] <... ioctl resumed>) = 0 [pid 5088] <... chdir resumed>) = 0 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... openat resumed>) = 3 [pid 5088] <... prctl resumed>) = 0 [pid 5088] setpgid(0, 0) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] close(3 [pid 5088] <... openat resumed>) = 3 [pid 5076] <... ioctl resumed>) = 0 [pid 5088] write(3, "1000", 4) = 4 [pid 5088] close(3 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5076] close(3 [pid 5075] <... close resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5088] symlink("/dev/binderfs", "./binderfs" [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5088] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5090 attached [pid 5088] memfd_create("syzkaller", 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5091 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5090 [pid 5090] set_robust_list(0x555574eaa660, 24 [pid 5088] <... memfd_create resumed>) = 3 [pid 5090] <... set_robust_list resumed>) = 0 [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5090] chdir("./1"./strace-static-x86_64: Process 5091 attached ) = 0 [pid 5080] close(3 [pid 5079] close(3 [pid 5091] set_robust_list(0x555574eaa660, 24 [pid 5080] <... close resumed>) = 0 [pid 5091] <... set_robust_list resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... close resumed>) = 0 [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5094 attached ./strace-static-x86_64: Process 5093 attached [pid 5091] chdir("./1" [pid 5090] setpgid(0, 0 [pid 5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5093] set_robust_list(0x555574eaa660, 24 [pid 5094] set_robust_list(0x555574eaa660, 24 [pid 5093] <... set_robust_list resumed>) = 0 [pid 5091] <... chdir resumed>) = 0 [pid 5090] <... setpgid resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5093 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5094 [pid 5077] <... ioctl resumed>) = 0 [pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5094] <... set_robust_list resumed>) = 0 [pid 5093] chdir("./1" [pid 5091] setpgid(0, 0 [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... write resumed>) = 524288 [ 112.462683][ T5070] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 112.463020][ T5087] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5094] chdir("./1" [pid 5093] <... chdir resumed>) = 0 [pid 5091] <... setpgid resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5088] munmap(0x7f7064400000, 138412032 [pid 5077] close(3 [pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5093] setpgid(0, 0) = 0 [pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] write(3, "1000", 4 [pid 5077] <... close resumed>) = 0 [pid 5094] <... chdir resumed>) = 0 [pid 5090] <... write resumed>) = 4 [pid 5088] <... munmap resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] close(3) = 0 [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] symlink("/dev/binderfs", "./binderfs" [pid 5094] setpgid(0, 0) = 0 [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... symlink resumed>) = 0 [pid 5090] memfd_create("syzkaller", 0) = 3 [pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... openat resumed>) = 3 [pid 5090] <... mmap resumed>) = 0x7f7064400000 [pid 5091] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 3 [pid 5091] write(3, "1000", 4 [pid 5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5093] write(3, "1000", 4 [pid 5094] write(3, "1000", 4 [pid 5093] <... write resumed>) = 4 [pid 5091] <... write resumed>) = 4 [pid 5088] <... openat resumed>) = 4 [pid 5094] <... write resumed>) = 4 [pid 5093] close(3 [pid 5091] close(3 [pid 5088] ioctl(4, LOOP_SET_FD, 3 [pid 5094] close(3 [pid 5093] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 ./strace-static-x86_64: Process 5095 attached [pid 5094] <... close resumed>) = 0 [pid 5093] symlink("/dev/binderfs", "./binderfs" [pid 5091] symlink("/dev/binderfs", "./binderfs" [pid 5095] set_robust_list(0x555574eaa660, 24 [pid 5094] symlink("/dev/binderfs", "./binderfs" [pid 5095] <... set_robust_list resumed>) = 0 [pid 5095] chdir("./1" [pid 5091] <... symlink resumed>) = 0 [pid 5094] <... symlink resumed>) = 0 [pid 5095] <... chdir resumed>) = 0 [pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5095] setpgid(0, 0 [pid 5093] <... symlink resumed>) = 0 [pid 5095] <... setpgid resumed>) = 0 [pid 5094] memfd_create("syzkaller", 0 [pid 5093] memfd_create("syzkaller", 0 [pid 5091] memfd_create("syzkaller", 0 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5095 [pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... memfd_create resumed>) = 3 [pid 5093] <... memfd_create resumed>) = 3 [pid 5093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... memfd_create resumed>) = 3 [pid 5091] <... mmap resumed>) = 0x7f7064400000 [pid 5095] <... openat resumed>) = 3 [pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... mmap resumed>) = 0x7f7064400000 [pid 5095] write(3, "1000", 4) = 4 [pid 5094] <... mmap resumed>) = 0x7f7064400000 [pid 5095] close(3 [pid 5090] <... write resumed>) = 524288 [pid 5095] <... close resumed>) = 0 [pid 5094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5091] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5088] <... ioctl resumed>) = 0 [pid 5093] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5088] close(3) = 0 [pid 5088] close(4) = 0 [pid 5095] symlink("/dev/binderfs", "./binderfs" [pid 5088] mkdir("./file1", 0777 [pid 5095] <... symlink resumed>) = 0 [pid 5095] memfd_create("syzkaller", 0) = 3 [pid 5090] munmap(0x7f7064400000, 138412032) = 0 [ 112.558210][ T5088] loop3: detected capacity change from 0 to 1024 [pid 5095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... write resumed>) = 524288 [pid 5093] <... write resumed>) = 524288 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5088] <... mkdir resumed>) = 0 [pid 5095] <... mmap resumed>) = 0x7f7064400000 [pid 5093] munmap(0x7f7064400000, 138412032 [pid 5088] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5094] munmap(0x7f7064400000, 138412032 [pid 5095] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5090] <... openat resumed>) = 4 [pid 5094] <... munmap resumed>) = 0 [pid 5091] <... write resumed>) = 524288 [pid 5091] munmap(0x7f7064400000, 138412032 [pid 5093] <... munmap resumed>) = 0 [pid 5091] <... munmap resumed>) = 0 [pid 5090] ioctl(4, LOOP_SET_FD, 3 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... openat resumed>) = 4 [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5093] <... openat resumed>) = 4 [pid 5091] <... openat resumed>) = 4 [pid 5094] ioctl(4, LOOP_SET_FD, 3 [pid 5093] ioctl(4, LOOP_SET_FD, 3 [pid 5091] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... write resumed>) = 524288 [pid 5090] <... ioctl resumed>) = 0 [pid 5090] close(3) = 0 [pid 5090] close(4) = 0 [pid 5090] mkdir("./file1", 0777) = 0 [pid 5088] <... mount resumed>) = 0 [pid 5090] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5094] <... ioctl resumed>) = 0 [pid 5093] <... ioctl resumed>) = 0 [pid 5088] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] close(3 [pid 5088] <... openat resumed>) = 3 [pid 5093] <... close resumed>) = 0 [pid 5094] close(3 [pid 5088] chdir("./file1" [pid 5094] <... close resumed>) = 0 [pid 5093] close(4 [pid 5094] close(4 [pid 5088] <... chdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] <... close resumed>) = 0 [pid 5093] <... close resumed>) = 0 [ 112.639429][ T5090] loop0: detected capacity change from 0 to 1024 [ 112.660550][ T5093] loop5: detected capacity change from 0 to 1024 [ 112.660651][ T5091] loop1: detected capacity change from 0 to 1024 [ 112.667484][ T5094] loop4: detected capacity change from 0 to 1024 [pid 5095] munmap(0x7f7064400000, 138412032 [pid 5094] mkdir("./file1", 0777 [pid 5093] mkdir("./file1", 0777 [pid 5088] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] <... munmap resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5093] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5095] <... openat resumed>) = 4 [pid 5088] <... openat resumed>) = 4 [pid 5095] ioctl(4, LOOP_SET_FD, 3 [pid 5088] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5095] <... ioctl resumed>) = 0 [pid 5093] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5091] <... ioctl resumed>) = 0 [pid 5091] close(3) = 0 [pid 5091] close(4) = 0 [pid 5091] mkdir("./file1", 0777) = 0 [pid 5095] close(3 [pid 5091] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5095] <... close resumed>) = 0 [pid 5095] close(4) = 0 [pid 5095] mkdir("./file1", 0777) = 0 [pid 5095] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "") = 0 [pid 5094] <... mount resumed>) = 0 [pid 5091] <... mount resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [ 112.734226][ T5095] loop2: detected capacity change from 0 to 1024 [pid 5094] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5090] <... mount resumed>) = 0 [pid 5088] exit_group(0 [pid 5095] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5093] <... mount resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5095] chdir("./file1" [pid 5091] chdir("./file1" [pid 5095] <... chdir resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5093] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5091] <... chdir resumed>) = 0 [pid 5088] <... exit_group resumed>) = ? [pid 5095] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5091] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5091] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5090] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5095] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5091] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5090] <... openat resumed>) = 3 [pid 5095] <... openat resumed>) = 4 [pid 5091] <... openat resumed>) = 4 [pid 5090] chdir("./file1" [pid 5095] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5094] chdir("./file1" [pid 5093] <... openat resumed>) = 3 [pid 5091] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5090] <... chdir resumed>) = 0 [pid 5095] <... ioctl resumed>) = 0 [pid 5094] <... chdir resumed>) = 0 [pid 5093] chdir("./file1" [pid 5091] <... ioctl resumed>) = 0 [pid 5088] +++ exited with 0 +++ [pid 5095] exit_group(0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] <... chdir resumed>) = 0 [pid 5091] exit_group(0 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5095] <... exit_group resumed>) = ? [pid 5094] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5093] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] <... exit_group resumed>) = ? [pid 5090] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] +++ exited with 0 +++ [pid 5094] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5093] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5094] <... openat resumed>) = 4 [pid 5093] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5090] <... openat resumed>) = 4 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5095, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5093] <... openat resumed>) = 4 [pid 5090] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5094] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5093] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5090] <... ioctl resumed>) = 0 [pid 5078] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] exit_group(0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... exit_group resumed>) = ? [pid 5078] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... ioctl resumed>) = 0 [pid 5093] <... ioctl resumed>) = 0 [pid 5090] +++ exited with 0 +++ [pid 5078] <... openat resumed>) = 3 [pid 5093] exit_group(0 [pid 5091] +++ exited with 0 +++ [pid 5094] exit_group(0 [pid 5078] newfstatat(3, "", [pid 5077] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5094] <... exit_group resumed>) = ? [pid 5093] <... exit_group resumed>) = ? [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./1/binderfs") = 0 [pid 5094] +++ exited with 0 +++ [pid 5075] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5093] +++ exited with 0 +++ [pid 5079] <... restart_syscall resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5078] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 3 [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5079] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 [pid 5080] <... restart_syscall resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 5075] newfstatat(3, "", [pid 5076] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... openat resumed>) = 3 [pid 5080] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] newfstatat(3, "", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] newfstatat(3, "", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] getdents64(3, [pid 5075] getdents64(3, [pid 5076] getdents64(3, [pid 5080] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] newfstatat(3, "", [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5079] unlink("./1/binderfs") = 0 [pid 5079] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5076] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5075] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] unlink("./1/binderfs" [pid 5076] unlink("./1/binderfs" [pid 5080] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5075] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./1/file1", [pid 5077] <... unlink resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./1/binderfs" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] <... unlink resumed>) = 0 [pid 5079] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] unlink("./1/binderfs" [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./1/file1", [pid 5080] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... unlink resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(4, [pid 5079] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... umount2 resumed>) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5078] getdents64(4, [pid 5076] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] close(4 [pid 5076] newfstatat(AT_FDCWD, "./1/file1", [pid 5079] newfstatat(4, "", [pid 5078] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] rmdir("./1/file1" [pid 5077] <... umount2 resumed>) = 0 [pid 5076] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] getdents64(4, [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./1/file1", [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] getdents64(4, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 4 [pid 5075] newfstatat(AT_FDCWD, "./1/file1", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(3, [pid 5077] newfstatat(AT_FDCWD, "./1/file1", [pid 5076] newfstatat(4, "", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5079] close(4 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... close resumed>) = 0 [pid 5078] close(3 [pid 5077] umount2("./1/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(4, [pid 5079] rmdir("./1/file1" [pid 5078] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] rmdir("./1" [pid 5077] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] getdents64(4, [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5076] getdents64(4, [pid 5075] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] getdents64(3, [pid 5078] mkdir("./2", 0777 [pid 5075] newfstatat(4, "", [pid 5080] close(4 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] newfstatat(4, "", [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(4 [pid 5079] close(3 [pid 5076] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 5076] rmdir("./1/file1" [pid 5080] <... close resumed>) = 0 [pid 5079] rmdir("./1" [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] rmdir("./1/file1") = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] getdents64(4, [pid 5076] getdents64(3, [pid 5080] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] close(4 [pid 5076] <... close resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] rmdir("./1" [pid 5080] close(3 [pid 5078] close(3 [pid 5077] rmdir("./1/file1" [pid 5076] <... rmdir resumed>) = 0 [pid 5075] getdents64(4, [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./1" [pid 5079] mkdir("./2", 0777 [pid 5078] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] mkdir("./2", 0777 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... rmdir resumed>) = 0 [pid 5075] getdents64(4, [pid 5080] mkdir("./2", 0777 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5075] close(4 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5077] getdents64(3, [pid 5075] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... openat resumed>) = 3 [pid 5075] rmdir("./1/file1"./strace-static-x86_64: Process 5098 attached [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5098 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5098] set_robust_list(0x555574eaa660, 24 [pid 5080] close(3 [pid 5079] close(3 [pid 5077] <... close resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5077] rmdir("./1" [pid 5080] <... close resumed>) = 0 [pid 5075] getdents64(3, [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./2", 0777 [pid 5098] <... set_robust_list resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... mkdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5099 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD) = 0 [pid 5075] close(3 [pid 5077] close(3 [pid 5098] chdir("./2" [pid 5077] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5098] <... chdir resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] rmdir("./1"./strace-static-x86_64: Process 5099 attached [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5100 attached [pid 5099] set_robust_list(0x555574eaa660, 24 [pid 5098] <... prctl resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5100 [pid 5075] mkdir("./2", 0777 [pid 5099] <... set_robust_list resumed>) = 0 [pid 5098] setpgid(0, 0 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5101 [pid 5099] chdir("./2"./strace-static-x86_64: Process 5101 attached [pid 5100] set_robust_list(0x555574eaa660, 24 [pid 5099] <... chdir resumed>) = 0 [pid 5098] <... setpgid resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5100] <... set_robust_list resumed>) = 0 [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5101] set_robust_list(0x555574eaa660, 24 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5101] <... set_robust_list resumed>) = 0 [pid 5099] <... prctl resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5101] chdir("./2" [pid 5100] chdir("./2" [pid 5099] setpgid(0, 0 [pid 5098] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5099] <... setpgid resumed>) = 0 [pid 5100] <... chdir resumed>) = 0 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5098] write(3, "1000", 4 [pid 5075] <... ioctl resumed>) = 0 [pid 5101] <... chdir resumed>) = 0 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5101] setpgid(0, 0) = 0 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] close(3 [pid 5101] <... openat resumed>) = 3 [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5099] <... openat resumed>) = 3 [pid 5098] <... write resumed>) = 4 [pid 5075] <... close resumed>) = 0 [pid 5099] write(3, "1000", 4 [pid 5101] write(3, "1000", 4 [pid 5099] <... write resumed>) = 4 [pid 5101] <... write resumed>) = 4 [pid 5099] close(3 [pid 5101] close(3 [pid 5100] <... prctl resumed>) = 0 [pid 5099] <... close resumed>) = 0 [pid 5098] close(3 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5099] symlink("/dev/binderfs", "./binderfs" [pid 5101] <... close resumed>) = 0 [pid 5099] <... symlink resumed>) = 0 [pid 5101] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5101] memfd_create("syzkaller", 0 [pid 5100] setpgid(0, 0 [pid 5099] memfd_create("syzkaller", 0 [pid 5098] <... close resumed>) = 0 [pid 5100] <... setpgid resumed>) = 0 [pid 5098] symlink("/dev/binderfs", "./binderfs" [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5102 attached [pid 5101] <... memfd_create resumed>) = 3 [pid 5100] <... openat resumed>) = 3 [pid 5099] <... memfd_create resumed>) = 3 [pid 5098] <... symlink resumed>) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5102 [pid 5102] set_robust_list(0x555574eaa660, 24 [pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5100] write(3, "1000", 4 [pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5102] <... set_robust_list resumed>) = 0 [pid 5101] <... mmap resumed>) = 0x7f7064400000 [pid 5100] <... write resumed>) = 4 [pid 5099] <... mmap resumed>) = 0x7f7064400000 [pid 5098] memfd_create("syzkaller", 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5102] chdir("./2" [pid 5100] close(3 [pid 5099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5098] <... memfd_create resumed>) = 3 [pid 5100] <... close resumed>) = 0 [pid 5100] symlink("/dev/binderfs", "./binderfs" [ 113.097313][ T5096] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5102] <... chdir resumed>) = 0 [pid 5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5100] <... symlink resumed>) = 0 [pid 5099] <... write resumed>) = 524288 [pid 5098] <... mmap resumed>) = 0x7f7064400000 [pid 5076] close(3 [pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5100] memfd_create("syzkaller", 0 [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5076] <... close resumed>) = 0 [pid 5101] <... write resumed>) = 524288 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5102] setpgid(0, 0) = 0 [pid 5100] <... memfd_create resumed>) = 3 [pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5102] write(3, "1000", 4 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5103 [pid 5100] <... mmap resumed>) = 0x7f7064400000 ./strace-static-x86_64: Process 5103 attached [pid 5099] munmap(0x7f7064400000, 138412032 [pid 5103] set_robust_list(0x555574eaa660, 24 [pid 5102] <... write resumed>) = 4 [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5099] <... munmap resumed>) = 0 [pid 5103] <... set_robust_list resumed>) = 0 [pid 5102] close(3 [pid 5103] chdir("./2") = 0 [pid 5102] <... close resumed>) = 0 [pid 5099] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5102] symlink("/dev/binderfs", "./binderfs" [pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5101] munmap(0x7f7064400000, 138412032 [pid 5099] <... openat resumed>) = 4 [pid 5103] <... prctl resumed>) = 0 [pid 5102] <... symlink resumed>) = 0 [pid 5101] <... munmap resumed>) = 0 [pid 5099] ioctl(4, LOOP_SET_FD, 3 [pid 5098] <... write resumed>) = 524288 [pid 5098] munmap(0x7f7064400000, 138412032 [pid 5103] setpgid(0, 0 [pid 5098] <... munmap resumed>) = 0 [pid 5103] <... setpgid resumed>) = 0 [pid 5102] memfd_create("syzkaller", 0 [pid 5101] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5102] <... memfd_create resumed>) = 3 [pid 5103] <... openat resumed>) = 3 [pid 5103] write(3, "1000", 4 [pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5101] <... openat resumed>) = 4 [pid 5100] <... write resumed>) = 524288 [pid 5098] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5103] <... write resumed>) = 4 [pid 5101] ioctl(4, LOOP_SET_FD, 3 [pid 5103] close(3 [pid 5102] <... mmap resumed>) = 0x7f7064400000 [pid 5100] munmap(0x7f7064400000, 138412032 [pid 5098] <... openat resumed>) = 4 [pid 5103] <... close resumed>) = 0 [pid 5098] ioctl(4, LOOP_SET_FD, 3 [pid 5103] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5103] memfd_create("syzkaller", 0) = 3 [pid 5103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5100] <... munmap resumed>) = 0 [pid 5099] <... ioctl resumed>) = 0 [pid 5099] close(3 [pid 5100] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5099] <... close resumed>) = 0 [pid 5099] close(4 [pid 5100] ioctl(4, LOOP_SET_FD, 3 [pid 5099] <... close resumed>) = 0 [ 113.239293][ T5099] loop4: detected capacity change from 0 to 1024 [ 113.265431][ T5101] loop2: detected capacity change from 0 to 1024 [ 113.278511][ T5098] loop3: detected capacity change from 0 to 1024 [pid 5103] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5099] mkdir("./file1", 0777) = 0 [pid 5101] <... ioctl resumed>) = 0 [pid 5099] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5101] close(3) = 0 [pid 5101] close(4) = 0 [pid 5101] mkdir("./file1", 0777) = 0 [pid 5098] <... ioctl resumed>) = 0 [pid 5101] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5098] close(3) = 0 [pid 5103] <... write resumed>) = 524288 [pid 5098] close(4) = 0 [pid 5100] <... ioctl resumed>) = 0 [pid 5098] mkdir("./file1", 0777 [pid 5100] close(3) = 0 [ 113.297402][ T5100] loop5: detected capacity change from 0 to 1024 [pid 5100] close(4 [pid 5103] munmap(0x7f7064400000, 138412032 [pid 5102] <... write resumed>) = 524288 [pid 5100] <... close resumed>) = 0 [pid 5099] <... mount resumed>) = 0 [pid 5098] <... mkdir resumed>) = 0 [pid 5103] <... munmap resumed>) = 0 [pid 5100] mkdir("./file1", 0777 [pid 5099] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5103] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5099] <... openat resumed>) = 3 [pid 5103] <... openat resumed>) = 4 [pid 5100] <... mkdir resumed>) = 0 [pid 5099] chdir("./file1" [pid 5103] ioctl(4, LOOP_SET_FD, 3 [pid 5099] <... chdir resumed>) = 0 [pid 5098] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5102] munmap(0x7f7064400000, 138412032 [pid 5101] <... mount resumed>) = 0 [pid 5100] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5099] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5102] <... munmap resumed>) = 0 [pid 5101] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5099] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5101] chdir("./file1" [pid 5099] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5101] <... chdir resumed>) = 0 [pid 5099] <... openat resumed>) = 4 [pid 5101] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5099] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5101] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5099] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5101] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5099] exit_group(0 [pid 5102] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5101] <... openat resumed>) = 4 [pid 5099] <... exit_group resumed>) = ? [pid 5102] <... openat resumed>) = 4 [pid 5101] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5099] +++ exited with 0 +++ [pid 5101] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [ 113.379932][ T5103] loop1: detected capacity change from 0 to 1024 [pid 5102] ioctl(4, LOOP_SET_FD, 3 [pid 5101] exit_group(0 [pid 5098] <... mount resumed>) = 0 [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5103] <... ioctl resumed>) = 0 [pid 5103] close(3 [pid 5101] <... exit_group resumed>) = ? [pid 5079] <... restart_syscall resumed>) = 0 [pid 5103] <... close resumed>) = 0 [pid 5101] +++ exited with 0 +++ [pid 5103] close(4 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5103] <... close resumed>) = 0 [pid 5079] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5103] mkdir("./file1", 0777 [pid 5102] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5103] <... mkdir resumed>) = 0 [pid 5102] close(3 [pid 5100] <... mount resumed>) = 0 [pid 5098] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5102] <... close resumed>) = 0 [pid 5098] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 3 [pid 5100] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5103] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5102] close(4 [pid 5100] <... openat resumed>) = 3 [pid 5098] chdir("./file1" [pid 5079] newfstatat(3, "", [pid 5102] <... close resumed>) = 0 [pid 5100] chdir("./file1" [pid 5098] <... chdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5102] mkdir("./file1", 0777 [pid 5100] <... chdir resumed>) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5079] getdents64(3, [pid 5077] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... openat resumed>) = 3 [pid 5102] <... mkdir resumed>) = 0 [pid 5100] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5077] newfstatat(3, "", [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./2/binderfs" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5077] getdents64(3, [pid 5102] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5100] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5098] <... openat resumed>) = 4 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5098] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5100] <... openat resumed>) = 4 [pid 5077] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5100] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 113.422803][ T5102] loop0: detected capacity change from 0 to 1024 [pid 5077] unlink("./2/binderfs") = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5103] <... mount resumed>) = 0 [pid 5079] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./2/file1", [pid 5098] <... ioctl resumed>) = 0 [pid 5100] <... ioctl resumed>) = 0 [pid 5098] exit_group(0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5100] exit_group(0 [pid 5098] <... exit_group resumed>) = ? [pid 5079] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5103] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5103] chdir("./file1") = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5103] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5103] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5100] <... exit_group resumed>) = ? [pid 5079] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5103] <... openat resumed>) = 4 [pid 5103] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5103] exit_group(0 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5103] <... exit_group resumed>) = ? [pid 5079] getdents64(4, [pid 5100] +++ exited with 0 +++ [pid 5098] +++ exited with 0 +++ [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5079] getdents64(4, [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./2/file1" [pid 5078] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] <... rmdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5103] +++ exited with 0 +++ [pid 5080] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5080] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] newfstatat(3, "", [pid 5078] getdents64(3, [pid 5077] <... umount2 resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5102] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5102] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] getdents64(3, [pid 5079] getdents64(3, [pid 5078] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5102] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5077] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5102] ioctl(3, LOOP_CLR_FD [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(3, "", [pid 5102] <... ioctl resumed>) = 0 [pid 5080] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] close(3 [pid 5102] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... close resumed>) = 0 [pid 5078] unlink("./2/binderfs" [pid 5077] newfstatat(AT_FDCWD, "./2/file1", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5102] <... close resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./2/binderfs", [ 113.512986][ T5102] hfsplus: unable to set blocksize to 1024! [ 113.553066][ T5102] hfsplus: unable to find HFS+ superblock [pid 5079] rmdir("./2" [pid 5102] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] getdents64(3, [pid 5077] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5102] <... openat resumed>) = 3 [pid 5080] unlink("./2/binderfs" [pid 5079] mkdir("./3", 0777 [pid 5077] newfstatat(4, "", [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5102] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... unlink resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5102] <... ioctl resumed>) = 0 [pid 5102] exit_group(0 [pid 5080] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 5077] getdents64(4, [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] unlink("./2/binderfs" [pid 5102] <... exit_group resumed>) = ? [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] <... umount2 resumed>) = 0 [pid 5077] close(4 [pid 5076] <... unlink resumed>) = 0 [pid 5102] +++ exited with 0 +++ [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5075] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] rmdir("./2/file1" [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5104 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5075] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5104 attached [pid 5080] <... umount2 resumed>) = 0 [pid 5076] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(3, [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(3, [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5104] set_robust_list(0x555574eaa660, 24 [pid 5078] newfstatat(AT_FDCWD, "./2/file1", [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5104] <... set_robust_list resumed>) = 0 [pid 5080] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./2/file1", [pid 5104] chdir("./3" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] close(3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5104] <... chdir resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./2/file1", [pid 5076] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] rmdir("./2" [pid 5076] <... openat resumed>) = 4 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... rmdir resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 5075] unlink("./2/binderfs" [pid 5078] <... openat resumed>) = 4 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] mkdir("./3", 0777 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5104] <... prctl resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 5077] <... mkdir resumed>) = 0 [pid 5076] getdents64(4, [pid 5075] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5104] setpgid(0, 0 [pid 5078] getdents64(4, [pid 5076] getdents64(4, [pid 5075] newfstatat(AT_FDCWD, "./2/file1", [pid 5104] <... setpgid resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(4, [pid 5077] <... openat resumed>) = 3 [pid 5076] close(4 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5075] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] close(4 [pid 5077] <... ioctl resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... close resumed>) = 0 [pid 5077] close(3 [pid 5075] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] umount2("./2/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] rmdir("./2/file1" [pid 5077] <... close resumed>) = 0 [pid 5076] rmdir("./2/file1" [pid 5075] <... openat resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... rmdir resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... rmdir resumed>) = 0 [pid 5075] newfstatat(4, "", [pid 5076] getdents64(3, [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5104] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 4 [pid 5076] close(3 [pid 5075] getdents64(4, [pid 5080] newfstatat(4, "", [pid 5078] getdents64(3, [pid 5076] <... close resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] rmdir("./2" [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] getdents64(4, [pid 5104] write(3, "1000", 4 [pid 5080] getdents64(4, [pid 5076] mkdir("./3", 0777 [pid 5104] <... write resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] close(3 [pid 5076] <... mkdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5105 attached [pid 5105] set_robust_list(0x555574eaa660, 24) = 0 [pid 5105] chdir("./3") = 0 [pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5104] close(3 [pid 5105] setpgid(0, 0) = 0 [pid 5104] <... close resumed>) = 0 [pid 5080] getdents64(4, [pid 5104] symlink("/dev/binderfs", "./binderfs" [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5105] write(3, "1000", 4) = 4 [pid 5105] close(3) = 0 [pid 5105] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5105] memfd_create("syzkaller", 0 [pid 5075] close(4 [pid 5078] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5075] rmdir("./2/file1") = 0 [pid 5078] rmdir("./2") = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5105 [pid 5105] <... memfd_create resumed>) = 3 [pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... openat resumed>) = 3 [pid 5104] <... symlink resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5105] <... mmap resumed>) = 0x7f7064400000 [pid 5105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] mkdir("./3", 0777 [pid 5075] getdents64(3, [pid 5104] memfd_create("syzkaller", 0 [pid 5080] close(4 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5104] <... memfd_create resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] close(3 [pid 5080] rmdir("./2/file1" [pid 5076] <... close resumed>) = 0 [pid 5104] <... mmap resumed>) = 0x7f7064400000 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] close(3) = 0 ./strace-static-x86_64: Process 5106 attached [pid 5104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] getdents64(3, [pid 5075] rmdir("./2" [pid 5106] set_robust_list(0x555574eaa660, 24 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5106 [pid 5106] <... set_robust_list resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5106] chdir("./3" [pid 5080] close(3 [pid 5075] <... rmdir resumed>) = 0 [pid 5106] <... chdir resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./2" [pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... openat resumed>) = 3 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5075] mkdir("./3", 0777 [pid 5106] <... prctl resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5106] setpgid(0, 0 [pid 5080] mkdir("./3", 0777 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5075] close(3) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... mkdir resumed>) = 0 [pid 5105] <... write resumed>) = 524288 [pid 5105] munmap(0x7f7064400000, 138412032 [pid 5106] <... setpgid resumed>) = 0 [pid 5105] <... munmap resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5107 [pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5107 attached [pid 5105] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5107] set_robust_list(0x555574eaa660, 24 [pid 5105] <... openat resumed>) = 4 [pid 5080] <... ioctl resumed>) = 0 [pid 5107] <... set_robust_list resumed>) = 0 [pid 5105] ioctl(4, LOOP_SET_FD, 3 [pid 5080] close(3 [pid 5107] chdir("./3" [pid 5106] <... openat resumed>) = 3 [pid 5105] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... close resumed>) = 0 [pid 5107] <... chdir resumed>) = 0 [pid 5105] ioctl(4, LOOP_CLR_FD [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5105] <... ioctl resumed>) = 0 [pid 5107] <... prctl resumed>) = 0 [pid 5107] setpgid(0, 0 [pid 5106] write(3, "1000", 4 [pid 5107] <... setpgid resumed>) = 0 [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5105] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5105] close(4) = 0 [pid 5105] close(3 [pid 5106] <... write resumed>) = 4 [pid 5105] <... close resumed>) = 0 [pid 5104] <... write resumed>) = 524288 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5106] close(3 [pid 5104] munmap(0x7f7064400000, 138412032 [pid 5107] <... openat resumed>) = 3 [pid 5106] <... close resumed>) = 0 [pid 5107] write(3, "1000", 4 [pid 5106] symlink("/dev/binderfs", "./binderfs" [pid 5104] <... munmap resumed>) = 0 [pid 5107] <... write resumed>) = 4 [pid 5107] close(3) = 0 [pid 5107] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5106] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5108 attached [pid 5107] memfd_create("syzkaller", 0 [pid 5106] memfd_create("syzkaller", 0 [pid 5104] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5108 [pid 5107] <... memfd_create resumed>) = 3 [pid 5104] <... openat resumed>) = 4 [pid 5108] set_robust_list(0x555574eaa660, 24 [pid 5104] ioctl(4, LOOP_SET_FD, 3 [pid 5108] <... set_robust_list resumed>) = 0 [pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5107] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5108] chdir("./3" [pid 5078] <... ioctl resumed>) = 0 [pid 5106] <... memfd_create resumed>) = 3 [pid 5108] <... chdir resumed>) = 0 [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5104] <... ioctl resumed>) = 0 [pid 5108] <... prctl resumed>) = 0 [pid 5106] <... mmap resumed>) = 0x7f7064400000 [pid 5108] setpgid(0, 0 [pid 5104] close(3 [pid 5108] <... setpgid resumed>) = 0 [pid 5104] <... close resumed>) = 0 [pid 5104] close(4 [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5104] <... close resumed>) = 0 [pid 5108] <... openat resumed>) = 3 [pid 5106] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5105] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5104] mkdir("./file1", 0777 [pid 5078] close(3 [pid 5108] write(3, "1000", 4 [pid 5105] <... openat resumed>) = 3 [pid 5108] <... write resumed>) = 4 [pid 5105] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5104] <... mkdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5108] close(3 [pid 5105] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5104] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5108] <... close resumed>) = 0 [pid 5105] exit_group(0) = ? [pid 5108] symlink("/dev/binderfs", "./binderfs" [pid 5105] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5108] <... symlink resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5109 ./strace-static-x86_64: Process 5109 attached [pid 5077] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] set_robust_list(0x555574eaa660, 24 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5107] <... write resumed>) = 524288 [ 113.837474][ T5104] loop4: detected capacity change from 0 to 1024 [pid 5077] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5109] <... set_robust_list resumed>) = 0 [pid 5108] memfd_create("syzkaller", 0 [pid 5106] <... write resumed>) = 524288 [pid 5104] <... mount resumed>) = 0 [pid 5109] chdir("./3" [pid 5108] <... memfd_create resumed>) = 3 [pid 5106] munmap(0x7f7064400000, 138412032 [pid 5104] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5106] <... munmap resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5108] <... mmap resumed>) = 0x7f7064400000 [pid 5077] getdents64(3, [pid 5109] <... chdir resumed>) = 0 [pid 5104] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 3 entries */, 32768) = 80 [pid 5077] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5107] munmap(0x7f7064400000, 138412032 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] <... prctl resumed>) = 0 [pid 5109] setpgid(0, 0 [pid 5107] <... munmap resumed>) = 0 [pid 5106] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5104] chdir("./file1" [pid 5077] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5109] <... setpgid resumed>) = 0 [pid 5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5106] <... openat resumed>) = 4 [pid 5104] <... chdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5107] <... openat resumed>) = 4 [pid 5106] ioctl(4, LOOP_SET_FD, 3 [pid 5104] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] unlink("./3/binderfs" [pid 5108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5107] ioctl(4, LOOP_SET_FD, 3 [pid 5104] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... unlink resumed>) = 0 [pid 5077] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5109] <... openat resumed>) = 3 [pid 5106] <... ioctl resumed>) = 0 [pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] close(3 [pid 5104] <... openat resumed>) = 4 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./3") = 0 [pid 5109] write(3, "1000", 4 [pid 5108] <... write resumed>) = 524288 [pid 5106] close(3 [pid 5104] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5109] <... write resumed>) = 4 [pid 5106] <... close resumed>) = 0 [pid 5106] close(4 [pid 5109] close(3) = 0 [pid 5107] <... ioctl resumed>) = 0 [pid 5106] <... close resumed>) = 0 [pid 5077] mkdir("./4", 0777 [pid 5108] munmap(0x7f7064400000, 138412032 [pid 5109] symlink("/dev/binderfs", "./binderfs" [pid 5106] mkdir("./file1", 0777 [pid 5109] <... symlink resumed>) = 0 [pid 5107] close(3 [pid 5077] <... mkdir resumed>) = 0 [pid 5108] <... munmap resumed>) = 0 [pid 5107] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5109] memfd_create("syzkaller", 0 [pid 5107] close(4 [pid 5106] <... mkdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5109] <... memfd_create resumed>) = 3 [pid 5108] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5107] <... close resumed>) = 0 [ 113.938383][ T5106] loop1: detected capacity change from 0 to 1024 [ 113.939972][ T5107] loop0: detected capacity change from 0 to 1024 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5108] <... openat resumed>) = 4 [pid 5107] mkdir("./file1", 0777 [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5108] ioctl(4, LOOP_SET_FD, 3 [pid 5107] <... mkdir resumed>) = 0 [pid 5106] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5077] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5109] <... mmap resumed>) = 0x7f7064400000 [pid 5077] close(3 [pid 5108] <... ioctl resumed>) = 0 [pid 5107] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5104] <... ioctl resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5108] close(3 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5104] exit_group(0) = ? [pid 5108] <... close resumed>) = 0 [pid 5104] +++ exited with 0 +++ [pid 5108] close(4 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5110 [pid 5108] <... close resumed>) = 0 [pid 5108] mkdir("./file1", 0777./strace-static-x86_64: Process 5110 attached [pid 5110] set_robust_list(0x555574eaa660, 24 [pid 5109] <... write resumed>) = 524288 [pid 5108] <... mkdir resumed>) = 0 [pid 5106] <... mount resumed>) = 0 [pid 5108] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] <... set_robust_list resumed>) = 0 [pid 5106] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5110] chdir("./4" [pid 5106] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5110] <... chdir resumed>) = 0 [pid 5106] chdir("./file1" [pid 5079] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5106] <... chdir resumed>) = 0 [ 114.007371][ T5108] loop5: detected capacity change from 0 to 1024 [ 114.035556][ T5107] hfsplus: unable to set blocksize to 1024! [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5106] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... openat resumed>) = 3 [pid 5106] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] newfstatat(3, "", [pid 5110] <... prctl resumed>) = 0 [pid 5110] setpgid(0, 0 [pid 5106] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5106] <... openat resumed>) = 4 [pid 5079] getdents64(3, [pid 5110] <... setpgid resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5106] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5110] <... openat resumed>) = 3 [pid 5109] munmap(0x7f7064400000, 138412032 [pid 5106] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] <... munmap resumed>) = 0 [pid 5107] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5106] exit_group(0 [pid 5079] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5106] <... exit_group resumed>) = ? [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5107] <... openat resumed>) = 3 [pid 5079] unlink("./3/binderfs" [pid 5107] ioctl(3, LOOP_CLR_FD) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5107] close(3) = 0 [pid 5107] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 3 [pid 5107] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5107] exit_group(0) = ? [pid 5107] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5075] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5110] write(3, "1000", 4 [pid 5079] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 114.070654][ T5107] hfsplus: unable to find HFS+ superblock [pid 5075] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5110] <... write resumed>) = 4 [pid 5108] <... mount resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5110] close(3 [pid 5075] newfstatat(3, "", [pid 5110] <... close resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5110] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5109] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5108] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5106] +++ exited with 0 +++ [pid 5079] <... umount2 resumed>) = 0 [pid 5075] getdents64(3, [pid 5110] memfd_create("syzkaller", 0 [pid 5109] <... openat resumed>) = 4 [pid 5108] <... openat resumed>) = 3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5110] <... memfd_create resumed>) = 3 [pid 5109] ioctl(4, LOOP_SET_FD, 3 [pid 5075] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5109] <... ioctl resumed>) = 0 [pid 5108] chdir("./file1" [pid 5079] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] <... mmap resumed>) = 0x7f7064400000 [pid 5076] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5108] <... chdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5108] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] newfstatat(AT_FDCWD, "./3/file1", [pid 5075] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5108] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5109] close(3 [pid 5079] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] unlink("./3/binderfs" [pid 5108] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 3 [pid 5075] <... unlink resumed>) = 0 [pid 5109] <... close resumed>) = 0 [pid 5108] <... openat resumed>) = 4 [pid 5079] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(3, "", [pid 5109] close(4 [pid 5108] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... openat resumed>) = 4 [pid 5075] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] <... close resumed>) = 0 [pid 5108] <... ioctl resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5108] exit_group(0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5075] newfstatat(AT_FDCWD, "./3/file1", [pid 5109] mkdir("./file1", 0777 [pid 5108] <... exit_group resumed>) = ? [pid 5079] getdents64(4, [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5110] <... write resumed>) = 524288 [pid 5109] <... mkdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] munmap(0x7f7064400000, 138412032 [pid 5109] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] getdents64(4, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5110] <... munmap resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] unlink("./3/binderfs" [pid 5079] close(4 [pid 5075] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... close resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5075] <... openat resumed>) = 4 [ 114.153439][ T5109] loop3: detected capacity change from 0 to 1024 [pid 5079] rmdir("./3/file1" [pid 5076] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(4, "", [pid 5110] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5079] <... rmdir resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5110] ioctl(4, LOOP_SET_FD, 3 [pid 5079] getdents64(3, [pid 5075] getdents64(4, [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] close(3 [pid 5075] getdents64(4, [pid 5079] <... close resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] rmdir("./3" [pid 5075] close(4 [pid 5079] <... rmdir resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5075] rmdir("./3/file1" [pid 5110] <... ioctl resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5109] <... mount resumed>) = 0 [pid 5108] +++ exited with 0 +++ [pid 5079] mkdir("./4", 0777 [pid 5075] getdents64(3, [pid 5110] close(3 [pid 5109] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5110] <... close resumed>) = 0 [pid 5109] <... openat resumed>) = 3 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5110] close(4 [pid 5109] chdir("./file1" [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5110] <... close resumed>) = 0 [pid 5110] mkdir("./file1", 0777 [pid 5109] <... chdir resumed>) = 0 [pid 5080] <... restart_syscall resumed>) = 0 [pid 5076] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] close(3) = 0 [pid 5075] rmdir("./3" [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5075] <... rmdir resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5075] mkdir("./4", 0777 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5075] <... mkdir resumed>) = 0 [pid 5109] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5110] <... mkdir resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./3/file1", [pid 5075] <... openat resumed>) = 3 [pid 5109] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5109] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5109] <... openat resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5080] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] close(3 [pid 5080] newfstatat(3, "", [pid 5076] <... openat resumed>) = 4 [pid 5075] <... close resumed>) = 0 [pid 5110] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5109] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] newfstatat(4, "", [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5109] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 114.215156][ T5110] loop2: detected capacity change from 0 to 1024 [pid 5080] getdents64(3, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5109] exit_group(0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] getdents64(4, ./strace-static-x86_64: Process 5111 attached [pid 5110] <... mount resumed>) = 0 [pid 5109] <... exit_group resumed>) = ? [pid 5080] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5111] set_robust_list(0x555574eaa660, 24) = 0 [pid 5111] chdir("./4") = 0 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5111 [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5111] setpgid(0, 0) = 0 [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5109] +++ exited with 0 +++ [pid 5111] <... openat resumed>) = 3 [pid 5110] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5076] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5111] write(3, "1000", 4 [pid 5076] <... close resumed>) = 0 [pid 5111] <... write resumed>) = 4 [pid 5076] rmdir("./3/file1" [pid 5111] close(3 [pid 5110] <... openat resumed>) = 3 [pid 5080] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5111] <... close resumed>) = 0 [pid 5110] chdir("./file1" [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] close(3 [pid 5110] <... chdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5111] symlink("/dev/binderfs", "./binderfs" [pid 5110] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5078] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5111] <... symlink resumed>) = 0 [pid 5110] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] unlink("./3/binderfs" [pid 5078] <... openat resumed>) = 3 [pid 5076] rmdir("./3" [pid 5078] newfstatat(3, "", [pid 5111] memfd_create("syzkaller", 0 [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, [pid 5076] <... rmdir resumed>) = 0 [pid 5111] <... memfd_create resumed>) = 3 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] mkdir("./4", 0777 [pid 5080] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] <... mmap resumed>) = 0x7f7064400000 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... mkdir resumed>) = 0 [pid 5111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./3/binderfs" [pid 5110] <... openat resumed>) = 4 [pid 5076] <... openat resumed>) = 3 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... unlink resumed>) = 0 [pid 5110] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5112 [pid 5080] <... umount2 resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5112 attached [pid 5110] exit_group(0 [pid 5076] close(3 [pid 5112] set_robust_list(0x555574eaa660, 24 [pid 5110] <... exit_group resumed>) = ? [pid 5080] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = 0 [pid 5112] <... set_robust_list resumed>) = 0 [pid 5112] chdir("./4" [pid 5110] +++ exited with 0 +++ [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./3/file1", [pid 5078] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5112] <... chdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5112] <... prctl resumed>) = 0 [pid 5080] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] newfstatat(AT_FDCWD, "./3/file1", [pid 5077] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5112] setpgid(0, 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5112] <... setpgid resumed>) = 0 [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5112] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... close resumed>) = 0 [pid 5112] write(3, "1000", 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./3/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 [pid 5112] <... write resumed>) = 4 [pid 5080] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(3, "", [pid 5112] close(3 [pid 5080] <... openat resumed>) = 4 [pid 5078] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5112] <... close resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5078] <... openat resumed>) = 4 [pid 5077] getdents64(3, [pid 5112] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(4, "", [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5112] <... symlink resumed>) = 0 [pid 5111] <... write resumed>) = 524288 [pid 5080] getdents64(4, [pid 5112] memfd_create("syzkaller", 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(4, [pid 5078] getdents64(4, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5111] munmap(0x7f7064400000, 138412032 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5111] <... munmap resumed>) = 0 [pid 5080] close(4 [pid 5078] getdents64(4, ./strace-static-x86_64: Process 5113 attached [pid 5112] <... memfd_create resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... close resumed>) = 0 [pid 5113] set_robust_list(0x555574eaa660, 24 [pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] rmdir("./3/file1" [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] unlink("./4/binderfs" [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5113 [pid 5113] <... set_robust_list resumed>) = 0 [pid 5112] <... mmap resumed>) = 0x7f7064400000 [pid 5111] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... rmdir resumed>) = 0 [pid 5078] close(4 [pid 5077] <... unlink resumed>) = 0 [pid 5112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] <... close resumed>) = 0 [pid 5080] getdents64(3, [pid 5113] chdir("./4" [pid 5111] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] rmdir("./3/file1" [pid 5113] <... chdir resumed>) = 0 [pid 5080] close(3 [pid 5111] ioctl(4, LOOP_SET_FD, 3 [pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... close resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5113] <... prctl resumed>) = 0 [pid 5080] rmdir("./3" [pid 5077] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... rmdir resumed>) = 0 [pid 5113] setpgid(0, 0 [pid 5080] mkdir("./4", 0777) = 0 [pid 5113] <... setpgid resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5112] <... write resumed>) = 524288 [pid 5080] <... openat resumed>) = 3 [pid 5078] getdents64(3, [pid 5077] <... umount2 resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD) = 0 [pid 5080] close(3 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5113] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 5078] close(3 [pid 5077] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./4/file1", [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] <... ioctl resumed>) = 0 [pid 5113] write(3, "1000", 4 [pid 5111] close(3 [pid 5078] rmdir("./3" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5111] <... close resumed>) = 0 [pid 5111] close(4) = 0 [pid 5113] <... write resumed>) = 4 [pid 5111] mkdir("./file1", 0777 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5113] close(3 [pid 5111] <... mkdir resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5113] <... close resumed>) = 0 [pid 5078] mkdir("./4", 0777 [pid 5077] newfstatat(4, "", [pid 5113] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5114 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 114.424380][ T5111] loop0: detected capacity change from 0 to 1024 [pid 5113] <... symlink resumed>) = 0 [pid 5077] getdents64(4, [pid 5111] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5112] munmap(0x7f7064400000, 138412032 [pid 5078] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5114 attached [pid 5113] memfd_create("syzkaller", 0 [pid 5112] <... munmap resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5114] set_robust_list(0x555574eaa660, 24) = 0 [pid 5113] <... memfd_create resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5077] getdents64(4, [pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5114] chdir("./4" [pid 5113] <... mmap resumed>) = 0x7f7064400000 [pid 5112] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... ioctl resumed>) = 0 [pid 5077] close(4 [pid 5114] <... chdir resumed>) = 0 [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5112] <... openat resumed>) = 4 [pid 5078] close(3 [pid 5077] <... close resumed>) = 0 [pid 5114] <... prctl resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] rmdir("./4/file1" [pid 5114] setpgid(0, 0 [pid 5112] ioctl(4, LOOP_SET_FD, 3 [pid 5114] <... setpgid resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... rmdir resumed>) = 0 [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5111] <... mount resumed>) = 0 [pid 5111] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5111] chdir("./file1"./strace-static-x86_64: Process 5115 attached [pid 5114] <... openat resumed>) = 3 [pid 5113] <... write resumed>) = 524288 [pid 5111] <... chdir resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5115 [pid 5077] getdents64(3, [pid 5111] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5115] set_robust_list(0x555574eaa660, 24 [pid 5114] write(3, "1000", 4 [pid 5111] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] close(3 [pid 5114] <... write resumed>) = 4 [pid 5115] <... set_robust_list resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5112] <... ioctl resumed>) = 0 [pid 5111] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] rmdir("./4" [pid 5115] chdir("./4" [pid 5111] <... openat resumed>) = 4 [pid 5077] <... rmdir resumed>) = 0 [pid 5115] <... chdir resumed>) = 0 [pid 5114] close(3 [pid 5112] close(3 [pid 5111] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5114] <... close resumed>) = 0 [pid 5115] setpgid(0, 0 [pid 5114] symlink("/dev/binderfs", "./binderfs" [pid 5112] <... close resumed>) = 0 [pid 5115] <... setpgid resumed>) = 0 [ 114.528219][ T5112] loop4: detected capacity change from 0 to 1024 [pid 5112] close(4 [pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] mkdir("./5", 0777 [pid 5115] <... openat resumed>) = 3 [pid 5114] <... symlink resumed>) = 0 [pid 5112] <... close resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5115] write(3, "1000", 4 [pid 5112] mkdir("./file1", 0777 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5115] <... write resumed>) = 4 [pid 5114] memfd_create("syzkaller", 0 [pid 5115] close(3 [pid 5114] <... memfd_create resumed>) = 3 [pid 5112] <... mkdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5115] <... close resumed>) = 0 [pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5115] symlink("/dev/binderfs", "./binderfs" [pid 5112] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5115] <... symlink resumed>) = 0 [pid 5114] <... mmap resumed>) = 0x7f7064400000 [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5113] munmap(0x7f7064400000, 138412032 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5115] memfd_create("syzkaller", 0 [pid 5113] <... munmap resumed>) = 0 [pid 5113] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5116 ./strace-static-x86_64: Process 5116 attached [pid 5113] <... openat resumed>) = 4 [pid 5116] set_robust_list(0x555574eaa660, 24 [pid 5113] ioctl(4, LOOP_SET_FD, 3 [pid 5116] <... set_robust_list resumed>) = 0 [pid 5115] <... memfd_create resumed>) = 3 [pid 5114] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5113] <... ioctl resumed>) = 0 [pid 5111] <... ioctl resumed>) = 0 [pid 5111] exit_group(0) = ? [pid 5116] chdir("./5" [pid 5111] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5075] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5075] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5075] getdents64(3, [pid 5116] <... chdir resumed>) = 0 [pid 5115] <... mmap resumed>) = 0x7f7064400000 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5075] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5116] setpgid(0, 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5116] <... setpgid resumed>) = 0 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] unlink("./4/binderfs") = 0 [pid 5075] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5116] <... openat resumed>) = 3 [pid 5115] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5112] <... mount resumed>) = 0 [ 114.613239][ T5113] loop1: detected capacity change from 0 to 1024 [pid 5112] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5116] write(3, "1000", 4 [pid 5114] <... write resumed>) = 524288 [pid 5112] <... openat resumed>) = 3 [pid 5075] <... umount2 resumed>) = 0 [pid 5116] <... write resumed>) = 4 [pid 5116] close(3) = 0 [pid 5116] symlink("/dev/binderfs", "./binderfs" [pid 5112] chdir("./file1" [pid 5075] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5116] <... symlink resumed>) = 0 [pid 5112] <... chdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] close(3 [pid 5112] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5075] newfstatat(AT_FDCWD, "./4/file1", [pid 5115] <... write resumed>) = 524288 [pid 5113] <... close resumed>) = 0 [pid 5112] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5116] memfd_create("syzkaller", 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5114] munmap(0x7f7064400000, 138412032 [pid 5113] close(4 [pid 5075] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5114] <... munmap resumed>) = 0 [pid 5113] <... close resumed>) = 0 [pid 5112] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] mkdir("./file1", 0777 [pid 5112] <... openat resumed>) = 4 [pid 5075] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5075] newfstatat(4, "", [pid 5116] <... memfd_create resumed>) = 3 [pid 5113] <... mkdir resumed>) = 0 [pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5114] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5113] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5112] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5112] <... ioctl resumed>) = 0 [pid 5075] getdents64(4, [pid 5112] exit_group(0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5112] <... exit_group resumed>) = ? [pid 5075] getdents64(4, [pid 5116] <... mmap resumed>) = 0x7f7064400000 [pid 5114] <... openat resumed>) = 4 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] close(4) = 0 [pid 5075] rmdir("./4/file1" [pid 5116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5114] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] close(3 [pid 5115] munmap(0x7f7064400000, 138412032 [pid 5075] <... close resumed>) = 0 [pid 5112] +++ exited with 0 +++ [pid 5075] rmdir("./4" [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5075] <... rmdir resumed>) = 0 [pid 5075] mkdir("./5", 0777 [pid 5114] <... ioctl resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5115] <... munmap resumed>) = 0 [pid 5115] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5115] <... openat resumed>) = 4 [pid 5075] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5115] ioctl(4, LOOP_SET_FD, 3 [pid 5079] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5116] <... write resumed>) = 524288 [pid 5079] unlink("./4/binderfs") = 0 [pid 5113] <... mount resumed>) = 0 [pid 5079] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5114] close(3) = 0 [ 114.742546][ T5114] loop5: detected capacity change from 0 to 1024 [ 114.768578][ T5115] loop3: detected capacity change from 0 to 1024 [pid 5116] munmap(0x7f7064400000, 138412032 [pid 5115] <... ioctl resumed>) = 0 [pid 5114] close(4 [pid 5113] chdir("./file1" [pid 5079] <... umount2 resumed>) = 0 [pid 5114] <... close resumed>) = 0 [pid 5115] close(3 [pid 5114] mkdir("./file1", 0777 [pid 5113] <... chdir resumed>) = 0 [pid 5113] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5114] <... mkdir resumed>) = 0 [pid 5113] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5116] <... munmap resumed>) = 0 [pid 5115] <... close resumed>) = 0 [pid 5114] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5113] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5115] close(4) = 0 [pid 5115] mkdir("./file1", 0777 [pid 5113] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] exit_group(0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5115] <... mkdir resumed>) = 0 [pid 5113] <... exit_group resumed>) = ? [pid 5079] newfstatat(AT_FDCWD, "./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5116] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5115] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... ioctl resumed>) = 0 [pid 5116] <... openat resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5116] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... openat resumed>) = 4 [pid 5113] +++ exited with 0 +++ [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./4/file1" [pid 5114] <... mount resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5114] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5075] close(3 [pid 5114] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5075] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5114] chdir("./file1" [pid 5076] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5114] <... chdir resumed>) = 0 [pid 5115] <... mount resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5114] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5076] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5114] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5115] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5076] newfstatat(3, "", [pid 5115] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5079] rmdir("./4" [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5117 ./strace-static-x86_64: Process 5117 attached [pid 5079] <... rmdir resumed>) = 0 [pid 5117] set_robust_list(0x555574eaa660, 24) = 0 [pid 5117] chdir("./5") = 0 [pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] mkdir("./5", 0777 [pid 5117] <... prctl resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5117] setpgid(0, 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5117] <... setpgid resumed>) = 0 [pid 5116] <... ioctl resumed>) = 0 [pid 5115] chdir("./file1" [pid 5114] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5116] close(3 [pid 5115] <... chdir resumed>) = 0 [pid 5114] <... openat resumed>) = 4 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5116] <... close resumed>) = 0 [pid 5115] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5114] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... openat resumed>) = 3 [pid 5076] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5117] <... openat resumed>) = 3 [pid 5116] close(4 [pid 5115] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5114] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5116] <... close resumed>) = 0 [pid 5114] exit_group(0 [pid 5079] <... ioctl resumed>) = 0 [pid 5076] unlink("./4/binderfs" [pid 5116] mkdir("./file1", 0777 [ 114.858130][ T5116] loop2: detected capacity change from 0 to 1024 [pid 5079] close(3 [pid 5117] write(3, "1000", 4 [pid 5116] <... mkdir resumed>) = 0 [pid 5115] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5114] <... exit_group resumed>) = ? [pid 5079] <... close resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5117] <... write resumed>) = 4 [pid 5115] <... openat resumed>) = 4 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] close(3) = 0 [pid 5117] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5116] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5115] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5117] memfd_create("syzkaller", 0 [pid 5115] exit_group(0 [pid 5117] <... memfd_create resumed>) = 3 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5118 [pid 5115] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 5118 attached [pid 5117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5118] set_robust_list(0x555574eaa660, 24 [pid 5117] <... mmap resumed>) = 0x7f7064400000 [pid 5118] <... set_robust_list resumed>) = 0 [pid 5117] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5076] <... umount2 resumed>) = 0 [pid 5118] chdir("./5" [pid 5114] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5080] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5118] <... chdir resumed>) = 0 [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5118] <... prctl resumed>) = 0 [pid 5118] setpgid(0, 0 [pid 5080] <... openat resumed>) = 3 [pid 5118] <... setpgid resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5115] +++ exited with 0 +++ [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5080] getdents64(3, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./4/file1", [pid 5078] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5118] <... openat resumed>) = 3 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(3, "", [pid 5076] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5118] write(3, "1000", 4 [pid 5080] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5118] <... write resumed>) = 4 [pid 5116] <... mount resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] getdents64(3, [pid 5076] <... openat resumed>) = 4 [pid 5118] close(3) = 0 [pid 5118] symlink("/dev/binderfs", "./binderfs" [pid 5117] <... write resumed>) = 524288 [pid 5118] <... symlink resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] newfstatat(4, "", [pid 5117] munmap(0x7f7064400000, 138412032 [pid 5116] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] unlink("./4/binderfs" [pid 5078] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5118] memfd_create("syzkaller", 0) = 3 [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... unlink resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5117] <... munmap resumed>) = 0 [pid 5116] <... openat resumed>) = 3 [pid 5080] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5117] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5116] chdir("./file1" [pid 5078] unlink("./4/binderfs" [pid 5076] getdents64(4, [pid 5117] <... openat resumed>) = 4 [pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5117] ioctl(4, LOOP_SET_FD, 3 [pid 5116] <... chdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5116] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5117] <... ioctl resumed>) = 0 [pid 5116] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 5116] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5118] <... write resumed>) = 524288 [pid 5116] <... openat resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5116] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] newfstatat(AT_FDCWD, "./4/file1", [pid 5078] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] rmdir("./4/file1" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5117] close(3 [pid 5080] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... rmdir resumed>) = 0 [pid 5117] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./4/file1", [pid 5076] getdents64(3, [pid 5117] close(4 [pid 5080] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5117] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5117] mkdir("./file1", 0777 [pid 5080] newfstatat(4, "", [pid 5078] umount2("./4/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] close(3 [pid 5117] <... mkdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... close resumed>) = 0 [pid 5117] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] getdents64(4, [pid 5078] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] rmdir("./4" [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] <... openat resumed>) = 4 [pid 5080] getdents64(4, [pid 5078] newfstatat(4, "", [pid 5076] <... rmdir resumed>) = 0 [pid 5118] munmap(0x7f7064400000, 138412032 [pid 5076] mkdir("./5", 0777 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5118] <... munmap resumed>) = 0 [pid 5080] close(4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... mkdir resumed>) = 0 [ 115.033122][ T5117] loop0: detected capacity change from 0 to 1024 [pid 5118] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5080] <... close resumed>) = 0 [pid 5078] getdents64(4, [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5118] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] rmdir("./4/file1" [pid 5078] getdents64(4, [pid 5076] <... openat resumed>) = 3 [pid 5118] <... ioctl resumed>) = 0 [pid 5116] <... ioctl resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] close(4) = 0 [pid 5116] exit_group(0 [pid 5080] getdents64(3, [pid 5078] rmdir("./4/file1" [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3 [pid 5078] <... rmdir resumed>) = 0 [pid 5116] <... exit_group resumed>) = ? [pid 5118] close(3 [pid 5117] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5116] +++ exited with 0 +++ [pid 5080] <... close resumed>) = 0 [pid 5078] getdents64(3, [pid 5080] rmdir("./4" [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5077] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5118] <... close resumed>) = 0 [pid 5117] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] newfstatat(3, "", [pid 5118] close(4 [pid 5117] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5118] <... close resumed>) = 0 [pid 5117] ioctl(3, LOOP_CLR_FD [pid 5077] getdents64(3, [pid 5117] <... ioctl resumed>) = 0 [pid 5078] close(3 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] rmdir("./4" [pid 5118] mkdir("./file1", 0777 [pid 5117] close(3 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5118] <... mkdir resumed>) = 0 [pid 5117] <... close resumed>) = 0 [pid 5117] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5117] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5117] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] unlink("./5/binderfs" [pid 5118] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5077] <... unlink resumed>) = 0 [pid 5117] <... ioctl resumed>) = 0 [pid 5077] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] exit_group(0) = ? [pid 5117] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5117, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5078] mkdir("./5", 0777 [pid 5076] <... ioctl resumed>) = 0 [pid 5075] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] mkdir("./5", 0777 [pid 5078] <... mkdir resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [ 115.103053][ T5118] loop4: detected capacity change from 0 to 1024 [ 115.103521][ T5117] hfsplus: unable to set blocksize to 1024! [ 115.125089][ T5117] hfsplus: unable to find HFS+ superblock [pid 5075] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... umount2 resumed>) = 0 [pid 5075] getdents64(3, [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5076] close(3 [pid 5080] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] unlink("./5/binderfs") = 0 [pid 5077] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./5/file1", [pid 5075] newfstatat(AT_FDCWD, "./5/file1", [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... openat resumed>) = 4 [pid 5075] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5119 attached [pid 5080] <... ioctl resumed>) = 0 [pid 5077] newfstatat(4, "", [pid 5075] <... openat resumed>) = 4 [pid 5080] close(3 [pid 5119] set_robust_list(0x555574eaa660, 24 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5119 [pid 5080] <... close resumed>) = 0 [pid 5118] <... mount resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] newfstatat(4, "", [pid 5077] getdents64(4, [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, [pid 5118] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] getdents64(4, [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5120 attached [pid 5119] <... set_robust_list resumed>) = 0 [pid 5118] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] getdents64(4, [pid 5120] set_robust_list(0x555574eaa660, 24 [pid 5119] chdir("./5" [pid 5118] chdir("./file1" [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5120 [pid 5120] <... set_robust_list resumed>) = 0 [pid 5120] chdir("./5" [pid 5119] <... chdir resumed>) = 0 [pid 5118] <... chdir resumed>) = 0 [pid 5077] close(4 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5120] <... chdir resumed>) = 0 [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] <... close resumed>) = 0 [pid 5075] close(4 [pid 5119] setpgid(0, 0 [pid 5077] rmdir("./5/file1" [pid 5075] <... close resumed>) = 0 [pid 5119] <... setpgid resumed>) = 0 [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... rmdir resumed>) = 0 [pid 5075] rmdir("./5/file1" [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5119] <... openat resumed>) = 3 [pid 5118] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5075] <... rmdir resumed>) = 0 [pid 5120] setpgid(0, 0 [pid 5118] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] getdents64(3, [pid 5075] getdents64(3, [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5118] <... openat resumed>) = 4 [pid 5077] close(3 [pid 5075] close(3 [pid 5118] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5118] <... ioctl resumed>) = 0 [pid 5077] rmdir("./5" [pid 5075] rmdir("./5" [pid 5120] <... setpgid resumed>) = 0 [pid 5119] write(3, "1000", 4 [pid 5118] exit_group(0 [pid 5077] <... rmdir resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5119] <... write resumed>) = 4 [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5119] close(3 [pid 5118] <... exit_group resumed>) = ? [pid 5077] mkdir("./6", 0777 [pid 5075] mkdir("./6", 0777 [pid 5120] <... openat resumed>) = 3 [pid 5119] <... close resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5119] symlink("/dev/binderfs", "./binderfs" [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5120] write(3, "1000", 4 [pid 5119] <... symlink resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5075] <... openat resumed>) = 3 [pid 5120] <... write resumed>) = 4 [pid 5120] close(3 [pid 5119] memfd_create("syzkaller", 0 [pid 5118] +++ exited with 0 +++ [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5120] <... close resumed>) = 0 [pid 5119] <... memfd_create resumed>) = 3 [pid 5075] <... ioctl resumed>) = 0 [pid 5120] symlink("/dev/binderfs", "./binderfs" [pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5075] close(3 [pid 5079] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5120] <... symlink resumed>) = 0 [pid 5119] <... mmap resumed>) = 0x7f7064400000 [pid 5120] memfd_create("syzkaller", 0) = 3 [pid 5079] <... openat resumed>) = 3 [pid 5079] newfstatat(3, "", [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5120] <... mmap resumed>) = 0x7f7064400000 [pid 5079] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5121 ./strace-static-x86_64: Process 5121 attached [pid 5121] set_robust_list(0x555574eaa660, 24 [pid 5078] close(3 [pid 5121] <... set_robust_list resumed>) = 0 [pid 5079] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... close resumed>) = 0 [pid 5121] chdir("./6" [pid 5119] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5121] <... chdir resumed>) = 0 [pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5121] setpgid(0, 0 [pid 5079] unlink("./5/binderfs" [pid 5121] <... setpgid resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5121] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5122 ./strace-static-x86_64: Process 5122 attached [pid 5121] write(3, "1000", 4) = 4 [pid 5121] close(3) = 0 [pid 5121] symlink("/dev/binderfs", "./binderfs" [pid 5077] close(3 [pid 5121] <... symlink resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5122] set_robust_list(0x555574eaa660, 24 [pid 5121] memfd_create("syzkaller", 0 [pid 5120] <... write resumed>) = 524288 [pid 5122] <... set_robust_list resumed>) = 0 [pid 5119] <... write resumed>) = 524288 [pid 5079] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5121] <... memfd_create resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5122] chdir("./5" [pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] newfstatat(AT_FDCWD, "./5/file1", [pid 5121] <... mmap resumed>) = 0x7f7064400000 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5122] <... chdir resumed>) = 0 [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5121] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5123 [pid 5122] <... prctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5123 attached [pid 5122] setpgid(0, 0 [pid 5120] munmap(0x7f7064400000, 138412032 [pid 5079] <... openat resumed>) = 4 [pid 5122] <... setpgid resumed>) = 0 [pid 5123] set_robust_list(0x555574eaa660, 24 [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5120] <... munmap resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5123] <... set_robust_list resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5123] chdir("./6" [pid 5122] <... openat resumed>) = 3 [pid 5079] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5123] <... chdir resumed>) = 0 [pid 5122] write(3, "1000", 4 [pid 5119] munmap(0x7f7064400000, 138412032 [pid 5079] getdents64(4, [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5123] <... prctl resumed>) = 0 [pid 5079] close(4 [pid 5123] setpgid(0, 0 [pid 5122] <... write resumed>) = 4 [pid 5120] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... close resumed>) = 0 [pid 5122] close(3) = 0 [pid 5122] symlink("/dev/binderfs", "./binderfs" [pid 5123] <... setpgid resumed>) = 0 [pid 5079] rmdir("./5/file1" [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5122] <... symlink resumed>) = 0 [pid 5120] <... openat resumed>) = 4 [pid 5119] <... munmap resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5123] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5120] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5123] write(3, "1000", 4 [pid 5079] close(3 [pid 5123] <... write resumed>) = 4 [pid 5079] <... close resumed>) = 0 [pid 5123] close(3 [pid 5079] rmdir("./5" [pid 5123] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5123] symlink("/dev/binderfs", "./binderfs" [pid 5079] mkdir("./6", 0777 [pid 5123] <... symlink resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5123] memfd_create("syzkaller", 0 [pid 5121] <... write resumed>) = 524288 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5123] <... memfd_create resumed>) = 3 [pid 5121] munmap(0x7f7064400000, 138412032 [pid 5079] <... openat resumed>) = 3 [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5121] <... munmap resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5123] <... mmap resumed>) = 0x7f7064400000 [pid 5122] memfd_create("syzkaller", 0 [pid 5119] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5122] <... memfd_create resumed>) = 3 [pid 5079] <... ioctl resumed>) = 0 [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5121] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5119] <... openat resumed>) = 4 [pid 5122] <... mmap resumed>) = 0x7f7064400000 [pid 5119] ioctl(4, LOOP_SET_FD, 3 [pid 5122] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5121] <... openat resumed>) = 4 [pid 5079] close(3 [pid 5121] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... close resumed>) = 0 [pid 5120] <... ioctl resumed>) = 0 [pid 5119] <... ioctl resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5119] close(3 [pid 5120] close(3) = 0 [pid 5119] <... close resumed>) = 0 [ 115.410991][ T5120] loop5: detected capacity change from 0 to 1024 [ 115.445103][ T5119] loop1: detected capacity change from 0 to 1024 [pid 5120] close(4 [pid 5119] close(4 [pid 5120] <... close resumed>) = 0 [pid 5119] <... close resumed>) = 0 [pid 5119] mkdir("./file1", 0777 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5124 [pid 5120] mkdir("./file1", 0777 [pid 5119] <... mkdir resumed>) = 0 [pid 5121] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5124 attached [pid 5120] <... mkdir resumed>) = 0 [ 115.458822][ T5121] loop0: detected capacity change from 0 to 1024 [pid 5124] set_robust_list(0x555574eaa660, 24 [pid 5122] <... write resumed>) = 524288 [pid 5121] close(3 [pid 5119] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5123] <... write resumed>) = 524288 [pid 5121] <... close resumed>) = 0 [pid 5120] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5122] munmap(0x7f7064400000, 138412032 [pid 5121] close(4 [pid 5124] <... set_robust_list resumed>) = 0 [pid 5122] <... munmap resumed>) = 0 [pid 5121] <... close resumed>) = 0 [pid 5124] chdir("./6" [pid 5121] mkdir("./file1", 0777 [pid 5123] munmap(0x7f7064400000, 138412032 [pid 5121] <... mkdir resumed>) = 0 [pid 5124] <... chdir resumed>) = 0 [pid 5123] <... munmap resumed>) = 0 [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5124] setpgid(0, 0 [pid 5123] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5122] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5124] <... setpgid resumed>) = 0 [pid 5123] <... openat resumed>) = 4 [pid 5122] <... openat resumed>) = 4 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5120] <... mount resumed>) = 0 [pid 5123] ioctl(4, LOOP_SET_FD, 3 [pid 5122] ioctl(4, LOOP_SET_FD, 3 [pid 5121] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5124] <... openat resumed>) = 3 [pid 5120] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5124] write(3, "1000", 4 [pid 5120] chdir("./file1" [pid 5124] <... write resumed>) = 4 [pid 5124] close(3 [pid 5120] <... chdir resumed>) = 0 [pid 5124] <... close resumed>) = 0 [pid 5124] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5120] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5124] memfd_create("syzkaller", 0 [pid 5120] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5120] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5124] <... memfd_create resumed>) = 3 [pid 5121] <... mount resumed>) = 0 [pid 5120] <... openat resumed>) = 4 [pid 5119] <... mount resumed>) = 0 [pid 5121] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5121] chdir("./file1" [pid 5119] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5121] <... chdir resumed>) = 0 [pid 5121] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5119] <... openat resumed>) = 3 [pid 5124] <... mmap resumed>) = 0x7f7064400000 [pid 5121] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5119] chdir("./file1" [pid 5123] <... ioctl resumed>) = 0 [pid 5122] <... ioctl resumed>) = 0 [pid 5121] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5123] close(3 [pid 5122] close(3 [pid 5121] <... openat resumed>) = 4 [pid 5119] <... chdir resumed>) = 0 [pid 5123] <... close resumed>) = 0 [pid 5122] <... close resumed>) = 0 [pid 5121] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5120] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5119] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5123] close(4 [pid 5122] close(4 [pid 5123] <... close resumed>) = 0 [pid 5122] <... close resumed>) = 0 [pid 5119] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5123] mkdir("./file1", 0777 [pid 5122] mkdir("./file1", 0777 [pid 5119] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5123] <... mkdir resumed>) = 0 [pid 5122] <... mkdir resumed>) = 0 [pid 5124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5123] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5122] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5119] <... openat resumed>) = 4 [ 115.560385][ T5122] loop3: detected capacity change from 0 to 1024 [ 115.571302][ T5123] loop2: detected capacity change from 0 to 1024 [pid 5119] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5122] <... mount resumed>) = 0 [pid 5123] <... mount resumed>) = 0 [pid 5122] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5121] <... ioctl resumed>) = 0 [pid 5120] <... ioctl resumed>) = 0 [pid 5119] <... ioctl resumed>) = 0 [pid 5123] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5122] <... openat resumed>) = 3 [pid 5121] exit_group(0 [pid 5123] <... openat resumed>) = 3 [pid 5122] chdir("./file1" [pid 5121] <... exit_group resumed>) = ? [pid 5120] exit_group(0 [pid 5119] exit_group(0 [pid 5123] chdir("./file1" [pid 5122] <... chdir resumed>) = 0 [pid 5121] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5123] <... chdir resumed>) = 0 [pid 5122] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5123] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] <... restart_syscall resumed>) = 0 [pid 5123] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5122] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5120] <... exit_group resumed>) = ? [pid 5119] <... exit_group resumed>) = ? [pid 5123] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5122] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] <... openat resumed>) = 4 [pid 5122] <... openat resumed>) = 4 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5124] <... write resumed>) = 524288 [pid 5123] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5120] +++ exited with 0 +++ [pid 5119] +++ exited with 0 +++ [pid 5075] <... openat resumed>) = 3 [pid 5123] <... ioctl resumed>) = 0 [pid 5122] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5075] newfstatat(3, "", [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5123] exit_group(0 [pid 5122] <... ioctl resumed>) = 0 [pid 5076] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5123] <... exit_group resumed>) = ? [pid 5122] exit_group(0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] getdents64(3, [pid 5122] <... exit_group resumed>) = ? [pid 5076] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5122] +++ exited with 0 +++ [pid 5076] <... openat resumed>) = 3 [pid 5075] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5076] newfstatat(3, "", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5124] munmap(0x7f7064400000, 138412032 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5124] <... munmap resumed>) = 0 [pid 5123] +++ exited with 0 +++ [pid 5080] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... restart_syscall resumed>) = 0 [pid 5076] getdents64(3, [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5124] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] <... openat resumed>) = 3 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] unlink("./6/binderfs" [pid 5124] <... openat resumed>) = 4 [pid 5124] ioctl(4, LOOP_SET_FD, 3 [pid 5076] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... unlink resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 5078] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(3, [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] unlink("./5/binderfs" [pid 5078] <... openat resumed>) = 3 [pid 5075] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] newfstatat(3, "", [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(3, [pid 5080] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] unlink("./5/binderfs" [pid 5078] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5124] <... ioctl resumed>) = 0 [pid 5080] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] unlink("./5/binderfs" [pid 5077] <... openat resumed>) = 3 [pid 5124] close(3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5124] <... close resumed>) = 0 [pid 5077] getdents64(3, [pid 5078] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5124] close(4 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5124] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5124] mkdir("./file1", 0777 [pid 5077] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./6/binderfs" [pid 5124] <... mkdir resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5124] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5077] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [ 115.697089][ T5124] loop4: detected capacity change from 0 to 1024 [pid 5080] <... umount2 resumed>) = 0 [pid 5078] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5124] <... mount resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5124] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5078] newfstatat(AT_FDCWD, "./5/file1", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5124] <... openat resumed>) = 3 [pid 5124] chdir("./file1" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] newfstatat(AT_FDCWD, "./5/file1", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5124] <... chdir resumed>) = 0 [pid 5078] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(AT_FDCWD, "./6/file1", [pid 5124] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5124] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = 0 [pid 5076] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5124] <... openat resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5124] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] newfstatat(AT_FDCWD, "./5/file1", [pid 5078] newfstatat(4, "", [pid 5076] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5124] <... ioctl resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 4 [pid 5075] <... openat resumed>) = 4 [pid 5124] exit_group(0 [pid 5080] umount2("./5/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] getdents64(4, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(4, "", [pid 5075] newfstatat(4, "", [pid 5124] <... exit_group resumed>) = ? [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] newfstatat(AT_FDCWD, "./6/file1", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(4, [pid 5080] getdents64(4, [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, [pid 5080] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5075] close(4 [pid 5080] <... close resumed>) = 0 [pid 5077] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... close resumed>) = 0 [pid 5080] rmdir("./5/file1" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] rmdir("./6/file1" [pid 5080] <... rmdir resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, [pid 5077] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5124] +++ exited with 0 +++ [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(4, [pid 5077] newfstatat(4, "", [pid 5076] getdents64(4, [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] getdents64(3, [pid 5080] close(3 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5078] close(4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5076] getdents64(4, [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] rmdir("./5" [pid 5079] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] rmdir("./5/file1" [pid 5077] getdents64(4, [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] close(3 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] close(4 [pid 5078] getdents64(3, [pid 5080] mkdir("./6", 0777 [pid 5079] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] getdents64(4, [pid 5076] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5076] rmdir("./5/file1" [pid 5079] newfstatat(3, "", [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] rmdir("./6" [pid 5077] close(4 [pid 5076] <... rmdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5078] close(3 [pid 5077] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] rmdir("./6/file1" [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... rmdir resumed>) = 0 [pid 5075] mkdir("./7", 0777 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... close resumed>) = 0 [pid 5076] close(3 [pid 5075] <... mkdir resumed>) = 0 [pid 5077] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./6" [pid 5079] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5077] <... rmdir resumed>) = 0 [pid 5080] close(3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] unlink("./6/binderfs" [pid 5078] rmdir("./5" [pid 5076] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... unlink resumed>) = 0 [pid 5077] mkdir("./7", 0777 [pid 5076] rmdir("./5" [pid 5079] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5076] mkdir("./6", 0777 [pid 5075] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD) = 0 [pid 5075] close(3) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD) = 0 [pid 5077] close(3 [pid 5078] mkdir("./6", 0777 [pid 5077] <... close resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5125 [pid 5076] close(3) = 0 ./strace-static-x86_64: Process 5125 attached [pid 5125] set_robust_list(0x555574eaa660, 24) = 0 [pid 5125] chdir("./7"./strace-static-x86_64: Process 5126 attached [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5126 [pid 5126] set_robust_list(0x555574eaa660, 24 [pid 5125] <... chdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5126] <... set_robust_list resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5126] chdir("./6" [pid 5125] <... prctl resumed>) = 0 [pid 5126] <... chdir resumed>) = 0 [pid 5125] setpgid(0, 0 [pid 5078] <... openat resumed>) = 3 [pid 5125] <... setpgid resumed>) = 0 [pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5127 [pid 5126] <... prctl resumed>) = 0 [pid 5079] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5127 attached [pid 5126] setpgid(0, 0 [pid 5125] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5127] set_robust_list(0x555574eaa660, 24 [pid 5126] <... setpgid resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5128 [pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5125] write(3, "1000", 4 [pid 5079] newfstatat(AT_FDCWD, "./6/file1", [pid 5125] <... write resumed>) = 4 [pid 5125] close(3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5128 attached [pid 5127] <... set_robust_list resumed>) = 0 [pid 5126] <... openat resumed>) = 3 [pid 5125] <... close resumed>) = 0 [pid 5128] set_robust_list(0x555574eaa660, 24 [pid 5125] symlink("/dev/binderfs", "./binderfs" [pid 5079] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5128] <... set_robust_list resumed>) = 0 [pid 5127] chdir("./7" [pid 5126] write(3, "1000", 4 [pid 5125] <... symlink resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5128] chdir("./6" [pid 5127] <... chdir resumed>) = 0 [pid 5126] <... write resumed>) = 4 [pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5126] close(3 [pid 5079] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5126] <... close resumed>) = 0 [pid 5125] memfd_create("syzkaller", 0 [pid 5079] <... openat resumed>) = 4 [pid 5126] symlink("/dev/binderfs", "./binderfs" [pid 5128] <... chdir resumed>) = 0 [pid 5127] <... prctl resumed>) = 0 [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5127] setpgid(0, 0 [pid 5079] newfstatat(4, "", [pid 5128] setpgid(0, 0 [pid 5127] <... setpgid resumed>) = 0 [pid 5126] <... symlink resumed>) = 0 [pid 5125] <... memfd_create resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5128] <... setpgid resumed>) = 0 [pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5127] <... openat resumed>) = 3 [pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] getdents64(4, [pid 5126] memfd_create("syzkaller", 0 [pid 5125] <... mmap resumed>) = 0x7f7064400000 [pid 5128] <... openat resumed>) = 3 [pid 5127] write(3, "1000", 4) = 4 [pid 5126] <... memfd_create resumed>) = 3 [pid 5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5079] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./6/file1") = 0 [pid 5128] write(3, "1000", 4 [pid 5125] <... write resumed>) = 524288 [pid 5079] getdents64(3, [pid 5127] close(3 [pid 5126] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5128] <... write resumed>) = 4 [pid 5127] <... close resumed>) = 0 [pid 5126] <... write resumed>) = 524288 [pid 5128] close(3 [pid 5127] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5128] <... close resumed>) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./6" [pid 5128] symlink("/dev/binderfs", "./binderfs" [pid 5127] <... symlink resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5127] memfd_create("syzkaller", 0 [pid 5079] mkdir("./7", 0777 [pid 5128] <... symlink resumed>) = 0 [pid 5127] <... memfd_create resumed>) = 3 [pid 5079] <... mkdir resumed>) = 0 [pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] close(3 [pid 5079] <... openat resumed>) = 3 [pid 5128] memfd_create("syzkaller", 0 [pid 5127] <... mmap resumed>) = 0x7f7064400000 [pid 5128] <... memfd_create resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] <... close resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] close(3 [pid 5128] <... mmap resumed>) = 0x7f7064400000 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5129 [pid 5126] munmap(0x7f7064400000, 138412032./strace-static-x86_64: Process 5129 attached ) = 0 [pid 5129] set_robust_list(0x555574eaa660, 24) = 0 [pid 5129] chdir("./6") = 0 [pid 5126] openat(AT_FDCWD, "/dev/loop5", O_RDWR./strace-static-x86_64: Process 5130 attached [pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5125] munmap(0x7f7064400000, 138412032 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5130 [pid 5130] set_robust_list(0x555574eaa660, 24 [pid 5129] <... prctl resumed>) = 0 [pid 5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5130] <... set_robust_list resumed>) = 0 [pid 5129] setpgid(0, 0 [pid 5125] <... munmap resumed>) = 0 [pid 5130] chdir("./7" [pid 5129] <... setpgid resumed>) = 0 [pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5130] <... chdir resumed>) = 0 [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5129] <... openat resumed>) = 3 [pid 5130] <... prctl resumed>) = 0 [pid 5130] setpgid(0, 0 [pid 5127] <... write resumed>) = 524288 [pid 5130] <... setpgid resumed>) = 0 [pid 5129] write(3, "1000", 4 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5129] <... write resumed>) = 4 [pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5129] close(3) = 0 [pid 5130] <... openat resumed>) = 3 [pid 5129] symlink("/dev/binderfs", "./binderfs" [pid 5130] write(3, "1000", 4 [pid 5129] <... symlink resumed>) = 0 [pid 5130] <... write resumed>) = 4 [pid 5129] memfd_create("syzkaller", 0 [pid 5130] close(3 [pid 5129] <... memfd_create resumed>) = 3 [pid 5130] <... close resumed>) = 0 [pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5130] symlink("/dev/binderfs", "./binderfs" [pid 5129] <... mmap resumed>) = 0x7f7064400000 [pid 5130] <... symlink resumed>) = 0 [pid 5129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5130] memfd_create("syzkaller", 0 [pid 5127] munmap(0x7f7064400000, 138412032 [pid 5128] <... write resumed>) = 524288 [pid 5130] <... memfd_create resumed>) = 3 [pid 5128] munmap(0x7f7064400000, 138412032 [pid 5127] <... munmap resumed>) = 0 [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5128] <... munmap resumed>) = 0 [pid 5127] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5127] <... openat resumed>) = 4 [pid 5127] ioctl(4, LOOP_SET_FD, 3 [pid 5125] <... openat resumed>) = 4 [pid 5125] ioctl(4, LOOP_SET_FD, 3 [pid 5127] <... ioctl resumed>) = 0 [pid 5126] <... openat resumed>) = 4 [pid 5126] ioctl(4, LOOP_SET_FD, 3 [pid 5128] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5128] ioctl(4, LOOP_SET_FD, 3 [pid 5129] <... write resumed>) = 524288 [pid 5129] munmap(0x7f7064400000, 138412032 [pid 5130] <... write resumed>) = 524288 [pid 5129] <... munmap resumed>) = 0 [pid 5125] <... ioctl resumed>) = 0 [pid 5125] close(3) = 0 [pid 5126] <... ioctl resumed>) = 0 [pid 5125] close(4 [pid 5130] munmap(0x7f7064400000, 138412032 [pid 5129] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5126] close(3 [pid 5125] <... close resumed>) = 0 [pid 5130] <... munmap resumed>) = 0 [pid 5129] <... openat resumed>) = 4 [pid 5126] <... close resumed>) = 0 [pid 5125] mkdir("./file1", 0777 [pid 5126] close(4 [pid 5125] <... mkdir resumed>) = 0 [ 116.054265][ T5127] loop2: detected capacity change from 0 to 1024 [ 116.061157][ T5125] loop0: detected capacity change from 0 to 1024 [ 116.070494][ T5126] loop5: detected capacity change from 0 to 1024 [ 116.079324][ T5128] loop1: detected capacity change from 0 to 1024 [pid 5130] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5129] ioctl(4, LOOP_SET_FD, 3 [pid 5128] <... ioctl resumed>) = 0 [pid 5127] close(3 [pid 5126] <... close resumed>) = 0 [pid 5125] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5130] <... openat resumed>) = 4 [pid 5129] <... ioctl resumed>) = 0 [pid 5127] <... close resumed>) = 0 [pid 5126] mkdir("./file1", 0777 [pid 5130] ioctl(4, LOOP_SET_FD, 3 [pid 5128] close(3 [pid 5127] close(4 [pid 5130] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5128] <... close resumed>) = 0 [pid 5127] <... close resumed>) = 0 [pid 5130] ioctl(4, LOOP_CLR_FD [pid 5128] close(4 [pid 5127] mkdir("./file1", 0777 [pid 5126] <... mkdir resumed>) = 0 [pid 5130] <... ioctl resumed>) = 0 [pid 5128] <... close resumed>) = 0 [pid 5127] <... mkdir resumed>) = 0 [pid 5128] mkdir("./file1", 0777 [pid 5127] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5126] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5130] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5130] close(4) = 0 [pid 5130] close(3 [pid 5128] <... mkdir resumed>) = 0 [pid 5128] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5129] close(3 [pid 5125] <... mount resumed>) = 0 [pid 5129] <... close resumed>) = 0 [pid 5129] close(4 [pid 5125] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5129] <... close resumed>) = 0 [pid 5129] mkdir("./file1", 0777) = 0 [pid 5125] <... openat resumed>) = 3 [ 116.124680][ T5129] loop3: detected capacity change from 0 to 1024 [pid 5130] <... close resumed>) = 0 [pid 5129] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5126] <... mount resumed>) = 0 [pid 5125] chdir("./file1") = 0 [pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5130] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5126] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5130] <... openat resumed>) = 3 [pid 5127] <... mount resumed>) = 0 [pid 5126] <... openat resumed>) = 3 [pid 5125] <... openat resumed>) = 4 [pid 5130] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5129] <... mount resumed>) = 0 [pid 5128] <... mount resumed>) = 0 [pid 5127] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5126] chdir("./file1" [pid 5127] <... openat resumed>) = 3 [pid 5126] <... chdir resumed>) = 0 [pid 5127] chdir("./file1") = 0 [pid 5126] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5127] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5129] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5126] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5125] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5129] <... openat resumed>) = 3 [pid 5126] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5129] chdir("./file1") = 0 [pid 5128] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5127] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5126] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5129] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5129] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5129] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5127] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5128] <... openat resumed>) = 3 [pid 5127] <... openat resumed>) = 4 [pid 5128] chdir("./file1") = 0 [pid 5127] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5128] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5128] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5128] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5130] <... ioctl resumed>) = 0 [pid 5129] <... ioctl resumed>) = 0 [pid 5126] <... ioctl resumed>) = 0 [pid 5125] <... ioctl resumed>) = 0 [pid 5128] <... ioctl resumed>) = 0 [pid 5127] <... ioctl resumed>) = 0 [pid 5130] exit_group(0 [pid 5129] exit_group(0 [pid 5128] exit_group(0 [pid 5126] exit_group(0 [pid 5125] exit_group(0 [pid 5130] <... exit_group resumed>) = ? [pid 5129] <... exit_group resumed>) = ? [pid 5128] <... exit_group resumed>) = ? [pid 5127] exit_group(0 [pid 5126] <... exit_group resumed>) = ? [pid 5125] <... exit_group resumed>) = ? [pid 5128] +++ exited with 0 +++ [pid 5127] <... exit_group resumed>) = ? [pid 5126] +++ exited with 0 +++ [pid 5125] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5127] +++ exited with 0 +++ [pid 5130] +++ exited with 0 +++ [pid 5076] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5076] <... openat resumed>) = 3 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5075] <... openat resumed>) = 3 [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5077] <... restart_syscall resumed>) = 0 [pid 5076] newfstatat(3, "", [pid 5129] +++ exited with 0 +++ [pid 5079] <... restart_syscall resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(3, "", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5077] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5075] getdents64(3, [pid 5080] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(3, "", [pid 5079] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... openat resumed>) = 3 [pid 5076] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] newfstatat(3, "", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(3, [pid 5079] newfstatat(3, "", [pid 5078] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5079] getdents64(3, [pid 5078] newfstatat(3, "", [pid 5076] unlink("./6/binderfs" [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 3 entries */, 32768) = 80 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5079] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] getdents64(3, [pid 5075] unlink("./7/binderfs" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] getdents64(3, [pid 5076] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... unlink resumed>) = 0 [pid 5080] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./7/binderfs" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] unlink("./6/binderfs" [pid 5079] <... unlink resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... unlink resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5077] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] getdents64(3, [pid 5078] unlink("./6/binderfs" [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5079] close(3 [pid 5078] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] unlink("./7/binderfs" [pid 5079] <... close resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5079] rmdir("./7") = 0 [pid 5077] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] mkdir("./8", 0777) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... umount2 resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(AT_FDCWD, "./7/file1", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./6/file1", [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5131 attached [pid 5080] newfstatat(AT_FDCWD, "./6/file1", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./6/file1", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] newfstatat(AT_FDCWD, "./7/file1", [pid 5080] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./6/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5131 [pid 5078] <... openat resumed>) = 4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5131] set_robust_list(0x555574eaa660, 24 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(4, "", [pid 5077] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5131] <... set_robust_list resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5131] chdir("./8" [pid 5080] <... openat resumed>) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... openat resumed>) = 4 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5131] <... chdir resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5078] getdents64(4, [pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 5075] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5131] <... prctl resumed>) = 0 [pid 5080] getdents64(4, [pid 5078] getdents64(4, [pid 5077] newfstatat(4, "", [pid 5131] setpgid(0, 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] getdents64(4, [pid 5080] getdents64(4, [pid 5131] <... setpgid resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... openat resumed>) = 4 [pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] close(4 [pid 5078] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 5076] getdents64(4, [pid 5075] newfstatat(4, "", [pid 5080] <... close resumed>) = 0 [pid 5078] rmdir("./6/file1" [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5131] <... openat resumed>) = 3 [pid 5080] rmdir("./6/file1" [pid 5078] <... rmdir resumed>) = 0 [pid 5077] getdents64(4, [pid 5076] close(4 [pid 5075] getdents64(4, [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... close resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] close(4) = 0 [pid 5076] rmdir("./6/file1" [pid 5075] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5131] write(3, "1000", 4 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] rmdir("./7/file1" [pid 5076] <... rmdir resumed>) = 0 [pid 5075] close(4 [pid 5131] <... write resumed>) = 4 [pid 5080] getdents64(3, [pid 5131] close(3 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5075] <... close resumed>) = 0 [pid 5075] rmdir("./7/file1" [pid 5078] close(3 [pid 5075] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] close(3) = 0 [pid 5075] rmdir("./7" [pid 5131] <... close resumed>) = 0 [pid 5080] close(3 [pid 5078] <... close resumed>) = 0 [pid 5077] getdents64(3, [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5131] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... close resumed>) = 0 [pid 5078] rmdir("./6" [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 5131] <... symlink resumed>) = 0 [pid 5080] rmdir("./6" [pid 5078] <... rmdir resumed>) = 0 [pid 5077] close(3 [pid 5076] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] rmdir("./6" [pid 5075] mkdir("./8", 0777 [pid 5077] rmdir("./7") = 0 [pid 5131] memfd_create("syzkaller", 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5076] mkdir("./7", 0777 [pid 5075] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5131] <... memfd_create resumed>) = 3 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] mkdir("./7", 0777 [pid 5077] mkdir("./8", 0777 [pid 5076] <... mkdir resumed>) = 0 [pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5075] close(3) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... mkdir resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5131] <... mmap resumed>) = 0x7f7064400000 [pid 5080] mkdir("./7", 0777 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5132 ./strace-static-x86_64: Process 5132 attached [pid 5132] set_robust_list(0x555574eaa660, 24) = 0 [pid 5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5132] chdir("./8") = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... openat resumed>) = 3 [pid 5132] <... prctl resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5132] setpgid(0, 0 [pid 5078] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5132] <... setpgid resumed>) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5080] <... openat resumed>) = 3 [pid 5132] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5077] <... ioctl resumed>) = 0 [pid 5132] write(3, "1000", 4 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] close(3 [pid 5132] <... write resumed>) = 4 [pid 5080] close(3 [pid 5077] <... close resumed>) = 0 [pid 5132] close(3 [pid 5080] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5132] <... close resumed>) = 0 [pid 5132] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5132] memfd_create("syzkaller", 0) = 3 [pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 ./strace-static-x86_64: Process 5134 attached ./strace-static-x86_64: Process 5133 attached [pid 5132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5134] set_robust_list(0x555574eaa660, 24 [pid 5133] set_robust_list(0x555574eaa660, 24 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5133 [pid 5131] <... write resumed>) = 524288 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5134 [pid 5134] <... set_robust_list resumed>) = 0 [pid 5134] chdir("./7" [pid 5133] <... set_robust_list resumed>) = 0 [pid 5134] <... chdir resumed>) = 0 [pid 5131] munmap(0x7f7064400000, 138412032 [pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5134] setpgid(0, 0) = 0 [pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5133] chdir("./8" [pid 5131] <... munmap resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5134] write(3, "1000", 4 [pid 5133] <... chdir resumed>) = 0 [pid 5131] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5134] <... write resumed>) = 4 [pid 5134] close(3 [pid 5133] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5134] <... close resumed>) = 0 [pid 5131] <... openat resumed>) = 4 [pid 5134] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5134] memfd_create("syzkaller", 0) = 3 [pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5133] <... prctl resumed>) = 0 [pid 5131] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... ioctl resumed>) = 0 [pid 5133] setpgid(0, 0 [pid 5132] <... write resumed>) = 524288 [pid 5132] munmap(0x7f7064400000, 138412032 [pid 5131] <... ioctl resumed>) = 0 [pid 5133] <... setpgid resumed>) = 0 [pid 5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5132] <... munmap resumed>) = 0 [pid 5133] <... openat resumed>) = 3 [pid 5132] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5131] close(3 [pid 5078] close(3 [pid 5133] write(3, "1000", 4 [pid 5131] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5132] <... openat resumed>) = 4 [pid 5131] close(4 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] close(3 [pid 5132] ioctl(4, LOOP_SET_FD, 3 [pid 5133] <... write resumed>) = 4 [pid 5132] <... ioctl resumed>) = 0 [pid 5131] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5133] close(3 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5135 [pid 5131] mkdir("./file1", 0777 [pid 5133] <... close resumed>) = 0 [pid 5131] <... mkdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5135 attached [pid 5133] symlink("/dev/binderfs", "./binderfs" [pid 5131] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5135] set_robust_list(0x555574eaa660, 24) = 0 [pid 5135] chdir("./7" [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5136 [pid 5133] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5136 attached [pid 5135] <... chdir resumed>) = 0 [pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5136] set_robust_list(0x555574eaa660, 24 [pid 5135] <... prctl resumed>) = 0 [pid 5133] memfd_create("syzkaller", 0 [pid 5136] <... set_robust_list resumed>) = 0 [pid 5135] setpgid(0, 0 [pid 5134] <... write resumed>) = 524288 [pid 5133] <... memfd_create resumed>) = 3 [ 116.614703][ T5131] loop4: detected capacity change from 0 to 1024 [ 116.654077][ T5132] loop0: detected capacity change from 0 to 1024 [pid 5134] munmap(0x7f7064400000, 138412032 [pid 5132] close(3) = 0 [pid 5134] <... munmap resumed>) = 0 [pid 5132] close(4) = 0 [pid 5132] mkdir("./file1", 0777 [pid 5135] <... setpgid resumed>) = 0 [pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5136] chdir("./7" [pid 5132] <... mkdir resumed>) = 0 [pid 5131] <... mount resumed>) = 0 [pid 5136] <... chdir resumed>) = 0 [pid 5133] <... mmap resumed>) = 0x7f7064400000 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5132] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5136] <... prctl resumed>) = 0 [pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5131] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5136] setpgid(0, 0 [pid 5131] <... openat resumed>) = 3 [pid 5136] <... setpgid resumed>) = 0 [pid 5135] <... openat resumed>) = 3 [pid 5134] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5131] chdir("./file1" [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5135] write(3, "1000", 4 [pid 5134] <... openat resumed>) = 4 [pid 5133] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5131] <... chdir resumed>) = 0 [pid 5134] ioctl(4, LOOP_SET_FD, 3 [pid 5136] <... openat resumed>) = 3 [pid 5135] <... write resumed>) = 4 [pid 5134] <... ioctl resumed>) = 0 [pid 5131] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5133] <... write resumed>) = 524288 [pid 5135] close(3 [pid 5131] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5135] <... close resumed>) = 0 [pid 5131] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5135] symlink("/dev/binderfs", "./binderfs" [pid 5131] <... openat resumed>) = 4 [pid 5135] <... symlink resumed>) = 0 [pid 5131] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5136] write(3, "1000", 4) = 4 [pid 5132] <... mount resumed>) = 0 [pid 5132] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5136] close(3) = 0 [pid 5135] memfd_create("syzkaller", 0 [pid 5132] <... openat resumed>) = 3 [pid 5136] symlink("/dev/binderfs", "./binderfs" [pid 5132] chdir("./file1" [pid 5135] <... memfd_create resumed>) = 3 [pid 5132] <... chdir resumed>) = 0 [pid 5136] <... symlink resumed>) = 0 [pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5132] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5135] <... mmap resumed>) = 0x7f7064400000 [pid 5132] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5132] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5136] memfd_create("syzkaller", 0 [pid 5132] <... openat resumed>) = 4 [pid 5136] <... memfd_create resumed>) = 3 [pid 5133] munmap(0x7f7064400000, 138412032 [pid 5132] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5134] close(3) = 0 [pid 5134] close(4) = 0 [pid 5134] mkdir("./file1", 0777 [pid 5133] <... munmap resumed>) = 0 [pid 5136] <... mmap resumed>) = 0x7f7064400000 [pid 5134] <... mkdir resumed>) = 0 [ 116.714602][ T5134] loop5: detected capacity change from 0 to 1024 [pid 5134] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5135] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5133] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5132] <... ioctl resumed>) = 0 [pid 5131] <... ioctl resumed>) = 0 [pid 5132] exit_group(0) = ? [pid 5131] exit_group(0 [pid 5132] +++ exited with 0 +++ [pid 5131] <... exit_group resumed>) = ? [pid 5133] <... openat resumed>) = 4 [pid 5133] ioctl(4, LOOP_SET_FD, 3 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5075] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5134] <... mount resumed>) = 0 [pid 5131] +++ exited with 0 +++ [pid 5075] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5134] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5075] newfstatat(3, "", [pid 5134] <... openat resumed>) = 3 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(3, [pid 5134] chdir("./file1" [pid 5079] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5134] <... chdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5134] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5134] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... openat resumed>) = 3 [pid 5075] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5079] newfstatat(3, "", [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5134] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5134] <... openat resumed>) = 4 [pid 5079] getdents64(3, [pid 5075] unlink("./8/binderfs" [pid 5134] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... unlink resumed>) = 0 [pid 5134] <... ioctl resumed>) = 0 [pid 5079] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] <... write resumed>) = 524288 [pid 5135] <... write resumed>) = 524288 [pid 5134] exit_group(0 [pid 5133] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 116.796773][ T5133] loop2: detected capacity change from 0 to 1024 [pid 5134] <... exit_group resumed>) = ? [pid 5079] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5133] close(3 [pid 5136] munmap(0x7f7064400000, 138412032 [pid 5135] munmap(0x7f7064400000, 138412032 [pid 5134] +++ exited with 0 +++ [pid 5133] <... close resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5135] <... munmap resumed>) = 0 [pid 5133] close(4 [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5135] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5133] <... close resumed>) = 0 [pid 5080] <... restart_syscall resumed>) = 0 [pid 5133] mkdir("./file1", 0777 [pid 5136] <... munmap resumed>) = 0 [pid 5135] <... openat resumed>) = 4 [pid 5133] <... mkdir resumed>) = 0 [pid 5079] unlink("./8/binderfs" [pid 5135] ioctl(4, LOOP_SET_FD, 3 [pid 5133] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] <... unlink resumed>) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... openat resumed>) = 3 [pid 5075] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5136] <... openat resumed>) = 4 [pid 5080] newfstatat(3, "", [pid 5136] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] newfstatat(AT_FDCWD, "./8/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(3, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5075] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(4, [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] close(4 [pid 5133] <... mount resumed>) = 0 [pid 5080] unlink("./7/binderfs" [pid 5075] <... close resumed>) = 0 [pid 5135] <... ioctl resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5075] rmdir("./8/file1" [pid 5136] <... ioctl resumed>) = 0 [pid 5135] close(3 [pid 5133] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] close(3) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5133] <... openat resumed>) = 3 [pid 5136] close(4 [pid 5135] <... close resumed>) = 0 [pid 5133] chdir("./file1" [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5075] getdents64(3, [pid 5136] <... close resumed>) = 0 [pid 5133] <... chdir resumed>) = 0 [pid 5133] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [ 116.868483][ T5135] loop3: detected capacity change from 0 to 1024 [ 116.884153][ T5136] loop1: detected capacity change from 0 to 1024 [pid 5136] mkdir("./file1", 0777 [pid 5135] close(4 [pid 5133] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] close(3 [pid 5135] <... close resumed>) = 0 [pid 5133] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] newfstatat(AT_FDCWD, "./8/file1", [pid 5075] <... close resumed>) = 0 [pid 5133] <... openat resumed>) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] rmdir("./8" [pid 5136] <... mkdir resumed>) = 0 [pid 5135] mkdir("./file1", 0777 [pid 5133] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... rmdir resumed>) = 0 [pid 5079] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5075] mkdir("./9", 0777 [pid 5136] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5135] <... mkdir resumed>) = 0 [pid 5133] <... ioctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... mkdir resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5133] exit_group(0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5135] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5075] <... openat resumed>) = 3 [pid 5079] getdents64(4, [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5080] newfstatat(AT_FDCWD, "./7/file1", [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... ioctl resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] getdents64(4, [pid 5075] close(3 [pid 5133] <... exit_group resumed>) = ? [pid 5080] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] <... close resumed>) = 0 [pid 5079] close(4) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5136] <... mount resumed>) = 0 [pid 5133] +++ exited with 0 +++ [pid 5079] rmdir("./8/file1" [pid 5136] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5135] <... mount resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... rmdir resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5080] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... restart_syscall resumed>) = 0 [pid 5136] <... openat resumed>) = 3 [pid 5135] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... openat resumed>) = 4 [pid 5079] getdents64(3, [pid 5077] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] newfstatat(4, "", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5137 attached [pid 5136] chdir("./file1" [pid 5135] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5137] set_robust_list(0x555574eaa660, 24 [pid 5136] <... chdir resumed>) = 0 [pid 5135] chdir("./file1" [pid 5080] getdents64(4, [pid 5079] close(3 [pid 5077] newfstatat(3, "", [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5137 [pid 5137] <... set_robust_list resumed>) = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5135] <... chdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5136] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5135] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5079] <... close resumed>) = 0 [pid 5077] getdents64(3, [pid 5137] chdir("./9") = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5135] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] rmdir("./8" [pid 5080] getdents64(4, [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5136] <... openat resumed>) = 4 [pid 5077] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5137] <... prctl resumed>) = 0 [pid 5135] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5137] setpgid(0, 0 [pid 5136] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5135] <... openat resumed>) = 4 [pid 5080] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5137] <... setpgid resumed>) = 0 [pid 5136] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5135] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] rmdir("./7/file1" [pid 5079] mkdir("./9", 0777 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5136] exit_group(0 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5136] <... exit_group resumed>) = ? [pid 5135] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5080] getdents64(3, [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] unlink("./8/binderfs" [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5077] <... unlink resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD) = 0 [pid 5079] close(3 [pid 5136] +++ exited with 0 +++ [pid 5135] exit_group(0 [pid 5080] close(3 [pid 5079] <... close resumed>) = 0 [pid 5077] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5137] <... openat resumed>) = 3 [pid 5135] <... exit_group resumed>) = ? [pid 5080] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5137] write(3, "1000", 4 [pid 5080] rmdir("./7" [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5138 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- ./strace-static-x86_64: Process 5138 attached [pid 5137] <... write resumed>) = 4 [pid 5135] +++ exited with 0 +++ [pid 5080] <... rmdir resumed>) = 0 [pid 5076] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5138] set_robust_list(0x555574eaa660, 24 [pid 5137] close(3 [pid 5080] mkdir("./8", 0777 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5135, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5138] <... set_robust_list resumed>) = 0 [pid 5137] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5137] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... mkdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5138] chdir("./9" [pid 5076] newfstatat(3, "", [pid 5137] <... symlink resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5138] <... chdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5137] memfd_create("syzkaller", 0 [pid 5080] <... openat resumed>) = 3 [pid 5076] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5078] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] unlink("./7/binderfs" [pid 5138] <... prctl resumed>) = 0 [pid 5137] <... memfd_create resumed>) = 3 [pid 5078] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5138] setpgid(0, 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5138] <... setpgid resumed>) = 0 [pid 5078] newfstatat(3, "", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] newfstatat(AT_FDCWD, "./8/file1", [pid 5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5138] <... openat resumed>) = 3 [pid 5137] <... mmap resumed>) = 0x7f7064400000 [pid 5078] getdents64(3, [pid 5076] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] <... umount2 resumed>) = 0 [pid 5076] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./7/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(4, "", [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./7/file1") = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5138] write(3, "1000", 4 [pid 5078] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5138] <... write resumed>) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] getdents64(4, [pid 5137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5138] close(3 [pid 5078] unlink("./7/binderfs" [pid 5138] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5138] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... unlink resumed>) = 0 [pid 5077] getdents64(4, [pid 5076] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./7") = 0 [pid 5078] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] mkdir("./8", 0777 [pid 5138] <... symlink resumed>) = 0 [pid 5077] close(4 [pid 5076] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5138] memfd_create("syzkaller", 0 [pid 5080] close(3 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5138] <... memfd_create resumed>) = 3 [pid 5137] <... write resumed>) = 524288 [pid 5080] <... close resumed>) = 0 [pid 5077] rmdir("./8/file1" [pid 5076] <... openat resumed>) = 3 [pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5137] munmap(0x7f7064400000, 138412032 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] <... rmdir resumed>) = 0 [pid 5138] <... mmap resumed>) = 0x7f7064400000 [pid 5138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(3, [pid 5137] <... munmap resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 5078] newfstatat(AT_FDCWD, "./7/file1", [pid 5137] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] rmdir("./8" [pid 5137] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5139 attached [pid 5137] ioctl(4, LOOP_SET_FD, 3 [pid 5078] umount2("./7/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... rmdir resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5139 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] mkdir("./9", 0777 [pid 5139] set_robust_list(0x555574eaa660, 24) = 0 [pid 5139] chdir("./8" [pid 5138] <... write resumed>) = 524288 [pid 5137] <... ioctl resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5077] <... mkdir resumed>) = 0 [pid 5139] <... chdir resumed>) = 0 [pid 5138] munmap(0x7f7064400000, 138412032 [pid 5137] close(3 [pid 5078] newfstatat(4, "", [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5139] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5138] <... munmap resumed>) = 0 [pid 5137] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5139] <... prctl resumed>) = 0 [pid 5138] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5137] close(4 [pid 5078] getdents64(4, [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5139] setpgid(0, 0 [pid 5138] <... openat resumed>) = 4 [pid 5137] <... close resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5137] mkdir("./file1", 0777 [pid 5138] ioctl(4, LOOP_SET_FD, 3 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5139] <... setpgid resumed>) = 0 [pid 5138] <... ioctl resumed>) = 0 [pid 5137] <... mkdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5138] close(3 [pid 5137] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5078] getdents64(4, [pid 5138] <... close resumed>) = 0 [pid 5139] <... openat resumed>) = 3 [pid 5138] close(4 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5140 attached [pid 5139] write(3, "1000", 4 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5140 [pid 5078] close(4 [pid 5138] <... close resumed>) = 0 [ 117.142022][ T5137] loop0: detected capacity change from 0 to 1024 [ 117.174928][ T5138] loop4: detected capacity change from 0 to 1024 [pid 5138] mkdir("./file1", 0777 [pid 5140] set_robust_list(0x555574eaa660, 24 [pid 5139] <... write resumed>) = 4 [pid 5138] <... mkdir resumed>) = 0 [pid 5137] <... mount resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5140] <... set_robust_list resumed>) = 0 [pid 5139] close(3 [pid 5138] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5137] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5078] rmdir("./7/file1" [pid 5140] chdir("./9" [pid 5139] <... close resumed>) = 0 [pid 5137] <... openat resumed>) = 3 [pid 5078] <... rmdir resumed>) = 0 [pid 5139] symlink("/dev/binderfs", "./binderfs" [pid 5078] getdents64(3, [pid 5140] <... chdir resumed>) = 0 [pid 5139] <... symlink resumed>) = 0 [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5137] chdir("./file1" [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5140] <... prctl resumed>) = 0 [pid 5078] close(3 [pid 5137] <... chdir resumed>) = 0 [pid 5140] setpgid(0, 0 [pid 5139] memfd_create("syzkaller", 0 [pid 5137] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] <... close resumed>) = 0 [pid 5076] close(3 [pid 5137] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] rmdir("./7" [pid 5076] <... close resumed>) = 0 [pid 5140] <... setpgid resumed>) = 0 [pid 5137] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5139] <... memfd_create resumed>) = 3 [pid 5138] <... mount resumed>) = 0 [pid 5137] <... openat resumed>) = 4 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5141 ./strace-static-x86_64: Process 5141 attached [pid 5141] set_robust_list(0x555574eaa660, 24 [pid 5139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5137] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5139] <... mmap resumed>) = 0x7f7064400000 [pid 5140] <... openat resumed>) = 3 [pid 5138] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5078] mkdir("./8", 0777 [pid 5141] <... set_robust_list resumed>) = 0 [pid 5138] <... openat resumed>) = 3 [pid 5141] chdir("./8" [pid 5138] chdir("./file1" [pid 5141] <... chdir resumed>) = 0 [pid 5138] <... chdir resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5141] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5140] write(3, "1000", 4 [pid 5139] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5138] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5141] <... prctl resumed>) = 0 [pid 5140] <... write resumed>) = 4 [pid 5137] <... ioctl resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5137] exit_group(0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5140] close(3 [pid 5137] <... exit_group resumed>) = ? [pid 5141] setpgid(0, 0) = 0 [pid 5140] <... close resumed>) = 0 [pid 5138] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5137] +++ exited with 0 +++ [pid 5078] <... ioctl resumed>) = 0 [pid 5140] symlink("/dev/binderfs", "./binderfs" [pid 5138] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] close(3 [pid 5141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5140] <... symlink resumed>) = 0 [pid 5138] <... openat resumed>) = 4 [pid 5078] <... close resumed>) = 0 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5137, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5141] <... openat resumed>) = 3 [pid 5138] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5141] write(3, "1000", 4 [pid 5075] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5141] <... write resumed>) = 4 ./strace-static-x86_64: Process 5142 attached [pid 5140] memfd_create("syzkaller", 0 [pid 5138] <... ioctl resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5142 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5142] set_robust_list(0x555574eaa660, 24 [pid 5141] close(3 [pid 5140] <... memfd_create resumed>) = 3 [pid 5138] exit_group(0 [pid 5141] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5142] <... set_robust_list resumed>) = 0 [pid 5141] symlink("/dev/binderfs", "./binderfs" [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5139] <... write resumed>) = 524288 [pid 5138] <... exit_group resumed>) = ? [pid 5075] <... openat resumed>) = 3 [pid 5141] <... symlink resumed>) = 0 [pid 5140] <... mmap resumed>) = 0x7f7064400000 [pid 5075] newfstatat(3, "", [pid 5141] memfd_create("syzkaller", 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5141] <... memfd_create resumed>) = 3 [pid 5075] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5142] chdir("./8" [pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5139] munmap(0x7f7064400000, 138412032 [pid 5138] +++ exited with 0 +++ [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5142] <... chdir resumed>) = 0 [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5141] <... mmap resumed>) = 0x7f7064400000 [pid 5075] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5142] <... prctl resumed>) = 0 [pid 5141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5138, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5142] setpgid(0, 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5142] <... setpgid resumed>) = 0 [pid 5139] <... munmap resumed>) = 0 [pid 5075] unlink("./9/binderfs" [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5139] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... unlink resumed>) = 0 [pid 5142] <... openat resumed>) = 3 [pid 5139] <... openat resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5142] write(3, "1000", 4 [pid 5140] <... write resumed>) = 524288 [pid 5139] ioctl(4, LOOP_SET_FD, 3 [pid 5079] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5142] <... write resumed>) = 4 [pid 5140] munmap(0x7f7064400000, 138412032 [pid 5079] <... openat resumed>) = 3 [pid 5142] close(3 [pid 5075] <... umount2 resumed>) = 0 [pid 5142] <... close resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5142] symlink("/dev/binderfs", "./binderfs" [pid 5140] <... munmap resumed>) = 0 [pid 5075] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5142] <... symlink resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5140] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] newfstatat(AT_FDCWD, "./9/file1", [pid 5140] <... openat resumed>) = 4 [pid 5079] getdents64(3, [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5140] ioctl(4, LOOP_SET_FD, 3 [pid 5075] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5142] memfd_create("syzkaller", 0 [pid 5140] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5140] ioctl(4, LOOP_CLR_FD [pid 5142] <... memfd_create resumed>) = 3 [pid 5140] <... ioctl resumed>) = 0 [pid 5079] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... openat resumed>) = 4 [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(4, "", [pid 5142] <... mmap resumed>) = 0x7f7064400000 [pid 5141] <... write resumed>) = 524288 [pid 5079] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5141] munmap(0x7f7064400000, 138412032 [pid 5140] ioctl(4, LOOP_SET_FD, 3 [pid 5079] unlink("./9/binderfs" [pid 5075] getdents64(4, [pid 5140] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... unlink resumed>) = 0 [pid 5140] close(4 [pid 5079] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5140] <... close resumed>) = 0 [pid 5140] close(3 [pid 5075] getdents64(4, [pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5141] <... munmap resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./9/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5140] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5141] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] newfstatat(4, "", [pid 5075] close(4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 5075] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, [pid 5142] <... write resumed>) = 524288 [pid 5141] <... openat resumed>) = 4 [pid 5140] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] rmdir("./9/file1" [pid 5142] munmap(0x7f7064400000, 138412032 [pid 5141] ioctl(4, LOOP_SET_FD, 3 [pid 5140] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5142] <... munmap resumed>) = 0 [pid 5141] <... ioctl resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5142] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5140] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] close(4 [pid 5140] <... ioctl resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5142] <... openat resumed>) = 4 [pid 5140] exit_group(0 [pid 5079] rmdir("./9/file1" [pid 5140] <... exit_group resumed>) = ? [pid 5079] <... rmdir resumed>) = 0 [pid 5142] ioctl(4, LOOP_SET_FD, 3 [pid 5079] getdents64(3, [pid 5075] getdents64(3, [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./9" [pid 5140] +++ exited with 0 +++ [pid 5139] <... ioctl resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5075] close(3 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5075] <... close resumed>) = 0 [pid 5075] rmdir("./9" [pid 5079] mkdir("./10", 0777) = 0 [pid 5139] close(3 [pid 5077] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... rmdir resumed>) = 0 [pid 5139] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] mkdir("./10", 0777 [pid 5139] close(4 [pid 5077] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... mkdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5139] <... close resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 5141] close(3 [pid 5139] mkdir("./file1", 0777 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5141] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5141] close(4 [pid 5139] <... mkdir resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] getdents64(3, [pid 5075] <... openat resumed>) = 3 [pid 5141] <... close resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5141] mkdir("./file1", 0777 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 3 entries */, 32768) = 80 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5141] <... mkdir resumed>) = 0 [pid 5079] close(3) = 0 [pid 5077] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... ioctl resumed>) = 0 [pid 5141] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5075] close(3 [pid 5139] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5075] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5142] <... ioctl resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5143 [pid 5142] close(3./strace-static-x86_64: Process 5143 attached ) = 0 [pid 5077] unlink("./9/binderfs" [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5143] set_robust_list(0x555574eaa660, 24 [pid 5142] close(4) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5142] mkdir("./file1", 0777 [pid 5143] <... set_robust_list resumed>) = 0 [pid 5142] <... mkdir resumed>) = 0 [pid 5077] getdents64(3, ./strace-static-x86_64: Process 5144 attached [pid 5143] chdir("./10" [pid 5141] <... mount resumed>) = 0 [ 117.443755][ T5141] loop1: detected capacity change from 0 to 1024 [ 117.456706][ T5139] loop5: detected capacity change from 0 to 1024 [ 117.478530][ T5142] loop3: detected capacity change from 0 to 1024 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5144 [pid 5144] set_robust_list(0x555574eaa660, 24 [pid 5143] <... chdir resumed>) = 0 [pid 5142] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5141] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5144] <... set_robust_list resumed>) = 0 [pid 5143] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5141] <... openat resumed>) = 3 [pid 5077] close(3 [pid 5143] <... prctl resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5141] chdir("./file1" [pid 5144] chdir("./10" [pid 5143] setpgid(0, 0 [pid 5077] rmdir("./9" [pid 5141] <... chdir resumed>) = 0 [pid 5141] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5143] <... setpgid resumed>) = 0 [pid 5141] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... rmdir resumed>) = 0 [pid 5141] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5144] <... chdir resumed>) = 0 [pid 5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5139] <... mount resumed>) = 0 [pid 5077] mkdir("./10", 0777 [pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5142] <... mount resumed>) = 0 [pid 5144] <... prctl resumed>) = 0 [pid 5143] <... openat resumed>) = 3 [pid 5139] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] <... mkdir resumed>) = 0 [pid 5144] setpgid(0, 0 [pid 5142] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5144] <... setpgid resumed>) = 0 [pid 5142] chdir("./file1" [pid 5141] <... openat resumed>) = 4 [pid 5142] <... chdir resumed>) = 0 [pid 5139] <... openat resumed>) = 3 [pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5143] write(3, "1000", 4 [pid 5142] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5141] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5142] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5141] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5142] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5141] exit_group(0 [pid 5142] <... openat resumed>) = 4 [pid 5141] <... exit_group resumed>) = ? [pid 5142] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5143] <... write resumed>) = 4 [pid 5142] exit_group(0 [pid 5144] <... openat resumed>) = 3 [pid 5143] close(3 [pid 5142] <... exit_group resumed>) = ? [pid 5139] chdir("./file1" [pid 5143] <... close resumed>) = 0 [pid 5139] <... chdir resumed>) = 0 [pid 5144] write(3, "1000", 4 [pid 5143] symlink("/dev/binderfs", "./binderfs" [pid 5142] +++ exited with 0 +++ [pid 5141] +++ exited with 0 +++ [pid 5139] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5144] <... write resumed>) = 4 [pid 5143] <... symlink resumed>) = 0 [pid 5139] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5141, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5144] close(3 [pid 5143] memfd_create("syzkaller", 0 [pid 5139] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] <... openat resumed>) = 3 [pid 5144] <... close resumed>) = 0 [pid 5144] symlink("/dev/binderfs", "./binderfs" [pid 5143] <... memfd_create resumed>) = 3 [pid 5139] <... openat resumed>) = 4 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5144] <... symlink resumed>) = 0 [pid 5077] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5139] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5144] memfd_create("syzkaller", 0 [pid 5077] close(3 [pid 5143] <... mmap resumed>) = 0x7f7064400000 [pid 5139] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", [pid 5078] newfstatat(3, "", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5143] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5139] exit_group(0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5139] <... exit_group resumed>) = ? [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5139] +++ exited with 0 +++ [pid 5078] getdents64(3, [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5139, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5080] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5078] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5078] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./8/binderfs" [pid 5080] newfstatat(3, "", [pid 5078] unlink("./8/binderfs" [pid 5076] <... unlink resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5076] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(3, [pid 5078] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./8/binderfs") = 0 [pid 5080] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5145 attached [pid 5144] <... memfd_create resumed>) = 3 [pid 5143] <... write resumed>) = 524288 [pid 5080] <... umount2 resumed>) = 0 [pid 5145] set_robust_list(0x555574eaa660, 24 [pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5145 [pid 5145] <... set_robust_list resumed>) = 0 [pid 5144] <... mmap resumed>) = 0x7f7064400000 [pid 5080] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5145] chdir("./10" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./8/file1", [pid 5076] <... umount2 resumed>) = 0 [pid 5145] <... chdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5144] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./8/file1", [pid 5076] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5145] setpgid(0, 0 [pid 5080] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... openat resumed>) = 4 [pid 5078] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./8/file1", [pid 5080] newfstatat(4, "", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./8/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(4, [pid 5078] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] newfstatat(4, "", [pid 5076] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(4, [pid 5076] newfstatat(4, "", [pid 5080] close(4 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5145] <... setpgid resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5078] getdents64(4, [pid 5080] rmdir("./8/file1" [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] getdents64(4, [pid 5080] <... rmdir resumed>) = 0 [pid 5078] close(4) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] getdents64(3, [pid 5078] rmdir("./8/file1" [pid 5076] getdents64(4, [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5080] close(3 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5145] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 5143] munmap(0x7f7064400000, 138412032 [pid 5076] close(4 [pid 5145] write(3, "1000", 4 [pid 5080] rmdir("./8" [pid 5078] getdents64(3, [pid 5076] <... close resumed>) = 0 [pid 5145] <... write resumed>) = 4 [pid 5143] <... munmap resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] rmdir("./8/file1" [pid 5145] close(3 [pid 5144] <... write resumed>) = 524288 [pid 5143] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] mkdir("./9", 0777 [pid 5145] <... close resumed>) = 0 [pid 5143] <... openat resumed>) = 4 [pid 5080] <... mkdir resumed>) = 0 [pid 5078] close(3 [pid 5076] <... rmdir resumed>) = 0 [pid 5145] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] <... close resumed>) = 0 [pid 5143] ioctl(4, LOOP_SET_FD, 3 [pid 5078] rmdir("./8" [pid 5076] getdents64(3, [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5076] close(3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] mkdir("./9", 0777 [pid 5076] <... close resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] rmdir("./8" [pid 5145] memfd_create("syzkaller", 0 [pid 5080] close(3 [pid 5076] <... rmdir resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5145] <... memfd_create resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5076] mkdir("./9", 0777 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... mkdir resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3) = 0 [pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5144] munmap(0x7f7064400000, 138412032 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5146 attached [pid 5145] <... mmap resumed>) = 0x7f7064400000 [pid 5144] <... munmap resumed>) = 0 [pid 5143] <... ioctl resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5146] set_robust_list(0x555574eaa660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5146 [pid 5144] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5146] <... set_robust_list resumed>) = 0 [pid 5144] <... openat resumed>) = 4 [pid 5143] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5146] chdir("./9" [pid 5143] <... close resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5143] close(4 [pid 5076] <... ioctl resumed>) = 0 [pid 5146] <... chdir resumed>) = 0 [pid 5144] ioctl(4, LOOP_SET_FD, 3 [pid 5143] <... close resumed>) = 0 [ 117.736239][ T5143] loop4: detected capacity change from 0 to 1024 [pid 5076] close(3 [pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5143] mkdir("./file1", 0777 [pid 5076] <... close resumed>) = 0 [pid 5146] <... prctl resumed>) = 0 [pid 5145] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5143] <... mkdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5147 attached [pid 5146] setpgid(0, 0) = 0 [pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5147 [pid 5146] <... openat resumed>) = 3 [pid 5143] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5146] write(3, "1000", 4) = 4 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5148 [pid 5147] set_robust_list(0x555574eaa660, 24 [pid 5146] close(3) = 0 ./strace-static-x86_64: Process 5148 attached [pid 5146] symlink("/dev/binderfs", "./binderfs" [pid 5148] set_robust_list(0x555574eaa660, 24 [pid 5146] <... symlink resumed>) = 0 [pid 5148] <... set_robust_list resumed>) = 0 [pid 5147] <... set_robust_list resumed>) = 0 [pid 5143] <... mount resumed>) = 0 [pid 5148] chdir("./9" [pid 5147] chdir("./9" [pid 5146] memfd_create("syzkaller", 0 [pid 5143] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5148] <... chdir resumed>) = 0 [pid 5147] <... chdir resumed>) = 0 [pid 5146] <... memfd_create resumed>) = 3 [pid 5144] <... ioctl resumed>) = 0 [pid 5143] <... openat resumed>) = 3 [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5143] chdir("./file1" [pid 5148] <... prctl resumed>) = 0 [pid 5146] <... mmap resumed>) = 0x7f7064400000 [pid 5143] <... chdir resumed>) = 0 [ 117.777791][ T5144] loop0: detected capacity change from 0 to 1024 [pid 5147] <... prctl resumed>) = 0 [pid 5144] close(3 [pid 5148] setpgid(0, 0 [pid 5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5143] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5147] setpgid(0, 0 [pid 5144] <... close resumed>) = 0 [pid 5148] <... setpgid resumed>) = 0 [pid 5147] <... setpgid resumed>) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5145] <... write resumed>) = 524288 [pid 5144] close(4 [pid 5143] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5144] <... close resumed>) = 0 [pid 5143] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5144] mkdir("./file1", 0777 [pid 5145] munmap(0x7f7064400000, 138412032 [pid 5143] <... openat resumed>) = 4 [pid 5148] <... openat resumed>) = 3 [pid 5143] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5148] write(3, "1000", 4) = 4 [pid 5145] <... munmap resumed>) = 0 [pid 5148] close(3 [pid 5145] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5144] <... mkdir resumed>) = 0 [pid 5148] <... close resumed>) = 0 [pid 5147] <... openat resumed>) = 3 [pid 5145] <... openat resumed>) = 4 [pid 5144] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5148] symlink("/dev/binderfs", "./binderfs" [pid 5147] write(3, "1000", 4 [pid 5145] ioctl(4, LOOP_SET_FD, 3 [pid 5147] <... write resumed>) = 4 [pid 5146] <... write resumed>) = 524288 [pid 5148] <... symlink resumed>) = 0 [pid 5148] memfd_create("syzkaller", 0 [pid 5147] close(3 [pid 5148] <... memfd_create resumed>) = 3 [pid 5147] <... close resumed>) = 0 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5147] symlink("/dev/binderfs", "./binderfs" [pid 5148] <... mmap resumed>) = 0x7f7064400000 [pid 5147] <... symlink resumed>) = 0 [pid 5148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5143] <... ioctl resumed>) = 0 [pid 5143] exit_group(0 [pid 5147] memfd_create("syzkaller", 0 [pid 5143] <... exit_group resumed>) = ? [pid 5143] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5143, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5079] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5148] <... write resumed>) = 524288 [pid 5147] <... memfd_create resumed>) = 3 [pid 5146] munmap(0x7f7064400000, 138412032) = 0 [pid 5147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5145] <... ioctl resumed>) = 0 [pid 5079] getdents64(3, [pid 5147] <... mmap resumed>) = 0x7f7064400000 [pid 5145] close(3 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5146] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5146] <... openat resumed>) = 4 [pid 5145] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 117.875039][ T5145] loop2: detected capacity change from 0 to 1024 [ 117.908510][ T5144] hfsplus: unable to set blocksize to 1024! [pid 5146] ioctl(4, LOOP_SET_FD, 3 [pid 5079] unlink("./10/binderfs" [pid 5147] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5145] close(4 [pid 5079] <... unlink resumed>) = 0 [pid 5079] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5145] <... close resumed>) = 0 [pid 5148] munmap(0x7f7064400000, 138412032 [pid 5145] mkdir("./file1", 0777 [pid 5148] <... munmap resumed>) = 0 [pid 5145] <... mkdir resumed>) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5147] <... write resumed>) = 524288 [pid 5145] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5148] <... openat resumed>) = 4 [pid 5148] ioctl(4, LOOP_SET_FD, 3 [pid 5144] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5146] <... ioctl resumed>) = 0 [pid 5146] close(3 [pid 5079] <... umount2 resumed>) = 0 [pid 5146] <... close resumed>) = 0 [pid 5146] close(4) = 0 [pid 5146] mkdir("./file1", 0777) = 0 [pid 5079] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./10/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5146] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [ 117.946734][ T5146] loop5: detected capacity change from 0 to 1024 [ 117.956519][ T5144] hfsplus: unable to find HFS+ superblock [ 117.984972][ T5148] loop1: detected capacity change from 0 to 1024 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5148] <... ioctl resumed>) = 0 [pid 5145] <... mount resumed>) = 0 [pid 5144] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5148] close(3 [pid 5079] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5148] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5148] close(4) = 0 [pid 5148] mkdir("./file1", 0777 [pid 5145] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5144] <... openat resumed>) = 3 [pid 5079] newfstatat(4, "", [pid 5148] <... mkdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5148] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] getdents64(4, [pid 5147] munmap(0x7f7064400000, 138412032 [pid 5145] <... openat resumed>) = 3 [pid 5144] ioctl(3, LOOP_CLR_FD [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5147] <... munmap resumed>) = 0 [pid 5145] chdir("./file1" [pid 5144] <... ioctl resumed>) = 0 [pid 5079] getdents64(4, [pid 5147] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5145] <... chdir resumed>) = 0 [pid 5144] close(3 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5147] <... openat resumed>) = 4 [pid 5145] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5144] <... close resumed>) = 0 [pid 5079] close(4 [pid 5148] <... mount resumed>) = 0 [pid 5147] ioctl(4, LOOP_SET_FD, 3 [pid 5146] <... mount resumed>) = 0 [pid 5145] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5144] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... close resumed>) = 0 [pid 5148] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5146] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5145] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] rmdir("./10/file1" [pid 5148] <... openat resumed>) = 3 [pid 5146] <... openat resumed>) = 3 [pid 5079] <... rmdir resumed>) = 0 [pid 5145] <... openat resumed>) = 4 [pid 5144] <... openat resumed>) = 3 [pid 5145] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5144] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5148] chdir("./file1" [pid 5145] <... ioctl resumed>) = 0 [pid 5144] exit_group(0 [pid 5079] getdents64(3, [pid 5148] <... chdir resumed>) = 0 [pid 5146] chdir("./file1" [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5146] <... chdir resumed>) = 0 [pid 5079] close(3 [pid 5148] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5146] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... close resumed>) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5146] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] rmdir("./10" [pid 5148] <... openat resumed>) = 4 [pid 5146] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5145] exit_group(0 [pid 5144] <... exit_group resumed>) = ? [pid 5079] <... rmdir resumed>) = 0 [pid 5148] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5147] <... ioctl resumed>) = 0 [pid 5146] <... openat resumed>) = 4 [pid 5145] <... exit_group resumed>) = ? [pid 5148] <... ioctl resumed>) = 0 [pid 5148] exit_group(0 [pid 5146] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5148] <... exit_group resumed>) = ? [pid 5146] <... ioctl resumed>) = 0 [pid 5146] exit_group(0 [pid 5079] mkdir("./11", 0777 [pid 5146] <... exit_group resumed>) = ? [pid 5079] <... mkdir resumed>) = 0 [pid 5147] close(3 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5147] <... close resumed>) = 0 [pid 5144] +++ exited with 0 +++ [pid 5147] close(4 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5148] +++ exited with 0 +++ [pid 5147] <... close resumed>) = 0 [pid 5146] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [ 118.056141][ T5147] loop3: detected capacity change from 0 to 1024 [pid 5147] mkdir("./file1", 0777 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5075] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5147] <... mkdir resumed>) = 0 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... restart_syscall resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5147] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", [pid 5080] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5076] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", [pid 5076] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(3, "", [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 5076] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5075] getdents64(3, [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] unlink("./9/binderfs" [pid 5075] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... unlink resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5076] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./9/binderfs" [pid 5075] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5080] <... unlink resumed>) = 0 [pid 5080] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] unlink("./10/binderfs" [pid 5145] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5145, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5075] <... unlink resumed>) = 0 [pid 5077] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 [pid 5147] <... mount resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./10/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(3, [pid 5075] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... openat resumed>) = 4 [pid 5075] newfstatat(4, "", [pid 5147] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] <... ioctl resumed>) = 0 [pid 5077] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5147] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5147] chdir("./file1") = 0 [pid 5077] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5075] getdents64(4, [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] unlink("./10/binderfs" [pid 5075] getdents64(4, [pid 5147] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... unlink resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5147] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5075] close(4 [pid 5077] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... close resumed>) = 0 [pid 5147] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... umount2 resumed>) = 0 [pid 5075] rmdir("./10/file1") = 0 [pid 5147] <... openat resumed>) = 4 [pid 5076] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./9/file1", [pid 5147] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] close(3 [pid 5076] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] getdents64(3, [pid 5147] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5147] exit_group(0) = ? [pid 5076] <... openat resumed>) = 4 [pid 5075] close(3 [pid 5080] newfstatat(AT_FDCWD, "./9/file1", [pid 5076] newfstatat(4, "", [pid 5075] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] rmdir("./10" [pid 5147] +++ exited with 0 +++ [pid 5077] <... umount2 resumed>) = 0 [pid 5076] getdents64(4, [pid 5075] <... rmdir resumed>) = 0 [pid 5080] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5147, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(4, [pid 5075] mkdir("./11", 0777 [pid 5080] <... openat resumed>) = 4 [pid 5078] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] newfstatat(AT_FDCWD, "./10/file1", [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5150 attached [pid 5080] newfstatat(4, "", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] close(4 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5150] set_robust_list(0x555574eaa660, 24 [pid 5078] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] rmdir("./9/file1" [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5150] <... set_robust_list resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5150 [pid 5078] <... openat resumed>) = 3 [pid 5077] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5150] chdir("./11" [pid 5080] getdents64(4, [pid 5078] newfstatat(3, "", [pid 5077] <... openat resumed>) = 4 [pid 5076] getdents64(3, [pid 5075] close(3 [pid 5150] <... chdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] newfstatat(4, "", [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... close resumed>) = 0 [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] getdents64(3, [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(3 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5150] <... prctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] <... close resumed>) = 0 [pid 5150] setpgid(0, 0 [pid 5080] getdents64(4, [pid 5078] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] getdents64(4, [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] rmdir("./9" [pid 5150] <... setpgid resumed>) = 0 [pid 5080] close(4 [pid 5078] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5077] getdents64(4, [pid 5076] <... rmdir resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] mkdir("./10", 0777./strace-static-x86_64: Process 5151 attached [pid 5080] rmdir("./9/file1" [pid 5078] unlink("./9/binderfs" [pid 5077] close(4 [pid 5151] set_robust_list(0x555574eaa660, 24 [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5151 [pid 5151] <... set_robust_list resumed>) = 0 [pid 5080] getdents64(3, [pid 5078] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] rmdir("./10/file1") = 0 [pid 5150] <... openat resumed>) = 3 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5151] chdir("./11" [pid 5150] write(3, "1000", 4 [pid 5077] getdents64(3, [pid 5151] <... chdir resumed>) = 0 [pid 5150] <... write resumed>) = 4 [pid 5080] close(3 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5151] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5150] close(3 [pid 5080] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5151] <... prctl resumed>) = 0 [pid 5150] <... close resumed>) = 0 [pid 5080] rmdir("./9" [pid 5151] setpgid(0, 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5077] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5151] <... setpgid resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] rmdir("./10" [pid 5076] <... ioctl resumed>) = 0 [pid 5150] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... rmdir resumed>) = 0 [pid 5076] close(3 [pid 5151] <... openat resumed>) = 3 [pid 5150] <... symlink resumed>) = 0 [pid 5080] mkdir("./10", 0777 [pid 5076] <... close resumed>) = 0 [pid 5150] memfd_create("syzkaller", 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5151] write(3, "1000", 4 [pid 5150] <... memfd_create resumed>) = 3 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] mkdir("./11", 0777 [pid 5151] <... write resumed>) = 4 [pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5151] close(3 [pid 5150] <... mmap resumed>) = 0x7f7064400000 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] <... mkdir resumed>) = 0 [pid 5151] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5151] symlink("/dev/binderfs", "./binderfs" [pid 5080] ioctl(3, LOOP_CLR_FD) = 0 ./strace-static-x86_64: Process 5152 attached [pid 5080] close(3 [pid 5152] set_robust_list(0x555574eaa660, 24 [pid 5151] <... symlink resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5152] <... set_robust_list resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5152 [pid 5152] chdir("./10" [pid 5150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5077] <... openat resumed>) = 3 [pid 5152] <... chdir resumed>) = 0 [pid 5151] memfd_create("syzkaller", 0 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5152] <... prctl resumed>) = 0 [pid 5152] setpgid(0, 0) = 0 [pid 5151] <... memfd_create resumed>) = 3 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5151] <... mmap resumed>) = 0x7f7064400000 [pid 5078] newfstatat(AT_FDCWD, "./9/file1", [pid 5152] <... openat resumed>) = 3 [pid 5151] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./9/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5153 attached [pid 5153] set_robust_list(0x555574eaa660, 24 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5153] <... set_robust_list resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5153] chdir("./10" [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5152] write(3, "1000", 4 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5153 [pid 5152] <... write resumed>) = 4 [pid 5152] close(3) = 0 [pid 5152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5152] memfd_create("syzkaller", 0 [pid 5078] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5153] <... chdir resumed>) = 0 [pid 5152] <... memfd_create resumed>) = 3 [pid 5078] getdents64(4, [pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5153] <... prctl resumed>) = 0 [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5153] setpgid(0, 0 [pid 5078] close(4) = 0 [pid 5153] <... setpgid resumed>) = 0 [pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] rmdir("./9/file1" [pid 5153] <... openat resumed>) = 3 [pid 5152] <... mmap resumed>) = 0x7f7064400000 [pid 5150] <... write resumed>) = 524288 [pid 5078] <... rmdir resumed>) = 0 [pid 5153] write(3, "1000", 4 [pid 5150] munmap(0x7f7064400000, 138412032 [pid 5078] getdents64(3, [pid 5153] <... write resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5153] close(3 [pid 5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5150] <... munmap resumed>) = 0 [pid 5078] close(3 [pid 5153] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5153] symlink("/dev/binderfs", "./binderfs" [pid 5078] rmdir("./9" [pid 5153] <... symlink resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5153] memfd_create("syzkaller", 0 [pid 5150] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] mkdir("./10", 0777 [pid 5151] <... write resumed>) = 524288 [pid 5150] <... openat resumed>) = 4 [pid 5151] munmap(0x7f7064400000, 138412032) = 0 [pid 5150] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... mkdir resumed>) = 0 [pid 5151] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5153] <... memfd_create resumed>) = 3 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5151] ioctl(4, LOOP_SET_FD, 3 [pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5153] <... mmap resumed>) = 0x7f7064400000 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5153] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] close(3 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5152] <... write resumed>) = 524288 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5154 [pid 5152] munmap(0x7f7064400000, 138412032 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5155 ./strace-static-x86_64: Process 5154 attached ./strace-static-x86_64: Process 5155 attached [pid 5154] set_robust_list(0x555574eaa660, 24) = 0 [pid 5155] set_robust_list(0x555574eaa660, 24 [pid 5154] chdir("./11" [pid 5152] <... munmap resumed>) = 0 [pid 5155] <... set_robust_list resumed>) = 0 [pid 5154] <... chdir resumed>) = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5151] <... ioctl resumed>) = 0 [pid 5150] <... ioctl resumed>) = 0 [pid 5155] chdir("./10" [pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5151] close(3 [ 118.417236][ T5150] loop4: detected capacity change from 0 to 1024 [ 118.427234][ T5151] loop0: detected capacity change from 0 to 1024 [pid 5150] close(3 [pid 5155] <... chdir resumed>) = 0 [pid 5154] <... prctl resumed>) = 0 [pid 5151] <... close resumed>) = 0 [pid 5150] <... close resumed>) = 0 [pid 5155] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5154] setpgid(0, 0 [pid 5152] <... openat resumed>) = 4 [pid 5151] close(4 [pid 5155] <... prctl resumed>) = 0 [pid 5154] <... setpgid resumed>) = 0 [pid 5152] ioctl(4, LOOP_SET_FD, 3 [pid 5151] <... close resumed>) = 0 [pid 5150] close(4 [pid 5155] setpgid(0, 0 [pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5151] mkdir("./file1", 0777 [pid 5155] <... setpgid resumed>) = 0 [pid 5150] <... close resumed>) = 0 [pid 5155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5151] <... mkdir resumed>) = 0 [pid 5150] mkdir("./file1", 0777 [pid 5154] <... openat resumed>) = 3 [pid 5151] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5150] <... mkdir resumed>) = 0 [pid 5155] <... openat resumed>) = 3 [pid 5154] write(3, "1000", 4) = 4 [pid 5154] close(3) = 0 [pid 5150] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5155] write(3, "1000", 4 [pid 5154] symlink("/dev/binderfs", "./binderfs" [pid 5155] <... write resumed>) = 4 [pid 5154] <... symlink resumed>) = 0 [pid 5153] <... write resumed>) = 524288 [pid 5155] close(3) = 0 [pid 5155] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5154] memfd_create("syzkaller", 0 [pid 5155] memfd_create("syzkaller", 0 [pid 5151] <... mount resumed>) = 0 [pid 5155] <... memfd_create resumed>) = 3 [pid 5153] munmap(0x7f7064400000, 138412032 [pid 5151] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5154] <... memfd_create resumed>) = 3 [pid 5151] <... openat resumed>) = 3 [pid 5150] <... mount resumed>) = 0 [pid 5155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5153] <... munmap resumed>) = 0 [pid 5155] <... mmap resumed>) = 0x7f7064400000 [pid 5154] <... mmap resumed>) = 0x7f7064400000 [pid 5154] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5151] chdir("./file1" [pid 5152] <... ioctl resumed>) = 0 [pid 5151] <... chdir resumed>) = 0 [pid 5152] close(3 [pid 5150] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5155] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5152] <... close resumed>) = 0 [pid 5151] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5150] <... openat resumed>) = 3 [pid 5152] close(4 [pid 5151] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 118.506173][ T5152] loop1: detected capacity change from 0 to 1024 [pid 5153] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5152] <... close resumed>) = 0 [pid 5151] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5150] chdir("./file1" [pid 5152] mkdir("./file1", 0777 [pid 5153] <... openat resumed>) = 4 [pid 5152] <... mkdir resumed>) = 0 [pid 5151] <... openat resumed>) = 4 [pid 5150] <... chdir resumed>) = 0 [pid 5153] ioctl(4, LOOP_SET_FD, 3 [pid 5151] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5150] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5150] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5152] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5150] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5155] <... write resumed>) = 524288 [pid 5154] <... write resumed>) = 524288 [pid 5153] <... ioctl resumed>) = 0 [pid 5154] munmap(0x7f7064400000, 138412032 [pid 5153] close(3 [pid 5154] <... munmap resumed>) = 0 [pid 5153] <... close resumed>) = 0 [pid 5151] <... ioctl resumed>) = 0 [pid 5150] <... ioctl resumed>) = 0 [pid 5155] munmap(0x7f7064400000, 138412032 [pid 5154] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5153] close(4 [pid 5151] exit_group(0 [ 118.591512][ T5153] loop5: detected capacity change from 0 to 1024 [pid 5150] exit_group(0 [pid 5155] <... munmap resumed>) = 0 [pid 5154] <... openat resumed>) = 4 [pid 5153] <... close resumed>) = 0 [pid 5152] <... mount resumed>) = 0 [pid 5151] <... exit_group resumed>) = ? [pid 5150] <... exit_group resumed>) = ? [pid 5153] mkdir("./file1", 0777) = 0 [pid 5150] +++ exited with 0 +++ [pid 5151] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5151, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5155] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5153] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5154] ioctl(4, LOOP_SET_FD, 3 [pid 5152] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5152] <... openat resumed>) = 3 [pid 5079] <... restart_syscall resumed>) = 0 [pid 5075] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5155] <... openat resumed>) = 4 [pid 5155] ioctl(4, LOOP_SET_FD, 3 [pid 5154] <... ioctl resumed>) = 0 [pid 5152] chdir("./file1" [pid 5079] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5152] <... chdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5152] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5152] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... openat resumed>) = 3 [pid 5079] newfstatat(3, "", [pid 5154] close(3 [pid 5152] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5154] <... close resumed>) = 0 [pid 5152] <... openat resumed>) = 4 [pid 5079] getdents64(3, [pid 5154] close(4 [pid 5152] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5154] <... close resumed>) = 0 [pid 5152] <... ioctl resumed>) = 0 [pid 5079] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5154] mkdir("./file1", 0777 [pid 5152] exit_group(0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5154] <... mkdir resumed>) = 0 [pid 5152] <... exit_group resumed>) = ? [pid 5079] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5075] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5152] +++ exited with 0 +++ [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5154] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] unlink("./11/binderfs" [pid 5075] <... openat resumed>) = 3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5079] <... unlink resumed>) = 0 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5075] newfstatat(3, "", [pid 5076] <... restart_syscall resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(3, [pid 5076] getdents64(3, [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5155] <... ioctl resumed>) = 0 [pid 5153] <... mount resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5155] close(3 [pid 5153] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] <... umount2 resumed>) = 0 [pid 5155] <... close resumed>) = 0 [pid 5153] <... openat resumed>) = 3 [pid 5076] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5155] close(4 [pid 5153] chdir("./file1" [pid 5075] unlink("./11/binderfs" [pid 5155] <... close resumed>) = 0 [pid 5153] <... chdir resumed>) = 0 [pid 5155] mkdir("./file1", 0777 [pid 5154] <... mount resumed>) = 0 [ 118.657423][ T5155] loop3: detected capacity change from 0 to 1024 [ 118.657423][ T5154] loop2: detected capacity change from 0 to 1024 [pid 5153] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5155] <... mkdir resumed>) = 0 [pid 5154] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5153] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] unlink("./10/binderfs" [pid 5153] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] <... unlink resumed>) = 0 [pid 5075] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5155] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5154] <... openat resumed>) = 3 [pid 5153] <... openat resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5154] chdir("./file1" [pid 5153] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] newfstatat(AT_FDCWD, "./11/file1", [pid 5076] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5154] <... chdir resumed>) = 0 [pid 5153] <... ioctl resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5154] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5153] exit_group(0 [pid 5154] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5154] <... openat resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5153] <... exit_group resumed>) = ? [pid 5079] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5154] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5079] newfstatat(4, "", [pid 5154] exit_group(0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5154] <... exit_group resumed>) = ? [pid 5153] +++ exited with 0 +++ [pid 5079] getdents64(4, [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5153, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, [pid 5154] +++ exited with 0 +++ [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] close(4 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... close resumed>) = 0 [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5080] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] rmdir("./11/file1" [pid 5077] <... restart_syscall resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5079] <... rmdir resumed>) = 0 [pid 5155] <... mount resumed>) = 0 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] getdents64(3, [pid 5077] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5080] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... close resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5077] newfstatat(3, "", [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] rmdir("./11" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] unlink("./10/binderfs" [pid 5079] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, [pid 5080] <... unlink resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] mkdir("./12", 0777 [pid 5077] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5155] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5075] <... umount2 resumed>) = 0 [pid 5155] <... openat resumed>) = 3 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5155] chdir("./file1") = 0 [pid 5077] unlink("./11/binderfs") = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5077] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5155] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... umount2 resumed>) = 0 [pid 5075] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5155] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5155] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./11/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] newfstatat(AT_FDCWD, "./10/file1", [pid 5075] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5155] <... openat resumed>) = 4 [pid 5155] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5155] <... ioctl resumed>) = 0 [pid 5076] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5155] exit_group(0) = ? [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 4 [pid 5080] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] newfstatat(4, "", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./10/file1", [pid 5076] <... openat resumed>) = 4 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] newfstatat(4, "", [pid 5075] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] getdents64(4, [pid 5080] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] close(4 [pid 5155] +++ exited with 0 +++ [pid 5080] newfstatat(4, "", [pid 5077] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5155, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(4, [pid 5075] <... close resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./11/file1", [pid 5075] rmdir("./11/file1" [pid 5078] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... rmdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 5075] getdents64(3, [pid 5080] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] getdents64(3, [pid 5077] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] close(4 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] <... openat resumed>) = 4 [pid 5075] close(3 [pid 5080] <... close resumed>) = 0 [pid 5078] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] newfstatat(4, "", [pid 5080] rmdir("./10/file1" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(4 [pid 5075] <... close resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5077] getdents64(4, [pid 5076] <... close resumed>) = 0 [pid 5075] rmdir("./11" [pid 5076] rmdir("./10/file1" [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] unlink("./10/binderfs" [pid 5077] getdents64(4, [pid 5075] <... rmdir resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5077] close(4 [pid 5080] getdents64(3, [pid 5077] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] rmdir("./11/file1" [pid 5076] getdents64(3, [pid 5075] mkdir("./12", 0777 [pid 5080] close(3 [pid 5078] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5080] rmdir("./10") = 0 [pid 5077] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5076] close(3 [pid 5077] rmdir("./11") = 0 [pid 5076] <... close resumed>) = 0 [pid 5080] mkdir("./11", 0777 [pid 5076] rmdir("./10" [pid 5080] <... mkdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./11", 0777 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] mkdir("./12", 0777 [pid 5075] <... openat resumed>) = 3 [pid 5077] <... mkdir resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5080] ioctl(3, LOOP_CLR_FD) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] <... ioctl resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5079] close(3 [pid 5077] <... ioctl resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] close(3./strace-static-x86_64: Process 5157 attached [pid 5076] <... openat resumed>) = 3 [pid 5075] <... close resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5157] set_robust_list(0x555574eaa660, 24 [pid 5076] <... ioctl resumed>) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5157] <... set_robust_list resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5157 [pid 5157] chdir("./11" [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5156 [pid 5076] close(3./strace-static-x86_64: Process 5156 attached ) = 0 ./strace-static-x86_64: Process 5159 attached [pid 5159] set_robust_list(0x555574eaa660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5159 [pid 5159] <... set_robust_list resumed>) = 0 [ 118.853097][ T5089] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5159] chdir("./12"./strace-static-x86_64: Process 5158 attached [pid 5156] set_robust_list(0x555574eaa660, 24 [pid 5157] <... chdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5158 [pid 5157] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5159] <... chdir resumed>) = 0 [pid 5157] setpgid(0, 0 [pid 5159] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5157] <... setpgid resumed>) = 0 [pid 5159] <... prctl resumed>) = 0 [pid 5157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5159] setpgid(0, 0 [pid 5157] <... openat resumed>) = 3 [pid 5159] <... setpgid resumed>) = 0 [pid 5156] <... set_robust_list resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5160 attached [pid 5158] set_robust_list(0x555574eaa660, 24 [pid 5159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5156] chdir("./12" [pid 5078] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5160 [pid 5158] <... set_robust_list resumed>) = 0 [pid 5157] write(3, "1000", 4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5157] <... write resumed>) = 4 [pid 5158] chdir("./12" [pid 5157] close(3 [pid 5078] newfstatat(AT_FDCWD, "./10/file1", [pid 5160] set_robust_list(0x555574eaa660, 24 [pid 5157] <... close resumed>) = 0 [pid 5157] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5160] <... set_robust_list resumed>) = 0 [pid 5158] <... chdir resumed>) = 0 [pid 5078] umount2("./10/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5156] <... chdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5160] chdir("./11" [pid 5157] <... symlink resumed>) = 0 [pid 5158] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5156] setpgid(0, 0 [pid 5078] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5160] <... chdir resumed>) = 0 [pid 5158] <... prctl resumed>) = 0 [pid 5156] <... setpgid resumed>) = 0 [pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5158] setpgid(0, 0 [pid 5159] <... openat resumed>) = 3 [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5157] memfd_create("syzkaller", 0 [pid 5078] <... openat resumed>) = 4 [pid 5160] <... prctl resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 5158] <... setpgid resumed>) = 0 [pid 5157] <... memfd_create resumed>) = 3 [pid 5158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5160] setpgid(0, 0 [pid 5159] write(3, "1000", 4 [pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5160] <... setpgid resumed>) = 0 [pid 5159] <... write resumed>) = 4 [pid 5156] <... openat resumed>) = 3 [pid 5157] <... mmap resumed>) = 0x7f7064400000 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5158] <... openat resumed>) = 3 [pid 5159] close(3 [pid 5156] write(3, "1000", 4 [pid 5157] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5160] <... openat resumed>) = 3 [pid 5159] <... close resumed>) = 0 [pid 5156] <... write resumed>) = 4 [pid 5078] getdents64(4, [pid 5160] write(3, "1000", 4 [pid 5158] write(3, "1000", 4 [pid 5159] symlink("/dev/binderfs", "./binderfs" [pid 5156] close(3 [pid 5160] <... write resumed>) = 4 [pid 5158] <... write resumed>) = 4 [pid 5159] <... symlink resumed>) = 0 [pid 5156] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5160] close(3 [pid 5158] close(3 [pid 5159] memfd_create("syzkaller", 0 [pid 5156] symlink("/dev/binderfs", "./binderfs" [pid 5078] getdents64(4, [pid 5160] <... close resumed>) = 0 [pid 5158] <... close resumed>) = 0 [pid 5159] <... memfd_create resumed>) = 3 [pid 5156] <... symlink resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5160] symlink("/dev/binderfs", "./binderfs" [pid 5158] symlink("/dev/binderfs", "./binderfs" [pid 5159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5158] <... symlink resumed>) = 0 [pid 5078] close(4 [pid 5160] <... symlink resumed>) = 0 [pid 5159] <... mmap resumed>) = 0x7f7064400000 [pid 5078] <... close resumed>) = 0 [pid 5158] memfd_create("syzkaller", 0) = 3 [pid 5159] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5156] memfd_create("syzkaller", 0 [pid 5078] rmdir("./10/file1" [pid 5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5156] <... memfd_create resumed>) = 3 [pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5158] <... mmap resumed>) = 0x7f7064400000 [pid 5158] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5156] <... mmap resumed>) = 0x7f7064400000 [pid 5078] <... rmdir resumed>) = 0 [pid 5160] memfd_create("syzkaller", 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5160] <... memfd_create resumed>) = 3 [pid 5078] close(3 [pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5157] <... write resumed>) = 524288 [pid 5078] <... close resumed>) = 0 [pid 5159] <... write resumed>) = 524288 [pid 5157] munmap(0x7f7064400000, 138412032 [pid 5078] rmdir("./10" [pid 5157] <... munmap resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5157] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] mkdir("./11", 0777 [pid 5157] <... openat resumed>) = 4 [pid 5157] ioctl(4, LOOP_SET_FD, 3 [pid 5158] <... write resumed>) = 524288 [pid 5078] <... mkdir resumed>) = 0 [pid 5159] munmap(0x7f7064400000, 138412032 [pid 5160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5159] <... munmap resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5159] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5159] <... openat resumed>) = 4 [ 119.068259][ T5157] loop5: detected capacity change from 0 to 1024 [pid 5158] munmap(0x7f7064400000, 138412032 [pid 5159] ioctl(4, LOOP_SET_FD, 3 [pid 5156] <... write resumed>) = 524288 [pid 5157] <... ioctl resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3 [pid 5158] <... munmap resumed>) = 0 [pid 5159] <... ioctl resumed>) = 0 [pid 5156] munmap(0x7f7064400000, 138412032 [pid 5157] close(3 [pid 5078] <... close resumed>) = 0 [pid 5157] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5157] close(4) = 0 [pid 5157] mkdir("./file1", 0777 [pid 5156] <... munmap resumed>) = 0 [pid 5160] <... write resumed>) = 524288 [pid 5157] <... mkdir resumed>) = 0 [pid 5157] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5156] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5158] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5156] <... openat resumed>) = 4 [pid 5156] ioctl(4, LOOP_SET_FD, 3 [pid 5158] ioctl(4, LOOP_SET_FD, 3 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5161 ./strace-static-x86_64: Process 5161 attached [pid 5160] munmap(0x7f7064400000, 138412032 [pid 5159] close(3 [pid 5156] <... ioctl resumed>) = 0 [pid 5161] set_robust_list(0x555574eaa660, 24) = 0 [pid 5160] <... munmap resumed>) = 0 [pid 5161] chdir("./11") = 0 [pid 5159] <... close resumed>) = 0 [pid 5161] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5160] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5158] <... ioctl resumed>) = 0 [pid 5159] close(4 [pid 5158] close(3 [pid 5159] <... close resumed>) = 0 [pid 5161] <... prctl resumed>) = 0 [pid 5160] <... openat resumed>) = 4 [pid 5158] <... close resumed>) = 0 [pid 5159] mkdir("./file1", 0777 [pid 5157] <... mount resumed>) = 0 [ 119.112162][ T5159] loop4: detected capacity change from 0 to 1024 [ 119.143981][ T5156] loop2: detected capacity change from 0 to 1024 [ 119.150883][ T5158] loop0: detected capacity change from 0 to 1024 [pid 5161] setpgid(0, 0 [pid 5160] ioctl(4, LOOP_SET_FD, 3 [pid 5158] close(4 [pid 5159] <... mkdir resumed>) = 0 [pid 5156] close(3 [pid 5157] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5161] <... setpgid resumed>) = 0 [pid 5158] <... close resumed>) = 0 [pid 5156] <... close resumed>) = 0 [pid 5157] <... openat resumed>) = 3 [pid 5157] chdir("./file1" [pid 5158] mkdir("./file1", 0777 [pid 5156] close(4 [pid 5157] <... chdir resumed>) = 0 [pid 5161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5159] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5156] <... close resumed>) = 0 [pid 5157] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5158] <... mkdir resumed>) = 0 [pid 5161] <... openat resumed>) = 3 [pid 5156] mkdir("./file1", 0777 [pid 5157] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5161] write(3, "1000", 4 [pid 5158] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5161] <... write resumed>) = 4 [pid 5156] <... mkdir resumed>) = 0 [pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5161] close(3 [pid 5156] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5157] <... openat resumed>) = 4 [pid 5161] <... close resumed>) = 0 [pid 5157] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5161] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5161] memfd_create("syzkaller", 0 [pid 5160] <... ioctl resumed>) = 0 [pid 5161] <... memfd_create resumed>) = 3 [pid 5160] close(3 [pid 5159] <... mount resumed>) = 0 [pid 5160] <... close resumed>) = 0 [pid 5159] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5160] close(4 [pid 5159] <... openat resumed>) = 3 [pid 5160] <... close resumed>) = 0 [pid 5159] chdir("./file1" [pid 5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5160] mkdir("./file1", 0777 [pid 5159] <... chdir resumed>) = 0 [pid 5156] <... mount resumed>) = 0 [ 119.194751][ T5160] loop1: detected capacity change from 0 to 1024 [pid 5159] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5160] <... mkdir resumed>) = 0 [pid 5159] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5161] <... mmap resumed>) = 0x7f7064400000 [pid 5156] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5160] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5159] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5156] <... openat resumed>) = 3 [pid 5157] <... ioctl resumed>) = 0 [pid 5159] <... openat resumed>) = 4 [pid 5156] chdir("./file1" [pid 5157] exit_group(0 [pid 5159] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5156] <... chdir resumed>) = 0 [pid 5158] <... mount resumed>) = 0 [pid 5159] <... ioctl resumed>) = 0 [pid 5156] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5157] <... exit_group resumed>) = ? [pid 5161] <... write resumed>) = 524288 [pid 5160] <... mount resumed>) = 0 [pid 5158] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5159] exit_group(0 [pid 5156] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5161] munmap(0x7f7064400000, 138412032 [pid 5160] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5156] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5159] <... exit_group resumed>) = ? [pid 5158] <... openat resumed>) = 3 [pid 5158] chdir("./file1" [pid 5159] +++ exited with 0 +++ [pid 5157] +++ exited with 0 +++ [pid 5156] <... openat resumed>) = 4 [pid 5160] <... openat resumed>) = 3 [pid 5161] <... munmap resumed>) = 0 [pid 5160] chdir("./file1" [pid 5158] <... chdir resumed>) = 0 [pid 5156] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5159, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5161] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5160] <... chdir resumed>) = 0 [pid 5156] <... ioctl resumed>) = 0 [pid 5158] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5161] <... openat resumed>) = 4 [pid 5160] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5158] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5156] exit_group(0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5157, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5161] ioctl(4, LOOP_SET_FD, 3 [pid 5156] <... exit_group resumed>) = ? [pid 5080] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5079] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(3, "", [pid 5080] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5080] newfstatat(3, "", [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5160] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5158] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5160] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5158] <... openat resumed>) = 4 [pid 5080] getdents64(3, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5160] <... openat resumed>) = 4 [pid 5158] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5160] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5158] <... ioctl resumed>) = 0 [pid 5156] +++ exited with 0 +++ [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] unlink("./12/binderfs" [pid 5161] <... ioctl resumed>) = 0 [pid 5160] <... ioctl resumed>) = 0 [pid 5158] exit_group(0 [pid 5080] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5079] <... unlink resumed>) = 0 [pid 5161] close(3 [pid 5160] exit_group(0 [pid 5158] <... exit_group resumed>) = ? [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5080] unlink("./11/binderfs") = 0 [pid 5079] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5160] <... exit_group resumed>) = ? [pid 5080] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] <... close resumed>) = 0 [pid 5160] +++ exited with 0 +++ [pid 5161] close(4 [pid 5158] +++ exited with 0 +++ [ 119.322676][ T5161] loop3: detected capacity change from 0 to 1024 [pid 5161] <... close resumed>) = 0 [pid 5077] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] mkdir("./file1", 0777 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5158, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] <... mkdir resumed>) = 0 [pid 5075] <... restart_syscall resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... restart_syscall resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 3 [pid 5077] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5076] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(3, "", [pid 5079] <... umount2 resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5161] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5075] getdents64(3, [pid 5077] unlink("./12/binderfs") = 0 [pid 5076] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(3, "", [pid 5075] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5080] <... umount2 resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] unlink("./12/binderfs" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5075] <... unlink resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] newfstatat(AT_FDCWD, "./11/file1", [pid 5079] newfstatat(AT_FDCWD, "./12/file1", [pid 5076] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5161] <... mount resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... openat resumed>) = 4 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5077] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] unlink("./11/binderfs" [pid 5079] newfstatat(4, "", [pid 5161] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... openat resumed>) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] <... openat resumed>) = 3 [pid 5077] newfstatat(AT_FDCWD, "./12/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] getdents64(4, [pid 5077] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5161] chdir("./file1" [pid 5080] newfstatat(4, "", [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5161] <... chdir resumed>) = 0 [pid 5161] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 5077] <... openat resumed>) = 4 [pid 5076] <... unlink resumed>) = 0 [pid 5075] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5161] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] getdents64(4, [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] newfstatat(4, "", [pid 5076] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] <... openat resumed>) = 4 [pid 5161] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] close(4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] newfstatat(AT_FDCWD, "./12/file1", [pid 5080] getdents64(4, [pid 5079] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5161] <... ioctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] rmdir("./12/file1" [pid 5075] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] exit_group(0 [pid 5080] close(4 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] getdents64(4, [pid 5075] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... close resumed>) = 0 [pid 5079] getdents64(3, [pid 5075] <... openat resumed>) = 4 [pid 5161] <... exit_group resumed>) = ? [pid 5161] +++ exited with 0 +++ [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5075] newfstatat(4, "", [pid 5079] close(3) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5161, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5077] close(4 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] rmdir("./11/file1" [pid 5079] rmdir("./12" [pid 5078] restart_syscall(<... resuming interrupted clone ...> [pid 5075] getdents64(4, [pid 5078] <... restart_syscall resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... rmdir resumed>) = 0 [pid 5077] rmdir("./12/file1" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... rmdir resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./11/file1", [pid 5075] getdents64(4, [pid 5079] mkdir("./13", 0777 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(3, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(4 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] close(3 [pid 5080] getdents64(3, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] rmdir("./12" [pid 5076] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] newfstatat(3, "", [pid 5077] <... rmdir resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 5075] rmdir("./12/file1" [pid 5080] close(3 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5078] getdents64(3, [pid 5077] mkdir("./13", 0777 [pid 5076] getdents64(4, [pid 5075] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5078] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... mkdir resumed>) = 0 [pid 5076] rmdir("./11/file1" [pid 5080] rmdir("./11" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5075] getdents64(3, [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] unlink("./11/binderfs" [pid 5076] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5075] close(3 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] close(3 [pid 5078] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 [pid 5075] <... close resumed>) = 0 [pid 5080] mkdir("./12", 0777 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] <... close resumed>) = 0 [pid 5075] rmdir("./12" [pid 5076] rmdir("./11" [pid 5075] <... rmdir resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./12", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD) = 0 [pid 5075] mkdir("./13", 0777 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5162 attached [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] <... umount2 resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5078] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] ioctl(3, LOOP_CLR_FD) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 3 [pid 5080] close(3 [pid 5078] newfstatat(AT_FDCWD, "./11/file1", [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... ioctl resumed>) = 0 [pid 5162] set_robust_list(0x555574eaa660, 24 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5162 [pid 5162] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5163 attached [pid 5162] chdir("./12" [pid 5079] close(3 [pid 5075] close(3 [pid 5163] set_robust_list(0x555574eaa660, 24 [pid 5162] <... chdir resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5163 [pid 5079] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... close resumed>) = 0 [pid 5163] <... set_robust_list resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] umount2("./11/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5163] chdir("./12" [pid 5162] setpgid(0, 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... ioctl resumed>) = 0 [pid 5162] <... setpgid resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5165 attached [pid 5163] <... chdir resumed>) = 0 [pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... openat resumed>) = 4 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5165 [pid 5163] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] newfstatat(4, "", [pid 5165] set_robust_list(0x555574eaa660, 24 [pid 5162] <... openat resumed>) = 3 [pid 5165] <... set_robust_list resumed>) = 0 [pid 5162] write(3, "1000", 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5163] <... prctl resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5164 [pid 5078] getdents64(4, ./strace-static-x86_64: Process 5164 attached [pid 5165] chdir("./13" [pid 5163] setpgid(0, 0 [pid 5162] <... write resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5165] <... chdir resumed>) = 0 [pid 5162] close(3 [pid 5165] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5162] <... close resumed>) = 0 [pid 5165] <... prctl resumed>) = 0 [pid 5162] symlink("/dev/binderfs", "./binderfs" [pid 5165] setpgid(0, 0 [pid 5162] <... symlink resumed>) = 0 [pid 5165] <... setpgid resumed>) = 0 [pid 5162] memfd_create("syzkaller", 0 [pid 5164] set_robust_list(0x555574eaa660, 24 [pid 5165] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5163] <... setpgid resumed>) = 0 [pid 5162] <... memfd_create resumed>) = 3 [pid 5078] getdents64(4, [pid 5164] <... set_robust_list resumed>) = 0 [pid 5165] <... openat resumed>) = 3 [pid 5163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5164] chdir("./13" [pid 5165] write(3, "1000", 4 [pid 5163] <... openat resumed>) = 3 [pid 5162] <... mmap resumed>) = 0x7f7064400000 [pid 5078] close(4 [pid 5077] close(3 [pid 5164] <... chdir resumed>) = 0 [pid 5165] <... write resumed>) = 4 [pid 5163] write(3, "1000", 4 [pid 5078] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5165] close(3 [pid 5162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5165] <... close resumed>) = 0 [pid 5163] <... write resumed>) = 4 [pid 5078] rmdir("./11/file1" [pid 5163] close(3 [pid 5165] symlink("/dev/binderfs", "./binderfs" [pid 5164] <... prctl resumed>) = 0 [pid 5165] <... symlink resumed>) = 0 [pid 5163] <... close resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5163] symlink("/dev/binderfs", "./binderfs" [pid 5164] setpgid(0, 0) = 0 [pid 5165] memfd_create("syzkaller", 0 [pid 5163] <... symlink resumed>) = 0 [pid 5078] getdents64(3, [pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5163] memfd_create("syzkaller", 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5166 ./strace-static-x86_64: Process 5166 attached [pid 5164] <... openat resumed>) = 3 [pid 5165] <... memfd_create resumed>) = 3 [pid 5163] <... memfd_create resumed>) = 3 [pid 5162] <... write resumed>) = 524288 [pid 5078] <... close resumed>) = 0 [pid 5166] set_robust_list(0x555574eaa660, 24 [pid 5165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] rmdir("./11" [pid 5165] <... mmap resumed>) = 0x7f7064400000 [pid 5078] <... rmdir resumed>) = 0 [pid 5164] write(3, "1000", 4 [pid 5078] mkdir("./12", 0777 [pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5166] <... set_robust_list resumed>) = 0 [pid 5166] chdir("./13") = 0 [pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... mkdir resumed>) = 0 [pid 5166] <... prctl resumed>) = 0 [pid 5165] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5163] <... mmap resumed>) = 0x7f7064400000 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5166] setpgid(0, 0 [pid 5164] <... write resumed>) = 4 [pid 5162] munmap(0x7f7064400000, 138412032 [pid 5078] <... openat resumed>) = 3 [pid 5164] close(3 [pid 5166] <... setpgid resumed>) = 0 [pid 5164] <... close resumed>) = 0 [pid 5162] <... munmap resumed>) = 0 [pid 5164] symlink("/dev/binderfs", "./binderfs" [pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5164] <... symlink resumed>) = 0 [pid 5162] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5166] <... openat resumed>) = 3 [pid 5162] <... openat resumed>) = 4 [pid 5078] <... ioctl resumed>) = 0 [pid 5166] write(3, "1000", 4 [pid 5164] memfd_create("syzkaller", 0 [pid 5163] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5162] ioctl(4, LOOP_SET_FD, 3 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5166] <... write resumed>) = 4 [pid 5164] <... memfd_create resumed>) = 3 [pid 5162] <... ioctl resumed>) = 0 [pid 5166] close(3 [pid 5165] <... write resumed>) = 524288 [pid 5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5166] <... close resumed>) = 0 [pid 5164] <... mmap resumed>) = 0x7f7064400000 [pid 5166] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5166] memfd_create("syzkaller", 0) = 3 ./strace-static-x86_64: Process 5167 attached [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5167 [pid 5166] <... mmap resumed>) = 0x7f7064400000 [pid 5167] set_robust_list(0x555574eaa660, 24 [pid 5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5164] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5167] <... set_robust_list resumed>) = 0 [pid 5165] munmap(0x7f7064400000, 138412032 [pid 5162] close(3 [pid 5165] <... munmap resumed>) = 0 [pid 5162] <... close resumed>) = 0 [ 119.735099][ T5162] loop1: detected capacity change from 0 to 1024 [pid 5162] close(4 [pid 5167] chdir("./12" [pid 5165] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5162] <... close resumed>) = 0 [pid 5165] <... openat resumed>) = 4 [pid 5162] mkdir("./file1", 0777 [pid 5165] ioctl(4, LOOP_SET_FD, 3 [pid 5162] <... mkdir resumed>) = 0 [pid 5167] <... chdir resumed>) = 0 [pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5163] <... write resumed>) = 524288 [pid 5162] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5167] <... prctl resumed>) = 0 [pid 5163] munmap(0x7f7064400000, 138412032 [pid 5167] setpgid(0, 0 [pid 5163] <... munmap resumed>) = 0 [pid 5167] <... setpgid resumed>) = 0 [pid 5163] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5164] <... write resumed>) = 524288 [pid 5167] <... openat resumed>) = 3 [pid 5163] <... openat resumed>) = 4 [pid 5167] write(3, "1000", 4 [pid 5164] munmap(0x7f7064400000, 138412032 [pid 5163] ioctl(4, LOOP_SET_FD, 3 [pid 5167] <... write resumed>) = 4 [pid 5167] close(3) = 0 [pid 5166] <... write resumed>) = 524288 [pid 5167] symlink("/dev/binderfs", "./binderfs" [pid 5164] <... munmap resumed>) = 0 [pid 5167] <... symlink resumed>) = 0 [pid 5166] munmap(0x7f7064400000, 138412032 [pid 5165] <... ioctl resumed>) = 0 [pid 5166] <... munmap resumed>) = 0 [pid 5162] <... mount resumed>) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5167] memfd_create("syzkaller", 0 [pid 5166] <... openat resumed>) = 4 [ 119.795867][ T5165] loop0: detected capacity change from 0 to 1024 [ 119.824680][ T5163] loop5: detected capacity change from 0 to 1024 [pid 5164] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5166] ioctl(4, LOOP_SET_FD, 3 [pid 5162] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5167] <... memfd_create resumed>) = 3 [pid 5164] <... openat resumed>) = 4 [pid 5163] <... ioctl resumed>) = 0 [pid 5162] <... openat resumed>) = 3 [pid 5167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5164] ioctl(4, LOOP_SET_FD, 3 [pid 5163] close(3 [pid 5167] <... mmap resumed>) = 0x7f7064400000 [pid 5166] <... ioctl resumed>) = 0 [pid 5165] close(3 [pid 5163] <... close resumed>) = 0 [pid 5162] chdir("./file1" [pid 5165] <... close resumed>) = 0 [pid 5163] close(4 [pid 5162] <... chdir resumed>) = 0 [pid 5167] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5166] close(3 [pid 5164] <... ioctl resumed>) = 0 [pid 5165] close(4 [pid 5163] <... close resumed>) = 0 [pid 5162] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5166] <... close resumed>) = 0 [pid 5165] <... close resumed>) = 0 [pid 5163] mkdir("./file1", 0777 [pid 5162] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5165] mkdir("./file1", 0777 [pid 5162] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5165] <... mkdir resumed>) = 0 [pid 5163] <... mkdir resumed>) = 0 [pid 5162] <... openat resumed>) = 4 [pid 5166] close(4 [pid 5164] close(3 [pid 5165] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5163] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5162] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5166] <... close resumed>) = 0 [pid 5164] <... close resumed>) = 0 [pid 5166] mkdir("./file1", 0777 [pid 5164] close(4 [pid 5166] <... mkdir resumed>) = 0 [pid 5164] <... close resumed>) = 0 [pid 5166] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5164] mkdir("./file1", 0777) = 0 [ 119.856809][ T5166] loop2: detected capacity change from 0 to 1024 [ 119.865463][ T5164] loop4: detected capacity change from 0 to 1024 [pid 5164] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5163] <... mount resumed>) = 0 [pid 5163] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5167] <... write resumed>) = 524288 [pid 5166] <... mount resumed>) = 0 [pid 5164] <... mount resumed>) = 0 [pid 5163] <... openat resumed>) = 3 [pid 5167] munmap(0x7f7064400000, 138412032 [pid 5166] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5164] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5163] chdir("./file1" [pid 5167] <... munmap resumed>) = 0 [pid 5164] <... openat resumed>) = 3 [pid 5163] <... chdir resumed>) = 0 [pid 5162] <... ioctl resumed>) = 0 [pid 5164] chdir("./file1" [pid 5163] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5164] <... chdir resumed>) = 0 [pid 5163] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5167] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5164] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5163] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5167] <... openat resumed>) = 4 [pid 5164] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5163] <... openat resumed>) = 4 [pid 5167] ioctl(4, LOOP_SET_FD, 3 [pid 5164] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5163] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5166] <... openat resumed>) = 3 [pid 5164] <... openat resumed>) = 4 [pid 5163] <... ioctl resumed>) = 0 [pid 5162] exit_group(0 [pid 5166] chdir("./file1" [pid 5164] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5163] exit_group(0 [pid 5164] <... ioctl resumed>) = 0 [pid 5163] <... exit_group resumed>) = ? [pid 5166] <... chdir resumed>) = 0 [pid 5164] exit_group(0 [pid 5163] +++ exited with 0 +++ [pid 5162] <... exit_group resumed>) = ? [pid 5164] <... exit_group resumed>) = ? [pid 5166] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5162] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5163, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5166] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5162, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5080] <... restart_syscall resumed>) = 0 [pid 5080] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5164] +++ exited with 0 +++ [pid 5080] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5166] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... openat resumed>) = 3 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5080] newfstatat(3, "", [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5166] <... openat resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5076] <... restart_syscall resumed>) = 0 [pid 5080] getdents64(3, [pid 5079] <... restart_syscall resumed>) = 0 [pid 5166] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [ 119.933040][ T5165] hfsplus: unable to set blocksize to 1024! [ 119.939078][ T5165] hfsplus: unable to find HFS+ superblock [ 119.947595][ T5167] loop3: detected capacity change from 0 to 1024 [pid 5167] <... ioctl resumed>) = 0 [pid 5166] <... ioctl resumed>) = 0 [pid 5165] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5166] exit_group(0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5165] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5166] <... exit_group resumed>) = ? [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5167] close(3 [pid 5165] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5167] <... close resumed>) = 0 [pid 5166] +++ exited with 0 +++ [pid 5165] ioctl(3, LOOP_CLR_FD [pid 5080] unlink("./12/binderfs" [pid 5079] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5165] <... ioctl resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5167] close(4 [pid 5165] close(3 [pid 5080] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] <... openat resumed>) = 3 [pid 5167] <... close resumed>) = 0 [pid 5165] <... close resumed>) = 0 [pid 5079] getdents64(3, [pid 5076] newfstatat(3, "", [pid 5167] mkdir("./file1", 0777 [pid 5165] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5167] <... mkdir resumed>) = 0 [pid 5165] <... openat resumed>) = 3 [pid 5079] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5165] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5165] exit_group(0 [pid 5079] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5165] <... exit_group resumed>) = ? [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5167] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5165] +++ exited with 0 +++ [pid 5079] unlink("./13/binderfs" [pid 5077] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... unlink resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 5076] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5165, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5080] <... umount2 resumed>) = 0 [pid 5079] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./12/binderfs" [pid 5077] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... umount2 resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5075] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(3, [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] newfstatat(AT_FDCWD, "./12/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5075] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5167] <... mount resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./13/file1", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5167] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... openat resumed>) = 4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5167] <... openat resumed>) = 3 [pid 5079] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./13/binderfs" [pid 5076] <... umount2 resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5167] chdir("./file1" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5076] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] unlink("./13/binderfs" [pid 5167] <... chdir resumed>) = 0 [pid 5077] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... unlink resumed>) = 0 [pid 5167] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] getdents64(4, [pid 5079] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./12/file1", [pid 5167] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] newfstatat(4, "", [pid 5167] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] getdents64(4, [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5167] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] getdents64(4, [pid 5167] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] close(4 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5167] <... ioctl resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] getdents64(4, [pid 5075] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5167] exit_group(0 [pid 5080] rmdir("./12/file1" [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5167] <... exit_group resumed>) = ? [pid 5080] <... rmdir resumed>) = 0 [pid 5079] close(4 [pid 5077] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5167] +++ exited with 0 +++ [pid 5079] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(3, [pid 5079] rmdir("./13/file1" [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5167, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./13/file1", [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./13/file1", [pid 5076] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] close(3 [pid 5079] getdents64(3, [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 4 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(4, "", [pid 5075] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... openat resumed>) = 4 [pid 5080] rmdir("./12" [pid 5079] rmdir("./13" [pid 5078] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 4 [pid 5076] getdents64(4, [pid 5075] newfstatat(4, "", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(4, "", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, [pid 5076] getdents64(4, [pid 5078] <... openat resumed>) = 3 [pid 5077] getdents64(4, [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] newfstatat(3, "", [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] close(4 [pid 5075] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] mkdir("./13", 0777 [pid 5078] getdents64(3, [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] close(4 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] mkdir("./14", 0777 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] close(4 [pid 5076] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5076] rmdir("./12/file1" [pid 5075] rmdir("./13/file1" [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] rmdir("./13/file1" [pid 5075] <... rmdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... openat resumed>) = 3 [pid 5078] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5077] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] unlink("./12/binderfs" [pid 5077] getdents64(3, [pid 5076] <... rmdir resumed>) = 0 [pid 5075] close(3 [pid 5080] <... openat resumed>) = 3 [pid 5078] <... unlink resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... close resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] close(3 [pid 5075] rmdir("./13" [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5080] close(3 [pid 5079] close(3 [pid 5078] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] rmdir("./13" [pid 5080] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] mkdir("./14", 0777 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 5077] mkdir("./14", 0777) = 0 [pid 5076] <... close resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5076] rmdir("./12") = 0 [pid 5076] mkdir("./13", 0777 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5168 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5169 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... mkdir resumed>) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5169 attached ./strace-static-x86_64: Process 5168 attached [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5169] set_robust_list(0x555574eaa660, 24 [pid 5077] ioctl(3, LOOP_CLR_FD) = 0 [pid 5077] close(3) = 0 [pid 5075] close(3 [pid 5169] <... set_robust_list resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5169] chdir("./14") = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5169] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5168] set_robust_list(0x555574eaa660, 24 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 3 [pid 5169] <... prctl resumed>) = 0 [pid 5169] setpgid(0, 0) = 0 [pid 5169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5168] <... set_robust_list resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./12/file1", [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5168] chdir("./13") = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5171 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5170 ./strace-static-x86_64: Process 5170 attached [pid 5170] set_robust_list(0x555574eaa660, 24 [pid 5169] <... openat resumed>) = 3 [pid 5168] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] umount2("./12/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5170] <... set_robust_list resumed>) = 0 [pid 5168] <... prctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5171 attached [pid 5170] chdir("./14" [pid 5171] set_robust_list(0x555574eaa660, 24 [pid 5168] setpgid(0, 0 [pid 5078] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5170] <... chdir resumed>) = 0 [pid 5171] <... set_robust_list resumed>) = 0 [pid 5168] <... setpgid resumed>) = 0 [pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5171] chdir("./14" [pid 5168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... openat resumed>) = 4 [pid 5170] <... prctl resumed>) = 0 [pid 5171] <... chdir resumed>) = 0 [pid 5169] write(3, "1000", 4 [pid 5168] <... openat resumed>) = 3 [pid 5078] newfstatat(4, "", [pid 5170] setpgid(0, 0 [pid 5171] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5169] <... write resumed>) = 4 [pid 5168] write(3, "1000", 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5170] <... setpgid resumed>) = 0 [pid 5171] <... prctl resumed>) = 0 [pid 5169] close(3 [pid 5168] <... write resumed>) = 4 [pid 5078] getdents64(4, [pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5171] setpgid(0, 0 [pid 5169] <... close resumed>) = 0 [pid 5168] close(3 [pid 5170] <... openat resumed>) = 3 [pid 5171] <... setpgid resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5171] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5169] symlink("/dev/binderfs", "./binderfs" [pid 5078] getdents64(4, [pid 5171] <... openat resumed>) = 3 [pid 5169] <... symlink resumed>) = 0 [pid 5171] write(3, "1000", 4) = 4 [pid 5169] memfd_create("syzkaller", 0 [pid 5171] close(3) = 0 [pid 5168] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5171] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5171] memfd_create("syzkaller", 0 [pid 5169] <... memfd_create resumed>) = 3 [pid 5168] symlink("/dev/binderfs", "./binderfs" [pid 5078] close(4 [pid 5170] write(3, "1000", 4 [pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5170] <... write resumed>) = 4 [pid 5171] <... memfd_create resumed>) = 3 [pid 5168] <... symlink resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5170] close(3 [pid 5171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5169] <... mmap resumed>) = 0x7f7064400000 [pid 5168] memfd_create("syzkaller", 0 [pid 5078] rmdir("./12/file1" [pid 5170] <... close resumed>) = 0 [pid 5168] <... memfd_create resumed>) = 3 [pid 5171] <... mmap resumed>) = 0x7f7064400000 [pid 5170] symlink("/dev/binderfs", "./binderfs" [pid 5169] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5170] <... symlink resumed>) = 0 [pid 5168] <... mmap resumed>) = 0x7f7064400000 [pid 5078] getdents64(3, [pid 5076] <... ioctl resumed>) = 0 [pid 5171] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5170] memfd_create("syzkaller", 0 [pid 5168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 5078] close(3 [pid 5170] <... memfd_create resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5078] rmdir("./12" [pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... rmdir resumed>) = 0 [pid 5170] <... mmap resumed>) = 0x7f7064400000 [pid 5078] mkdir("./13", 0777 [pid 5169] <... write resumed>) = 524288 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5172 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5172 attached [pid 5172] set_robust_list(0x555574eaa660, 24) = 0 [pid 5170] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5172] chdir("./13") = 0 [pid 5078] <... openat resumed>) = 3 [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5172] setpgid(0, 0) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5171] <... write resumed>) = 524288 [pid 5172] <... openat resumed>) = 3 [pid 5171] munmap(0x7f7064400000, 138412032 [pid 5169] munmap(0x7f7064400000, 138412032 [pid 5078] close(3 [pid 5171] <... munmap resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5172] write(3, "1000", 4 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5172] <... write resumed>) = 4 [pid 5172] close(3) = 0 [pid 5169] <... munmap resumed>) = 0 [pid 5168] <... write resumed>) = 524288 [pid 5168] munmap(0x7f7064400000, 138412032./strace-static-x86_64: Process 5173 attached [pid 5172] symlink("/dev/binderfs", "./binderfs" [pid 5171] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5168] <... munmap resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5173 [pid 5172] <... symlink resumed>) = 0 [pid 5171] <... openat resumed>) = 4 [pid 5173] set_robust_list(0x555574eaa660, 24 [pid 5172] memfd_create("syzkaller", 0 [pid 5171] ioctl(4, LOOP_SET_FD, 3 [pid 5173] <... set_robust_list resumed>) = 0 [pid 5172] <... memfd_create resumed>) = 3 [pid 5168] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5173] chdir("./13" [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5173] <... chdir resumed>) = 0 [pid 5169] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5173] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5169] <... openat resumed>) = 4 [pid 5173] <... prctl resumed>) = 0 [pid 5169] ioctl(4, LOOP_SET_FD, 3 [pid 5173] setpgid(0, 0 [pid 5170] <... write resumed>) = 524288 [pid 5168] <... openat resumed>) = 4 [pid 5173] <... setpgid resumed>) = 0 [pid 5173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5170] munmap(0x7f7064400000, 138412032 [pid 5168] ioctl(4, LOOP_SET_FD, 3 [pid 5173] write(3, "1000", 4) = 4 [pid 5173] close(3) = 0 [pid 5170] <... munmap resumed>) = 0 [pid 5171] <... ioctl resumed>) = 0 [pid 5173] symlink("/dev/binderfs", "./binderfs" [pid 5170] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5171] close(3 [pid 5173] <... symlink resumed>) = 0 [pid 5171] <... close resumed>) = 0 [pid 5173] memfd_create("syzkaller", 0 [pid 5170] <... openat resumed>) = 4 [ 120.370274][ T5171] loop2: detected capacity change from 0 to 1024 [ 120.388778][ T5169] loop4: detected capacity change from 0 to 1024 [ 120.406967][ T5168] loop5: detected capacity change from 0 to 1024 [pid 5171] close(4 [pid 5172] <... write resumed>) = 524288 [pid 5170] ioctl(4, LOOP_SET_FD, 3 [pid 5171] <... close resumed>) = 0 [pid 5173] <... memfd_create resumed>) = 3 [pid 5171] mkdir("./file1", 0777 [pid 5173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5171] <... mkdir resumed>) = 0 [pid 5169] <... ioctl resumed>) = 0 [pid 5173] <... mmap resumed>) = 0x7f7064400000 [pid 5169] close(3) = 0 [pid 5169] close(4 [pid 5170] <... ioctl resumed>) = 0 [pid 5171] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5169] <... close resumed>) = 0 [pid 5168] <... ioctl resumed>) = 0 [pid 5170] close(3 [pid 5169] mkdir("./file1", 0777 [pid 5168] close(3 [pid 5170] <... close resumed>) = 0 [pid 5169] <... mkdir resumed>) = 0 [pid 5173] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5170] close(4 [pid 5169] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5168] <... close resumed>) = 0 [pid 5170] <... close resumed>) = 0 [pid 5168] close(4 [pid 5170] mkdir("./file1", 0777 [pid 5168] <... close resumed>) = 0 [pid 5168] mkdir("./file1", 0777 [pid 5170] <... mkdir resumed>) = 0 [pid 5168] <... mkdir resumed>) = 0 [ 120.435926][ T5170] loop0: detected capacity change from 0 to 1024 [pid 5173] <... write resumed>) = 524288 [pid 5172] munmap(0x7f7064400000, 138412032 [pid 5170] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5168] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5171] <... mount resumed>) = 0 [pid 5172] <... munmap resumed>) = 0 [pid 5171] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5172] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5171] chdir("./file1" [pid 5172] <... openat resumed>) = 4 [pid 5171] <... chdir resumed>) = 0 [pid 5171] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5172] ioctl(4, LOOP_SET_FD, 3 [pid 5171] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5169] <... mount resumed>) = 0 [pid 5168] <... mount resumed>) = 0 [pid 5171] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5168] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5173] munmap(0x7f7064400000, 138412032 [pid 5168] <... openat resumed>) = 3 [pid 5173] <... munmap resumed>) = 0 [pid 5169] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5168] chdir("./file1" [pid 5169] <... openat resumed>) = 3 [pid 5173] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5173] ioctl(4, LOOP_SET_FD, 3 [pid 5169] chdir("./file1" [pid 5168] <... chdir resumed>) = 0 [pid 5168] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5172] <... ioctl resumed>) = 0 [pid 5169] <... chdir resumed>) = 0 [pid 5168] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5172] close(3 [pid 5169] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5172] <... close resumed>) = 0 [pid 5169] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5168] <... openat resumed>) = 4 [pid 5172] close(4 [pid 5168] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5172] <... close resumed>) = 0 [pid 5172] mkdir("./file1", 0777) = 0 [pid 5169] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5172] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5169] <... openat resumed>) = 4 [pid 5171] <... ioctl resumed>) = 0 [pid 5173] <... ioctl resumed>) = 0 [pid 5171] exit_group(0 [pid 5168] <... ioctl resumed>) = 0 [pid 5171] <... exit_group resumed>) = ? [pid 5169] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5168] exit_group(0 [pid 5173] close(3 [pid 5170] <... mount resumed>) = 0 [pid 5168] <... exit_group resumed>) = ? [pid 5173] <... close resumed>) = 0 [pid 5170] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5169] <... ioctl resumed>) = 0 [pid 5173] close(4 [pid 5170] <... openat resumed>) = 3 [pid 5171] +++ exited with 0 +++ [pid 5173] <... close resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5171, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5173] mkdir("./file1", 0777 [ 120.535070][ T5172] loop1: detected capacity change from 0 to 1024 [ 120.560279][ T5173] loop3: detected capacity change from 0 to 1024 [pid 5169] exit_group(0 [pid 5173] <... mkdir resumed>) = 0 [pid 5170] chdir("./file1" [pid 5169] <... exit_group resumed>) = ? [pid 5173] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5172] <... mount resumed>) = 0 [pid 5077] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5172] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5170] <... chdir resumed>) = 0 [pid 5169] +++ exited with 0 +++ [pid 5168] +++ exited with 0 +++ [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] <... openat resumed>) = 3 [pid 5170] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5168, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5169, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5077] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5172] chdir("./file1" [pid 5077] <... openat resumed>) = 3 [pid 5173] <... mount resumed>) = 0 [pid 5172] <... chdir resumed>) = 0 [pid 5170] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] newfstatat(3, "", [pid 5173] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5172] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5170] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5173] <... openat resumed>) = 3 [pid 5172] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5173] chdir("./file1" [pid 5172] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] getdents64(3, [pid 5172] <... openat resumed>) = 4 [pid 5080] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5172] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... openat resumed>) = 3 [pid 5172] <... ioctl resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 5172] exit_group(0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5173] <... chdir resumed>) = 0 [pid 5172] <... exit_group resumed>) = ? [pid 5079] newfstatat(3, "", [pid 5173] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5170] <... openat resumed>) = 4 [pid 5080] getdents64(3, [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] getdents64(3, [pid 5077] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] unlink("./14/binderfs" [pid 5173] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... unlink resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5170] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5173] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5172] +++ exited with 0 +++ [pid 5170] <... ioctl resumed>) = 0 [pid 5080] unlink("./13/binderfs" [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5173] <... openat resumed>) = 4 [pid 5080] <... unlink resumed>) = 0 [pid 5079] unlink("./14/binderfs" [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5173] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... unlink resumed>) = 0 [pid 5173] <... ioctl resumed>) = 0 [pid 5170] exit_group(0 [pid 5079] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5173] exit_group(0 [pid 5170] <... exit_group resumed>) = ? [pid 5173] <... exit_group resumed>) = ? [pid 5173] +++ exited with 0 +++ [pid 5170] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5170, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5077] <... umount2 resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5173, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5075] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = 0 [pid 5078] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] newfstatat(3, "", [pid 5076] <... openat resumed>) = 3 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] newfstatat(3, "", [pid 5075] getdents64(3, [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] newfstatat(AT_FDCWD, "./13/file1", [pid 5078] newfstatat(3, "", [pid 5077] newfstatat(AT_FDCWD, "./14/file1", [pid 5076] getdents64(3, [pid 5075] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] getdents64(3, [pid 5080] <... openat resumed>) = 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5075] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5080] getdents64(4, [pid 5077] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] newfstatat(AT_FDCWD, "./14/file1", [pid 5078] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 4 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] getdents64(4, [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(4, "", [pid 5076] unlink("./13/binderfs" [pid 5075] unlink("./14/binderfs" [pid 5078] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5076] <... unlink resumed>) = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5079] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] unlink("./13/binderfs" [pid 5080] close(4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] getdents64(4, [pid 5079] <... openat resumed>) = 4 [pid 5080] rmdir("./13/file1" [pid 5078] <... unlink resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./13") = 0 [pid 5078] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 5075] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] getdents64(4, [pid 5076] newfstatat(AT_FDCWD, "./13/file1", [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] getdents64(4, [pid 5076] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] mkdir("./14", 0777 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... mkdir resumed>) = 0 [pid 5079] close(4 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... openat resumed>) = 4 [pid 5075] <... umount2 resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 5079] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(AT_FDCWD, "./13/file1", [pid 5076] getdents64(4, [pid 5077] getdents64(4, [pid 5079] rmdir("./14/file1" [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] getdents64(4, [pid 5078] umount2("./13/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] close(4 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(4 [pid 5078] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] getdents64(3, [pid 5078] <... openat resumed>) = 4 [pid 5077] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5075] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] newfstatat(4, "", [pid 5076] rmdir("./13/file1" [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] rmdir("./14/file1" [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] newfstatat(AT_FDCWD, "./14/file1", [pid 5078] getdents64(4, [pid 5076] getdents64(3, [pid 5080] <... openat resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(3, [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] close(3 [pid 5079] rmdir("./14" [pid 5078] getdents64(4, [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... close resumed>) = 0 [pid 5075] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... rmdir resumed>) = 0 [pid 5077] close(3 [pid 5076] rmdir("./13" [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] mkdir("./15", 0777 [pid 5077] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... mkdir resumed>) = 0 [pid 5077] rmdir("./14" [pid 5076] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] mkdir("./14", 0777 [pid 5075] <... openat resumed>) = 4 [pid 5078] close(4 [pid 5075] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5075] getdents64(4, [pid 5079] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5077] mkdir("./15", 0777 [pid 5076] <... mkdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] rmdir("./13/file1" [pid 5077] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] close(4) = 0 [pid 5075] rmdir("./14/file1" [pid 5076] <... openat resumed>) = 3 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5075] <... rmdir resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5075] close(3) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5075] rmdir("./14") = 0 [pid 5075] mkdir("./15", 0777) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] close(3 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5078] <... close resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5174 [pid 5079] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5174 attached [pid 5078] rmdir("./13" [pid 5077] <... ioctl resumed>) = 0 [pid 5174] set_robust_list(0x555574eaa660, 24) = 0 [pid 5079] close(3 [pid 5174] chdir("./14" [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5174] <... chdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] mkdir("./14", 0777 [pid 5076] <... ioctl resumed>) = 0 [pid 5174] <... prctl resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5175 [pid 5174] setpgid(0, 0) = 0 [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] <... mkdir resumed>) = 0 [pid 5174] write(3, "1000", 4) = 4 [pid 5174] close(3./strace-static-x86_64: Process 5175 attached ) = 0 [pid 5077] close(3 [pid 5175] set_robust_list(0x555574eaa660, 24 [pid 5174] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... close resumed>) = 0 [pid 5175] <... set_robust_list resumed>) = 0 [pid 5174] <... symlink resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5175] chdir("./15") = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5175] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5175] setpgid(0, 0) = 0 [pid 5175] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5174] memfd_create("syzkaller", 0 [pid 5078] <... openat resumed>) = 3 [pid 5075] <... ioctl resumed>) = 0 [pid 5174] <... memfd_create resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5175] write(3, "1000", 4 [pid 5078] close(3 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5176 [pid 5174] <... mmap resumed>) = 0x7f7064400000 [pid 5174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] <... close resumed>) = 0 [pid 5076] close(3 [pid 5175] <... write resumed>) = 4 ./strace-static-x86_64: Process 5176 attached [pid 5175] close(3 [pid 5176] set_robust_list(0x555574eaa660, 24 [pid 5175] <... close resumed>) = 0 [pid 5176] <... set_robust_list resumed>) = 0 [pid 5175] symlink("/dev/binderfs", "./binderfs" [pid 5176] chdir("./15" [pid 5175] <... symlink resumed>) = 0 [pid 5075] close(3 [pid 5176] <... chdir resumed>) = 0 [pid 5175] memfd_create("syzkaller", 0 [pid 5075] <... close resumed>) = 0 [pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... close resumed>) = 0 [pid 5176] <... prctl resumed>) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5176] setpgid(0, 0) = 0 [pid 5175] <... memfd_create resumed>) = 3 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 ./strace-static-x86_64: Process 5177 attached [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5177 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5179 [pid 5177] set_robust_list(0x555574eaa660, 24 [pid 5176] <... openat resumed>) = 3 [pid 5174] <... write resumed>) = 524288 ./strace-static-x86_64: Process 5179 attached ./strace-static-x86_64: Process 5178 attached [pid 5179] set_robust_list(0x555574eaa660, 24 [pid 5177] <... set_robust_list resumed>) = 0 [pid 5176] write(3, "1000", 4 [pid 5175] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5178 [pid 5178] set_robust_list(0x555574eaa660, 24 [pid 5177] chdir("./14" [pid 5176] <... write resumed>) = 4 [pid 5179] <... set_robust_list resumed>) = 0 [pid 5178] <... set_robust_list resumed>) = 0 [pid 5176] close(3 [pid 5178] chdir("./15" [pid 5176] <... close resumed>) = 0 [pid 5178] <... chdir resumed>) = 0 [pid 5179] chdir("./14" [pid 5177] <... chdir resumed>) = 0 [pid 5176] symlink("/dev/binderfs", "./binderfs" [pid 5177] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5179] <... chdir resumed>) = 0 [pid 5177] <... prctl resumed>) = 0 [pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5179] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5177] setpgid(0, 0 [pid 5176] <... symlink resumed>) = 0 [pid 5179] <... prctl resumed>) = 0 [pid 5177] <... setpgid resumed>) = 0 [pid 5177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5178] <... prctl resumed>) = 0 [pid 5179] setpgid(0, 0 [pid 5176] memfd_create("syzkaller", 0 [pid 5179] <... setpgid resumed>) = 0 [pid 5177] <... openat resumed>) = 3 [pid 5178] setpgid(0, 0 [pid 5176] <... memfd_create resumed>) = 3 [pid 5179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5177] write(3, "1000", 4) = 4 [pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5179] <... openat resumed>) = 3 [pid 5177] close(3 [pid 5176] <... mmap resumed>) = 0x7f7064400000 [pid 5178] <... setpgid resumed>) = 0 [pid 5179] write(3, "1000", 4 [pid 5177] <... close resumed>) = 0 [pid 5176] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5174] munmap(0x7f7064400000, 138412032 [pid 5179] <... write resumed>) = 4 [pid 5177] symlink("/dev/binderfs", "./binderfs" [pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5179] close(3 [pid 5177] <... symlink resumed>) = 0 [pid 5178] <... openat resumed>) = 3 [pid 5179] <... close resumed>) = 0 [pid 5177] memfd_create("syzkaller", 0 [pid 5178] write(3, "1000", 4 [pid 5179] symlink("/dev/binderfs", "./binderfs" [pid 5178] <... write resumed>) = 4 [pid 5177] <... memfd_create resumed>) = 3 [pid 5178] close(3 [pid 5179] <... symlink resumed>) = 0 [pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5175] <... write resumed>) = 524288 [pid 5174] <... munmap resumed>) = 0 [pid 5178] <... close resumed>) = 0 [pid 5177] <... mmap resumed>) = 0x7f7064400000 [pid 5178] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5178] memfd_create("syzkaller", 0 [pid 5179] memfd_create("syzkaller", 0 [pid 5176] <... write resumed>) = 524288 [pid 5175] munmap(0x7f7064400000, 138412032 [pid 5174] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5178] <... memfd_create resumed>) = 3 [pid 5175] <... munmap resumed>) = 0 [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5174] <... openat resumed>) = 4 [pid 5178] <... mmap resumed>) = 0x7f7064400000 [pid 5179] <... memfd_create resumed>) = 3 [pid 5174] ioctl(4, LOOP_SET_FD, 3 [pid 5178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5175] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5175] ioctl(4, LOOP_SET_FD, 3 [pid 5178] <... write resumed>) = 524288 [pid 5179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5179] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5176] munmap(0x7f7064400000, 138412032) = 0 [pid 5176] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5176] ioctl(4, LOOP_SET_FD, 3 [pid 5175] <... ioctl resumed>) = 0 [pid 5177] <... write resumed>) = 524288 [pid 5175] close(3) = 0 [pid 5175] close(4) = 0 [pid 5179] <... write resumed>) = 524288 [pid 5175] mkdir("./file1", 0777) = 0 [pid 5178] munmap(0x7f7064400000, 138412032) = 0 [pid 5177] munmap(0x7f7064400000, 138412032) = 0 [pid 5178] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5176] <... ioctl resumed>) = 0 [ 121.063097][ T5175] loop4: detected capacity change from 0 to 1024 [ 121.064354][ T5174] loop5: detected capacity change from 0 to 1024 [ 121.098512][ T5176] loop2: detected capacity change from 0 to 1024 [pid 5178] <... openat resumed>) = 4 [pid 5176] close(3 [pid 5175] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5174] <... ioctl resumed>) = 0 [pid 5174] close(3 [pid 5177] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5178] ioctl(4, LOOP_SET_FD, 3 [pid 5177] <... openat resumed>) = 4 [pid 5176] <... close resumed>) = 0 [pid 5174] <... close resumed>) = 0 [pid 5177] ioctl(4, LOOP_SET_FD, 3 [pid 5176] close(4 [pid 5174] close(4 [pid 5176] <... close resumed>) = 0 [pid 5176] mkdir("./file1", 0777 [pid 5174] <... close resumed>) = 0 [pid 5179] munmap(0x7f7064400000, 138412032 [pid 5176] <... mkdir resumed>) = 0 [pid 5179] <... munmap resumed>) = 0 [pid 5179] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5174] mkdir("./file1", 0777 [pid 5176] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5174] <... mkdir resumed>) = 0 [ 121.147759][ T5178] loop0: detected capacity change from 0 to 1024 [ 121.159709][ T5177] loop3: detected capacity change from 0 to 1024 [pid 5179] <... openat resumed>) = 4 [pid 5176] <... mount resumed>) = 0 [pid 5175] <... mount resumed>) = 0 [pid 5174] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5179] ioctl(4, LOOP_SET_FD, 3 [pid 5175] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5177] <... ioctl resumed>) = 0 [pid 5175] <... openat resumed>) = 3 [pid 5176] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5175] chdir("./file1" [pid 5177] close(3 [pid 5176] <... openat resumed>) = 3 [pid 5175] <... chdir resumed>) = 0 [pid 5176] chdir("./file1" [pid 5175] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5176] <... chdir resumed>) = 0 [pid 5175] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5178] <... ioctl resumed>) = 0 [pid 5177] <... close resumed>) = 0 [pid 5176] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5175] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5178] close(3 [pid 5177] close(4 [pid 5176] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5175] <... openat resumed>) = 4 [pid 5178] <... close resumed>) = 0 [pid 5177] <... close resumed>) = 0 [pid 5176] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5178] close(4 [pid 5177] mkdir("./file1", 0777 [pid 5176] <... openat resumed>) = 4 [pid 5175] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5178] <... close resumed>) = 0 [pid 5176] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5178] mkdir("./file1", 0777) = 0 [pid 5177] <... mkdir resumed>) = 0 [pid 5178] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5179] <... ioctl resumed>) = 0 [pid 5179] close(3) = 0 [pid 5179] close(4) = 0 [pid 5179] mkdir("./file1", 0777) = 0 [pid 5179] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5174] <... mount resumed>) = 0 [pid 5174] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5177] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5176] <... ioctl resumed>) = 0 [pid 5175] <... ioctl resumed>) = 0 [pid 5176] exit_group(0 [pid 5175] exit_group(0 [pid 5176] <... exit_group resumed>) = ? [ 121.189524][ T5179] loop1: detected capacity change from 0 to 1024 [pid 5175] <... exit_group resumed>) = ? [pid 5176] +++ exited with 0 +++ [pid 5174] chdir("./file1" [pid 5179] <... mount resumed>) = 0 [pid 5175] +++ exited with 0 +++ [pid 5174] <... chdir resumed>) = 0 [pid 5179] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5174] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5179] <... openat resumed>) = 3 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5175, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5179] chdir("./file1" [pid 5174] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5179] <... chdir resumed>) = 0 [pid 5079] <... restart_syscall resumed>) = 0 [pid 5179] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5077] <... restart_syscall resumed>) = 0 [pid 5179] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5179] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5079] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5179] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5174] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5179] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5179] exit_group(0 [pid 5174] <... openat resumed>) = 4 [pid 5079] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5179] <... exit_group resumed>) = ? [pid 5174] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5179] +++ exited with 0 +++ [pid 5177] <... mount resumed>) = 0 [pid 5174] <... ioctl resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5177] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5174] exit_group(0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5179, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5174] <... exit_group resumed>) = ? [pid 5077] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] getdents64(3, [pid 5077] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] newfstatat(3, "", [pid 5076] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5077] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] unlink("./15/binderfs" [pid 5077] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5174] +++ exited with 0 +++ [pid 5079] <... unlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5079] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] unlink("./15/binderfs") = 0 [pid 5076] <... openat resumed>) = 3 [pid 5177] <... openat resumed>) = 3 [pid 5077] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] newfstatat(3, "", [pid 5177] chdir("./file1" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5177] <... chdir resumed>) = 0 [pid 5178] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5177] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5177] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5178] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5178] <... openat resumed>) = 3 [pid 5177] <... openat resumed>) = 4 [ 121.258483][ T5178] hfsplus: unable to set blocksize to 1024! [ 121.288122][ T5178] hfsplus: unable to find HFS+ superblock [pid 5080] newfstatat(3, "", [pid 5076] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] ioctl(3, LOOP_CLR_FD [pid 5177] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5178] <... ioctl resumed>) = 0 [pid 5080] getdents64(3, [pid 5178] close(3 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5178] <... close resumed>) = 0 [pid 5080] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] <... openat resumed>) = 3 [pid 5080] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5178] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] <... ioctl resumed>) = 0 [pid 5177] <... ioctl resumed>) = 0 [pid 5080] unlink("./14/binderfs" [pid 5076] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5178] exit_group(0 [pid 5177] exit_group(0 [pid 5080] <... unlink resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5178] <... exit_group resumed>) = ? [pid 5177] <... exit_group resumed>) = ? [pid 5080] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] unlink("./14/binderfs" [pid 5177] +++ exited with 0 +++ [pid 5077] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... unlink resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5177, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] newfstatat(AT_FDCWD, "./15/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(3, "", [pid 5077] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5078] getdents64(3, [pid 5077] newfstatat(4, "", [pid 5178] +++ exited with 0 +++ [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] newfstatat(AT_FDCWD, "./15/file1", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(4, [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5178, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5078] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5078] unlink("./14/binderfs" [pid 5079] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] getdents64(4, [pid 5075] <... restart_syscall resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... unlink resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] close(4 [pid 5079] <... openat resumed>) = 4 [pid 5077] <... close resumed>) = 0 [pid 5075] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] newfstatat(4, "", [pid 5077] rmdir("./15/file1" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] getdents64(4, [pid 5075] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... openat resumed>) = 3 [pid 5080] newfstatat(AT_FDCWD, "./14/file1", [pid 5077] getdents64(3, [pid 5075] newfstatat(3, "", [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] getdents64(4, [pid 5080] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] close(4 [pid 5077] close(3 [pid 5079] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5079] rmdir("./15/file1" [pid 5077] rmdir("./15" [pid 5080] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... rmdir resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(3, [pid 5077] mkdir("./16", 0777 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... close resumed>) = 0 [pid 5075] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] rmdir("./15" [pid 5077] <... mkdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(4, [pid 5079] <... rmdir resumed>) = 0 [pid 5075] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] rmdir("./14/file1") = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] unlink("./15/binderfs" [pid 5079] mkdir("./16", 0777 [pid 5077] <... openat resumed>) = 3 [pid 5075] <... unlink resumed>) = 0 [pid 5080] getdents64(3, [pid 5075] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5080] close(3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] <... umount2 resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... close resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5076] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(AT_FDCWD, "./15/file1", [pid 5080] rmdir("./14" [pid 5077] close(3 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] newfstatat(AT_FDCWD, "./14/file1", [pid 5075] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] mkdir("./15", 0777 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... mkdir resumed>) = 0 [pid 5076] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... openat resumed>) = 4 [pid 5078] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 4 [pid 5075] newfstatat(4, "", ./strace-static-x86_64: Process 5180 attached [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5180] set_robust_list(0x555574eaa660, 24 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] newfstatat(AT_FDCWD, "./14/file1", [pid 5076] newfstatat(4, "", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(4, [pid 5180] <... set_robust_list resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5078] umount2("./14/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5180 [pid 5076] getdents64(4, [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5180] chdir("./16" [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] getdents64(4, [pid 5180] <... chdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... openat resumed>) = 4 [pid 5076] getdents64(4, [pid 5075] close(4 [pid 5180] <... prctl resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5180] setpgid(0, 0 [pid 5078] newfstatat(4, "", [pid 5076] close(4 [pid 5075] <... close resumed>) = 0 [pid 5180] <... setpgid resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... close resumed>) = 0 [pid 5075] rmdir("./15/file1" [pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] rmdir("./14/file1" [pid 5078] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, [pid 5075] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5180] <... openat resumed>) = 3 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, [pid 5078] close(4 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5180] write(3, "1000", 4 [pid 5075] close(3 [pid 5180] <... write resumed>) = 4 [pid 5180] close(3 [pid 5078] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5180] <... close resumed>) = 0 [pid 5078] rmdir("./14/file1" [pid 5075] rmdir("./15" [pid 5180] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5075] <... rmdir resumed>) = 0 [pid 5180] <... symlink resumed>) = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5180] memfd_create("syzkaller", 0 [pid 5075] mkdir("./16", 0777 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5180] <... memfd_create resumed>) = 3 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] close(3 [pid 5076] close(3 [pid 5075] <... mkdir resumed>) = 0 [pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5078] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] rmdir("./14") = 0 [pid 5075] <... openat resumed>) = 3 [pid 5076] rmdir("./14") = 0 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5076] mkdir("./15", 0777 [pid 5078] mkdir("./15", 0777) = 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] <... mkdir resumed>) = 0 [pid 5075] close(3 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] <... close resumed>) = 0 [pid 5180] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5076] <... openat resumed>) = 3 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5181 attached ) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5181] set_robust_list(0x555574eaa660, 24 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5181 [pid 5181] <... set_robust_list resumed>) = 0 [pid 5181] chdir("./16" [pid 5180] <... write resumed>) = 524288 [pid 5181] <... chdir resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5181] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5182 [pid 5181] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5182 attached [pid 5182] set_robust_list(0x555574eaa660, 24 [pid 5181] setpgid(0, 0) = 0 [pid 5180] munmap(0x7f7064400000, 138412032 [pid 5181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5183 attached [pid 5182] <... set_robust_list resumed>) = 0 [pid 5180] <... munmap resumed>) = 0 [ 121.498239][ T5087] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5183] set_robust_list(0x555574eaa660, 24 [pid 5182] chdir("./16" [pid 5181] <... openat resumed>) = 3 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5183 [pid 5183] <... set_robust_list resumed>) = 0 [pid 5181] write(3, "1000", 4 [pid 5183] chdir("./15" [pid 5182] <... chdir resumed>) = 0 [pid 5181] <... write resumed>) = 4 [pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5181] close(3 [pid 5183] <... chdir resumed>) = 0 [pid 5182] <... prctl resumed>) = 0 [pid 5181] <... close resumed>) = 0 [pid 5180] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5183] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5182] setpgid(0, 0 [pid 5181] symlink("/dev/binderfs", "./binderfs" [pid 5183] <... prctl resumed>) = 0 [pid 5182] <... setpgid resumed>) = 0 [pid 5181] <... symlink resumed>) = 0 [pid 5180] <... openat resumed>) = 4 [pid 5183] setpgid(0, 0) = 0 [pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5180] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... ioctl resumed>) = 0 [pid 5183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5181] memfd_create("syzkaller", 0 [pid 5180] <... ioctl resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5181] <... memfd_create resumed>) = 3 [pid 5183] <... openat resumed>) = 3 [pid 5183] write(3, "1000", 4 [pid 5182] <... openat resumed>) = 3 [pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5180] close(3 [pid 5183] <... write resumed>) = 4 [pid 5182] write(3, "1000", 4 [pid 5180] <... close resumed>) = 0 [pid 5183] close(3 [pid 5182] <... write resumed>) = 4 [pid 5180] close(4 [pid 5183] <... close resumed>) = 0 [pid 5182] close(3 [pid 5180] <... close resumed>) = 0 [pid 5183] symlink("/dev/binderfs", "./binderfs" [pid 5182] <... close resumed>) = 0 [pid 5180] mkdir("./file1", 0777 [pid 5183] <... symlink resumed>) = 0 [pid 5182] symlink("/dev/binderfs", "./binderfs" [pid 5181] <... mmap resumed>) = 0x7f7064400000 [pid 5180] <... mkdir resumed>) = 0 [pid 5180] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5182] <... symlink resumed>) = 0 [pid 5181] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5183] memfd_create("syzkaller", 0 [pid 5078] close(3 [pid 5182] memfd_create("syzkaller", 0 [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5184 attached [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5184 [ 121.582808][ T5180] loop2: detected capacity change from 0 to 1024 [pid 5184] set_robust_list(0x555574eaa660, 24) = 0 [pid 5184] chdir("./15" [pid 5183] <... memfd_create resumed>) = 3 [pid 5182] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 5185 attached [pid 5184] <... chdir resumed>) = 0 [pid 5183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5180] <... mount resumed>) = 0 [pid 5185] set_robust_list(0x555574eaa660, 24 [pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5183] <... mmap resumed>) = 0x7f7064400000 [pid 5182] <... mmap resumed>) = 0x7f7064400000 [pid 5181] <... write resumed>) = 524288 [pid 5180] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5185 [pid 5185] <... set_robust_list resumed>) = 0 [pid 5185] chdir("./15" [pid 5184] <... prctl resumed>) = 0 [pid 5180] <... openat resumed>) = 3 [pid 5185] <... chdir resumed>) = 0 [pid 5184] setpgid(0, 0 [pid 5180] chdir("./file1" [pid 5185] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5184] <... setpgid resumed>) = 0 [pid 5185] <... prctl resumed>) = 0 [pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5180] <... chdir resumed>) = 0 [pid 5185] setpgid(0, 0 [pid 5180] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5185] <... setpgid resumed>) = 0 [pid 5184] <... openat resumed>) = 3 [pid 5180] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5184] write(3, "1000", 4) = 4 [pid 5184] close(3) = 0 [pid 5184] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5184] memfd_create("syzkaller", 0) = 3 [pid 5184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5181] munmap(0x7f7064400000, 138412032 [pid 5185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5183] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5181] <... munmap resumed>) = 0 [pid 5180] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5180] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5182] <... write resumed>) = 524288 [pid 5180] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5185] <... openat resumed>) = 3 [pid 5183] <... write resumed>) = 524288 [pid 5182] munmap(0x7f7064400000, 138412032 [pid 5181] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5180] exit_group(0 [pid 5185] write(3, "1000", 4 [pid 5180] <... exit_group resumed>) = ? [pid 5185] <... write resumed>) = 4 [pid 5185] close(3 [pid 5184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5181] <... openat resumed>) = 4 [pid 5185] <... close resumed>) = 0 [pid 5185] symlink("/dev/binderfs", "./binderfs" [pid 5182] <... munmap resumed>) = 0 [pid 5181] ioctl(4, LOOP_SET_FD, 3 [pid 5180] +++ exited with 0 +++ [pid 5185] <... symlink resumed>) = 0 [pid 5183] munmap(0x7f7064400000, 138412032 [pid 5182] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5180, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5185] memfd_create("syzkaller", 0 [pid 5184] <... write resumed>) = 524288 [pid 5183] <... munmap resumed>) = 0 [pid 5182] <... openat resumed>) = 4 [pid 5181] <... ioctl resumed>) = 0 [pid 5185] <... memfd_create resumed>) = 3 [pid 5182] ioctl(4, LOOP_SET_FD, 3 [pid 5184] munmap(0x7f7064400000, 138412032 [pid 5077] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5184] <... munmap resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5185] <... mmap resumed>) = 0x7f7064400000 [pid 5183] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5181] close(3 [pid 5183] <... openat resumed>) = 4 [pid 5181] <... close resumed>) = 0 [pid 5183] ioctl(4, LOOP_SET_FD, 3 [pid 5181] close(4 [pid 5183] <... ioctl resumed>) = 0 [pid 5181] <... close resumed>) = 0 [pid 5183] close(3 [pid 5181] mkdir("./file1", 0777 [pid 5183] <... close resumed>) = 0 [pid 5181] <... mkdir resumed>) = 0 [pid 5183] close(4 [pid 5181] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5184] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5183] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5184] <... openat resumed>) = 4 [pid 5183] mkdir("./file1", 0777 [pid 5182] <... ioctl resumed>) = 0 [pid 5181] <... mount resumed>) = 0 [ 121.734208][ T5181] loop0: detected capacity change from 0 to 1024 [ 121.758310][ T5182] loop4: detected capacity change from 0 to 1024 [ 121.764821][ T5183] loop5: detected capacity change from 0 to 1024 [pid 5077] <... openat resumed>) = 3 [pid 5184] ioctl(4, LOOP_SET_FD, 3 [pid 5183] <... mkdir resumed>) = 0 [pid 5182] close(3 [pid 5181] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] newfstatat(3, "", [pid 5182] <... close resumed>) = 0 [pid 5183] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5182] close(4 [pid 5181] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5182] <... close resumed>) = 0 [pid 5077] getdents64(3, [pid 5185] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5182] mkdir("./file1", 0777 [pid 5181] chdir("./file1" [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5182] <... mkdir resumed>) = 0 [pid 5181] <... chdir resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5181] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5181] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [ 121.780524][ T5184] loop1: detected capacity change from 0 to 1024 [pid 5077] unlink("./16/binderfs" [pid 5182] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5181] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5185] <... write resumed>) = 524288 [pid 5184] <... ioctl resumed>) = 0 [pid 5183] <... mount resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5184] close(3 [pid 5183] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5184] <... close resumed>) = 0 [pid 5183] <... openat resumed>) = 3 [pid 5077] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5185] munmap(0x7f7064400000, 138412032 [pid 5184] close(4 [pid 5183] chdir("./file1" [pid 5185] <... munmap resumed>) = 0 [pid 5184] <... close resumed>) = 0 [pid 5183] <... chdir resumed>) = 0 [pid 5184] mkdir("./file1", 0777 [pid 5183] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5184] <... mkdir resumed>) = 0 [pid 5183] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5183] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] <... umount2 resumed>) = 0 [pid 5185] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5184] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5183] <... openat resumed>) = 4 [pid 5185] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5183] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./16/file1", [pid 5183] <... ioctl resumed>) = 0 [pid 5182] <... mount resumed>) = 0 [pid 5181] <... ioctl resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5182] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5181] exit_group(0 [pid 5077] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5183] exit_group(0 [pid 5182] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5182] chdir("./file1" [pid 5077] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5183] <... exit_group resumed>) = ? [pid 5183] +++ exited with 0 +++ [pid 5182] <... chdir resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5181] <... exit_group resumed>) = ? [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5183, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5080] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, [pid 5181] +++ exited with 0 +++ [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5185] close(3 [pid 5182] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] newfstatat(4, "", [pid 5185] <... close resumed>) = 0 [pid 5184] <... mount resumed>) = 0 [pid 5182] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5185] close(4 [pid 5184] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5182] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5185] <... close resumed>) = 0 [pid 5184] <... openat resumed>) = 3 [pid 5182] <... openat resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] getdents64(4, [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5181, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5185] mkdir("./file1", 0777 [pid 5184] chdir("./file1" [pid 5182] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] unlink("./15/binderfs" [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5184] <... chdir resumed>) = 0 [pid 5182] <... ioctl resumed>) = 0 [ 121.852585][ T5185] loop3: detected capacity change from 0 to 1024 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... restart_syscall resumed>) = 0 [pid 5184] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5182] exit_group(0 [pid 5080] <... unlink resumed>) = 0 [pid 5077] getdents64(4, [pid 5185] <... mkdir resumed>) = 0 [pid 5182] <... exit_group resumed>) = ? [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5185] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5077] close(4) = 0 [pid 5075] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] rmdir("./16/file1" [pid 5184] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5182] +++ exited with 0 +++ [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5182, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5077] <... rmdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5184] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5075] <... openat resumed>) = 3 [pid 5079] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(3, "", [pid 5184] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5184] <... ioctl resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] getdents64(3, [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5184] exit_group(0) = ? [pid 5079] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] getdents64(3, [pid 5185] <... mount resumed>) = 0 [pid 5184] +++ exited with 0 +++ [pid 5080] <... umount2 resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5077] close(3 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5185] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5184, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5075] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5185] chdir("./file1" [pid 5079] getdents64(3, [pid 5077] rmdir("./16" [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5185] <... chdir resumed>) = 0 [pid 5080] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... restart_syscall resumed>) = 0 [pid 5075] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5185] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5079] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] unlink("./16/binderfs" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./15/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5075] <... unlink resumed>) = 0 [pid 5076] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5185] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5185] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] unlink("./16/binderfs" [pid 5076] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... unlink resumed>) = 0 [pid 5076] newfstatat(3, "", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5185] <... openat resumed>) = 4 [pid 5080] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5185] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... openat resumed>) = 4 [pid 5076] getdents64(3, [pid 5185] <... ioctl resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5185] exit_group(0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5185] <... exit_group resumed>) = ? [pid 5077] <... rmdir resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5080] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... umount2 resumed>) = 0 [pid 5080] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] rmdir("./15/file1") = 0 [pid 5075] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./16/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5185] +++ exited with 0 +++ [pid 5076] unlink("./15/binderfs" [pid 5080] getdents64(3, [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5185, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5075] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] rmdir("./15" [pid 5077] mkdir("./17", 0777 [pid 5076] <... unlink resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... rmdir resumed>) = 0 [pid 5078] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... mkdir resumed>) = 0 [pid 5076] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... openat resumed>) = 4 [pid 5080] mkdir("./16", 0777 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5078] <... openat resumed>) = 3 [pid 5075] newfstatat(4, "", [pid 5077] <... openat resumed>) = 3 [pid 5078] newfstatat(3, "", [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5075] getdents64(4, [pid 5077] close(3 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... umount2 resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] <... close resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... openat resumed>) = 3 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] getdents64(4, [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] close(4 [pid 5078] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5075] <... close resumed>) = 0 [pid 5080] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] rmdir("./16/file1" [pid 5080] <... close resumed>) = 0 [pid 5079] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] unlink("./15/binderfs" [pid 5075] <... rmdir resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... unlink resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./16/file1", ./strace-static-x86_64: Process 5186 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 5186] set_robust_list(0x555574eaa660, 24) = 0 [pid 5079] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5186 [pid 5076] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] close(3) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./15/file1", [pid 5075] rmdir("./16" [pid 5079] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5187 attached [pid 5186] chdir("./17" [pid 5079] <... openat resumed>) = 4 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5186] <... chdir resumed>) = 0 [pid 5186] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5187 [pid 5186] <... prctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5186] setpgid(0, 0) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 5079] newfstatat(4, "", [pid 5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5187] set_robust_list(0x555574eaa660, 24 [pid 5186] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] mkdir("./17", 0777 [pid 5187] <... set_robust_list resumed>) = 0 [pid 5186] write(3, "1000", 4 [pid 5079] getdents64(4, [pid 5076] getdents64(4, [pid 5075] <... mkdir resumed>) = 0 [pid 5187] chdir("./16" [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5187] <... chdir resumed>) = 0 [pid 5079] getdents64(4, [pid 5078] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5187] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5186] <... write resumed>) = 4 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5186] close(3 [pid 5076] close(4 [pid 5186] <... close resumed>) = 0 [pid 5187] <... prctl resumed>) = 0 [pid 5186] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... close resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5187] setpgid(0, 0 [pid 5079] close(4 [pid 5078] newfstatat(AT_FDCWD, "./15/file1", [pid 5076] rmdir("./15/file1" [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5187] <... setpgid resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] rmdir("./16/file1" [pid 5078] umount2("./15/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(3 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... close resumed>) = 0 [pid 5187] <... openat resumed>) = 3 [pid 5079] getdents64(3, [pid 5078] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5079] close(3 [pid 5078] newfstatat(4, "", [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5188 [pid 5186] <... symlink resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5079] rmdir("./16" [pid 5078] getdents64(4, [pid 5186] memfd_create("syzkaller", 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5188 attached [pid 5187] write(3, "1000", 4 [pid 5079] mkdir("./17", 0777 [pid 5078] getdents64(4, [pid 5188] set_robust_list(0x555574eaa660, 24 [pid 5187] <... write resumed>) = 4 [pid 5186] <... memfd_create resumed>) = 3 [pid 5076] close(3 [pid 5188] <... set_robust_list resumed>) = 0 [pid 5187] close(3 [pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5188] chdir("./17" [pid 5187] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5188] <... chdir resumed>) = 0 [pid 5187] symlink("/dev/binderfs", "./binderfs" [pid 5186] <... mmap resumed>) = 0x7f7064400000 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] close(4 [pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5187] <... symlink resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5076] rmdir("./15" [pid 5188] <... prctl resumed>) = 0 [pid 5187] memfd_create("syzkaller", 0 [pid 5188] setpgid(0, 0 [pid 5187] <... memfd_create resumed>) = 3 [pid 5186] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] rmdir("./15/file1" [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./16", 0777 [pid 5188] <... setpgid resumed>) = 0 [pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5188] <... openat resumed>) = 3 [pid 5187] <... mmap resumed>) = 0x7f7064400000 [pid 5076] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5188] write(3, "1000", 4) = 4 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5188] close(3) = 0 [pid 5188] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5187] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5076] ioctl(3, LOOP_CLR_FD) = 0 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5188] memfd_create("syzkaller", 0 [pid 5187] <... write resumed>) = 524288 [pid 5078] getdents64(3, [pid 5188] <... memfd_create resumed>) = 3 [pid 5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5188] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5189 [pid 5078] close(3./strace-static-x86_64: Process 5189 attached [pid 5189] set_robust_list(0x555574eaa660, 24) = 0 [pid 5189] chdir("./16") = 0 [pid 5189] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] <... close resumed>) = 0 [pid 5189] setpgid(0, 0 [pid 5078] rmdir("./15" [pid 5189] <... setpgid resumed>) = 0 [pid 5189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5188] <... write resumed>) = 524288 [pid 5186] <... write resumed>) = 524288 [pid 5078] <... rmdir resumed>) = 0 [pid 5078] mkdir("./16", 0777 [pid 5186] munmap(0x7f7064400000, 138412032 [pid 5078] <... mkdir resumed>) = 0 [pid 5187] munmap(0x7f7064400000, 138412032 [pid 5186] <... munmap resumed>) = 0 [pid 5189] write(3, "1000", 4 [pid 5187] <... munmap resumed>) = 0 [pid 5189] <... write resumed>) = 4 [pid 5187] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5189] close(3 [pid 5187] <... openat resumed>) = 4 [pid 5189] <... close resumed>) = 0 [pid 5187] ioctl(4, LOOP_SET_FD, 3 [pid 5189] symlink("/dev/binderfs", "./binderfs" [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5189] <... symlink resumed>) = 0 [pid 5186] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5078] <... openat resumed>) = 3 [pid 5189] memfd_create("syzkaller", 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5189] <... memfd_create resumed>) = 3 [pid 5078] <... ioctl resumed>) = 0 [pid 5189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5186] <... openat resumed>) = 4 [pid 5078] close(3 [pid 5189] <... mmap resumed>) = 0x7f7064400000 [pid 5186] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... ioctl resumed>) = 0 [pid 5189] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5186] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5188] munmap(0x7f7064400000, 138412032 [pid 5079] close(3 [pid 5188] <... munmap resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5186] ioctl(4, LOOP_CLR_FD) = 0 [ 122.230243][ T5187] loop5: detected capacity change from 0 to 1024 [pid 5188] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5187] <... ioctl resumed>) = 0 [pid 5188] <... openat resumed>) = 4 [pid 5187] close(3 [pid 5186] ioctl(4, LOOP_SET_FD, 3 [pid 5188] ioctl(4, LOOP_SET_FD, 3 [pid 5187] <... close resumed>) = 0 [pid 5186] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5187] close(4 [pid 5186] close(4 [pid 5187] <... close resumed>) = 0 ./strace-static-x86_64: Process 5190 attached [pid 5187] mkdir("./file1", 0777 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5190 [pid 5190] set_robust_list(0x555574eaa660, 24 [pid 5187] <... mkdir resumed>) = 0 [pid 5190] <... set_robust_list resumed>) = 0 [pid 5187] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5190] chdir("./17") = 0 [pid 5190] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5189] <... write resumed>) = 524288 [pid 5078] <... close resumed>) = 0 [pid 5190] setpgid(0, 0) = 0 [pid 5190] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5190] write(3, "1000", 4) = 4 [pid 5190] close(3) = 0 [pid 5190] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5190] memfd_create("syzkaller", 0 [pid 5186] <... close resumed>) = 0 [pid 5190] <... memfd_create resumed>) = 3 [pid 5188] <... ioctl resumed>) = 0 [ 122.276971][ T5188] loop0: detected capacity change from 0 to 1024 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5189] munmap(0x7f7064400000, 138412032 [pid 5188] close(3 [pid 5190] <... mmap resumed>) = 0x7f7064400000 [pid 5189] <... munmap resumed>) = 0 [pid 5188] <... close resumed>) = 0 [pid 5190] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5188] close(4 [pid 5189] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5188] <... close resumed>) = 0 [pid 5189] <... openat resumed>) = 4 [pid 5188] mkdir("./file1", 0777) = 0 [pid 5188] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5190] <... write resumed>) = 524288 [pid 5189] ioctl(4, LOOP_SET_FD, 3 [pid 5187] <... mount resumed>) = 0 [pid 5186] close(3 [pid 5189] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 5191 attached [pid 5189] ioctl(4, LOOP_CLR_FD [pid 5191] set_robust_list(0x555574eaa660, 24 [pid 5189] <... ioctl resumed>) = 0 [pid 5191] <... set_robust_list resumed>) = 0 [pid 5191] chdir("./16") = 0 [pid 5188] <... mount resumed>) = 0 [pid 5187] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5191 [pid 5189] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5187] <... openat resumed>) = 3 [pid 5189] close(4 [pid 5187] chdir("./file1" [pid 5191] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5189] <... close resumed>) = 0 [pid 5188] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5191] <... prctl resumed>) = 0 [pid 5189] close(3 [pid 5188] <... openat resumed>) = 3 [pid 5191] setpgid(0, 0 [pid 5187] <... chdir resumed>) = 0 [pid 5186] <... close resumed>) = 0 [pid 5191] <... setpgid resumed>) = 0 [pid 5187] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5188] chdir("./file1" [pid 5187] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5188] <... chdir resumed>) = 0 [pid 5187] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5191] <... openat resumed>) = 3 [pid 5189] <... close resumed>) = 0 [pid 5188] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5187] <... openat resumed>) = 4 [pid 5191] write(3, "1000", 4 [pid 5188] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5187] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5191] <... write resumed>) = 4 [pid 5188] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5186] <... openat resumed>) = 3 [pid 5191] close(3 [pid 5188] <... openat resumed>) = 4 [pid 5186] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5190] munmap(0x7f7064400000, 138412032 [pid 5191] <... close resumed>) = 0 [pid 5190] <... munmap resumed>) = 0 [pid 5188] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5191] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5190] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5190] ioctl(4, LOOP_SET_FD, 3 [pid 5187] <... ioctl resumed>) = 0 [pid 5186] <... ioctl resumed>) = 0 [pid 5189] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5187] exit_group(0 [pid 5186] exit_group(0 [pid 5189] <... openat resumed>) = 3 [pid 5188] <... ioctl resumed>) = 0 [pid 5186] <... exit_group resumed>) = ? [pid 5191] memfd_create("syzkaller", 0 [pid 5189] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5188] exit_group(0 [pid 5189] <... ioctl resumed>) = 0 [pid 5188] <... exit_group resumed>) = ? [pid 5189] exit_group(0 [pid 5187] <... exit_group resumed>) = ? [pid 5186] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5186, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5191] <... memfd_create resumed>) = 3 [pid 5189] <... exit_group resumed>) = ? [pid 5191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5189] +++ exited with 0 +++ [pid 5187] +++ exited with 0 +++ [pid 5191] <... mmap resumed>) = 0x7f7064400000 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5187, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5077] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5189, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5191] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5188] +++ exited with 0 +++ [pid 5080] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] <... openat resumed>) = 3 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5188, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5080] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5190] <... ioctl resumed>) = 0 [pid 5080] getdents64(3, [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5190] close(3 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] getdents64(3, [pid 5076] <... openat resumed>) = 3 [pid 5190] <... close resumed>) = 0 [pid 5080] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 3 entries */, 32768) = 80 [ 122.426781][ T5190] loop4: detected capacity change from 0 to 1024 [pid 5076] newfstatat(3, "", [pid 5190] close(4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 3 entries */, 32768) = 80 [pid 5077] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5076] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 3 [pid 5076] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5190] <... close resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] newfstatat(3, "", [pid 5077] unlink("./17/binderfs" [pid 5076] unlink("./16/binderfs" [pid 5190] mkdir("./file1", 0777 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5190] <... mkdir resumed>) = 0 [pid 5080] unlink("./16/binderfs" [pid 5077] <... unlink resumed>) = 0 [pid 5076] getdents64(3, [pid 5075] getdents64(3, [pid 5077] getdents64(3, [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 5080] <... unlink resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... close resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5190] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] close(3 [pid 5076] rmdir("./16" [pid 5075] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] rmdir("./17" [pid 5076] mkdir("./17", 0777 [pid 5075] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5075] unlink("./17/binderfs" [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5077] mkdir("./18", 0777 [pid 5191] <... write resumed>) = 524288 [pid 5077] <... mkdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5075] <... unlink resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] <... openat resumed>) = 3 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5075] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] close(3) = 0 [pid 5191] munmap(0x7f7064400000, 138412032 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5191] <... munmap resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5077] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5080] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5192 [pid 5191] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5190] <... mount resumed>) = 0 [pid 5077] close(3./strace-static-x86_64: Process 5192 attached [pid 5191] <... openat resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 5190] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5190] chdir("./file1") = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5191] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5193 attached [pid 5192] set_robust_list(0x555574eaa660, 24 [pid 5191] <... ioctl resumed>) = 0 [pid 5190] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] newfstatat(AT_FDCWD, "./16/file1", [pid 5190] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5192] <... set_robust_list resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5193 [pid 5193] set_robust_list(0x555574eaa660, 24 [pid 5190] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5192] chdir("./17" [pid 5193] <... set_robust_list resumed>) = 0 [pid 5080] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5192] <... chdir resumed>) = 0 [pid 5193] chdir("./18" [pid 5192] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5190] <... openat resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = 0 [pid 5193] <... chdir resumed>) = 0 [pid 5192] <... prctl resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5192] setpgid(0, 0 [pid 5190] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... openat resumed>) = 4 [pid 5192] <... setpgid resumed>) = 0 [pid 5192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5190] <... ioctl resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5190] exit_group(0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5190] <... exit_group resumed>) = ? [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5192] <... openat resumed>) = 3 [pid 5190] +++ exited with 0 +++ [pid 5075] newfstatat(AT_FDCWD, "./17/file1", [pid 5193] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] getdents64(4, [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5190, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5193] <... prctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5193] setpgid(0, 0 [pid 5192] write(3, "1000", 4 [pid 5080] getdents64(4, [pid 5079] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5193] <... setpgid resumed>) = 0 [pid 5192] <... write resumed>) = 4 [pid 5191] close(3 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 4 [pid 5193] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5192] close(3 [pid 5191] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5192] <... close resumed>) = 0 [pid 5192] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... openat resumed>) = 3 [pid 5075] newfstatat(4, "", [pid 5191] close(4 [pid 5079] newfstatat(3, "", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5191] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(4, [pid 5192] <... symlink resumed>) = 0 [pid 5191] mkdir("./file1", 0777 [pid 5079] getdents64(3, [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5193] <... openat resumed>) = 3 [pid 5192] memfd_create("syzkaller", 0 [pid 5191] <... mkdir resumed>) = 0 [pid 5080] close(4 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] getdents64(4, [pid 5080] <... close resumed>) = 0 [pid 5079] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5192] <... memfd_create resumed>) = 3 [pid 5080] rmdir("./16/file1" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] close(4 [pid 5191] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5075] <... close resumed>) = 0 [pid 5193] write(3, "1000", 4 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 122.552944][ T5191] loop3: detected capacity change from 0 to 1024 [pid 5075] rmdir("./17/file1" [pid 5193] <... write resumed>) = 4 [pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5191] <... mount resumed>) = 0 [pid 5080] getdents64(3, [pid 5079] unlink("./17/binderfs" [pid 5193] close(3 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5193] <... close resumed>) = 0 [pid 5192] <... mmap resumed>) = 0x7f7064400000 [pid 5191] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] close(3 [pid 5079] <... unlink resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5193] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5191] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 5079] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(3, [pid 5193] memfd_create("syzkaller", 0 [pid 5191] chdir("./file1" [pid 5080] rmdir("./16" [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5191] <... chdir resumed>) = 0 [pid 5075] close(3 [pid 5191] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5075] <... close resumed>) = 0 [pid 5191] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... rmdir resumed>) = 0 [pid 5075] rmdir("./17" [pid 5193] <... memfd_create resumed>) = 3 [pid 5191] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] mkdir("./17", 0777 [pid 5075] <... rmdir resumed>) = 0 [pid 5193] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5192] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5191] <... openat resumed>) = 4 [pid 5193] <... mmap resumed>) = 0x7f7064400000 [pid 5191] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... mkdir resumed>) = 0 [pid 5191] <... ioctl resumed>) = 0 [pid 5075] mkdir("./18", 0777 [pid 5193] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5191] exit_group(0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... umount2 resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5191] <... exit_group resumed>) = ? [pid 5191] +++ exited with 0 +++ [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD) = 0 [pid 5075] close(3) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5191, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./17/file1", [pid 5078] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5193] <... write resumed>) = 524288 [pid 5079] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5194 attached ) = 3 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5194 [pid 5194] set_robust_list(0x555574eaa660, 24 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(3, "", [pid 5194] <... set_robust_list resumed>) = 0 [pid 5194] chdir("./18") = 0 [pid 5079] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5194] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] getdents64(3, [pid 5194] <... prctl resumed>) = 0 [pid 5194] setpgid(0, 0) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5192] <... write resumed>) = 524288 [pid 5079] newfstatat(4, "", [pid 5078] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5194] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./16/binderfs" [pid 5192] munmap(0x7f7064400000, 138412032 [pid 5194] write(3, "1000", 4 [pid 5192] <... munmap resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5194] <... write resumed>) = 4 [pid 5194] close(3) = 0 [pid 5193] munmap(0x7f7064400000, 138412032 [pid 5192] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] getdents64(4, [pid 5194] symlink("/dev/binderfs", "./binderfs" [pid 5193] <... munmap resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5194] <... symlink resumed>) = 0 [pid 5192] <... openat resumed>) = 4 [pid 5194] memfd_create("syzkaller", 0 [pid 5192] ioctl(4, LOOP_SET_FD, 3 [pid 5194] <... memfd_create resumed>) = 3 [pid 5080] <... ioctl resumed>) = 0 [pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5194] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5193] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] close(3 [pid 5079] getdents64(4, [pid 5193] <... openat resumed>) = 4 [pid 5080] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5193] ioctl(4, LOOP_SET_FD, 3 [pid 5079] close(4 [pid 5194] <... write resumed>) = 524288 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./17/file1" [pid 5192] <... ioctl resumed>) = 0 [pid 5192] close(3 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5192] <... close resumed>) = 0 [pid 5193] <... ioctl resumed>) = 0 [pid 5192] close(4 [pid 5079] getdents64(3, [pid 5078] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5195 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5192] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] newfstatat(AT_FDCWD, "./16/file1", ./strace-static-x86_64: Process 5195 attached [pid 5192] mkdir("./file1", 0777 [pid 5079] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./16/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] set_robust_list(0x555574eaa660, 24 [pid 5079] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5195] <... set_robust_list resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5195] chdir("./17" [pid 5192] <... mkdir resumed>) = 0 [pid 5079] rmdir("./17" [pid 5078] <... openat resumed>) = 4 [pid 5195] <... chdir resumed>) = 0 [ 122.749331][ T5192] loop1: detected capacity change from 0 to 1024 [ 122.766387][ T5193] loop2: detected capacity change from 0 to 1024 [pid 5195] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] newfstatat(4, "", [pid 5195] setpgid(0, 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5195] <... setpgid resumed>) = 0 [pid 5193] close(3 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] getdents64(4, [pid 5195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5193] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5195] <... openat resumed>) = 3 [pid 5194] munmap(0x7f7064400000, 138412032 [pid 5193] close(4 [pid 5192] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5078] getdents64(4, [pid 5195] write(3, "1000", 4 [pid 5194] <... munmap resumed>) = 0 [pid 5193] <... close resumed>) = 0 [pid 5195] <... write resumed>) = 4 [pid 5193] mkdir("./file1", 0777 [pid 5079] mkdir("./18", 0777 [pid 5195] close(3 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5195] <... close resumed>) = 0 [pid 5194] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5195] symlink("/dev/binderfs", "./binderfs" [pid 5194] <... openat resumed>) = 4 [pid 5193] <... mkdir resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] close(4 [pid 5195] <... symlink resumed>) = 0 [pid 5195] memfd_create("syzkaller", 0 [pid 5194] ioctl(4, LOOP_SET_FD, 3 [pid 5195] <... memfd_create resumed>) = 3 [pid 5194] <... ioctl resumed>) = 0 [pid 5195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5195] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] <... close resumed>) = 0 [pid 5193] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5078] rmdir("./16/file1" [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] <... rmdir resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5079] close(3) = 0 [pid 5194] close(3) = 0 [pid 5194] close(4) = 0 [pid 5194] mkdir("./file1", 0777 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 122.835444][ T5194] loop0: detected capacity change from 0 to 1024 [pid 5078] getdents64(3, [pid 5195] <... write resumed>) = 524288 [pid 5194] <... mkdir resumed>) = 0 [pid 5193] <... mount resumed>) = 0 [pid 5192] <... mount resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5193] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5192] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5196 [pid 5078] close(3./strace-static-x86_64: Process 5196 attached [pid 5193] <... openat resumed>) = 3 [pid 5192] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5192] chdir("./file1" [pid 5196] set_robust_list(0x555574eaa660, 24 [pid 5194] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5193] chdir("./file1" [pid 5078] rmdir("./16" [pid 5196] <... set_robust_list resumed>) = 0 [pid 5193] <... chdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5196] chdir("./18" [pid 5193] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5196] <... chdir resumed>) = 0 [pid 5192] <... chdir resumed>) = 0 [pid 5078] mkdir("./17", 0777 [pid 5192] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5193] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5192] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... mkdir resumed>) = 0 [pid 5195] munmap(0x7f7064400000, 138412032) = 0 [pid 5193] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5192] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5196] <... prctl resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5196] setpgid(0, 0 [pid 5193] <... openat resumed>) = 4 [pid 5192] <... openat resumed>) = 4 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5196] <... setpgid resumed>) = 0 [pid 5195] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5193] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5192] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] <... ioctl resumed>) = 0 [pid 5194] <... mount resumed>) = 0 [pid 5078] close(3 [pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5195] <... openat resumed>) = 4 [pid 5078] <... close resumed>) = 0 [pid 5194] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5196] <... openat resumed>) = 3 [pid 5195] ioctl(4, LOOP_SET_FD, 3 [pid 5196] write(3, "1000", 4 [pid 5195] <... ioctl resumed>) = 0 [pid 5194] <... openat resumed>) = 3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5196] <... write resumed>) = 4 [pid 5194] chdir("./file1" [pid 5196] close(3 [pid 5194] <... chdir resumed>) = 0 [pid 5196] <... close resumed>) = 0 [pid 5196] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5194] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5196] memfd_create("syzkaller", 0 [pid 5194] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 5197 attached [pid 5196] <... memfd_create resumed>) = 3 [pid 5194] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5192] <... ioctl resumed>) = 0 [pid 5197] set_robust_list(0x555574eaa660, 24 [pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5194] <... openat resumed>) = 4 [pid 5197] <... set_robust_list resumed>) = 0 [pid 5196] <... mmap resumed>) = 0x7f7064400000 [pid 5194] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5193] <... ioctl resumed>) = 0 [pid 5192] exit_group(0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5197 [pid 5197] chdir("./17" [pid 5196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5195] close(3 [pid 5194] <... ioctl resumed>) = 0 [pid 5193] exit_group(0 [pid 5192] <... exit_group resumed>) = ? [pid 5197] <... chdir resumed>) = 0 [pid 5194] exit_group(0 [pid 5197] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5195] <... close resumed>) = 0 [pid 5194] <... exit_group resumed>) = ? [pid 5193] <... exit_group resumed>) = ? [pid 5195] close(4) = 0 [pid 5195] mkdir("./file1", 0777) = 0 [pid 5197] <... prctl resumed>) = 0 [pid 5195] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5194] +++ exited with 0 +++ [ 122.963620][ T5195] loop5: detected capacity change from 0 to 1024 [pid 5197] setpgid(0, 0 [pid 5193] +++ exited with 0 +++ [pid 5192] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5194, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5197] <... setpgid resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5193, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5192, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5075] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5197] <... openat resumed>) = 3 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5197] write(3, "1000", 4 [pid 5077] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... openat resumed>) = 3 [pid 5197] <... write resumed>) = 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5197] close(3 [pid 5076] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5197] <... close resumed>) = 0 [pid 5195] <... mount resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 3 [pid 5075] newfstatat(3, "", [pid 5197] symlink("/dev/binderfs", "./binderfs" [pid 5195] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] newfstatat(3, "", [pid 5076] newfstatat(3, "", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5197] <... symlink resumed>) = 0 [pid 5196] <... write resumed>) = 524288 [pid 5195] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(3, [pid 5195] chdir("./file1" [pid 5076] getdents64(3, [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5197] memfd_create("syzkaller", 0 [pid 5077] getdents64(3, [pid 5197] <... memfd_create resumed>) = 3 [pid 5195] <... chdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5197] <... mmap resumed>) = 0x7f7064400000 [pid 5196] munmap(0x7f7064400000, 138412032 [pid 5195] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5196] <... munmap resumed>) = 0 [pid 5195] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] unlink("./18/binderfs" [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5195] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] <... unlink resumed>) = 0 [pid 5076] unlink("./17/binderfs" [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5197] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5196] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5195] <... openat resumed>) = 4 [pid 5196] <... openat resumed>) = 4 [pid 5195] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5076] <... unlink resumed>) = 0 [pid 5075] unlink("./18/binderfs" [pid 5077] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... unlink resumed>) = 0 [pid 5075] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] <... ioctl resumed>) = 0 [pid 5196] ioctl(4, LOOP_SET_FD, 3 [pid 5195] exit_group(0) = ? [pid 5195] +++ exited with 0 +++ [pid 5076] <... umount2 resumed>) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5195, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5080] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./17/file1", [pid 5197] <... write resumed>) = 524288 [pid 5197] munmap(0x7f7064400000, 138412032 [pid 5080] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5197] <... munmap resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5197] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] newfstatat(3, "", [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] newfstatat(4, "", [pid 5075] <... umount2 resumed>) = 0 [pid 5080] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5197] <... openat resumed>) = 4 [pid 5196] <... ioctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5197] ioctl(4, LOOP_SET_FD, 3 [pid 5077] newfstatat(AT_FDCWD, "./18/file1", [pid 5076] getdents64(4, [ 123.096757][ T5196] loop4: detected capacity change from 0 to 1024 [pid 5075] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5196] close(3 [pid 5080] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5196] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5196] close(4 [pid 5080] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5075] newfstatat(AT_FDCWD, "./18/file1", [pid 5196] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5196] mkdir("./file1", 0777 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5196] <... mkdir resumed>) = 0 [pid 5080] unlink("./17/binderfs") = 0 [pid 5076] getdents64(4, [pid 5075] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5196] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5197] <... ioctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] rmdir("./17/file1" [pid 5197] close(3 [pid 5077] <... openat resumed>) = 4 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... openat resumed>) = 4 [pid 5076] getdents64(3, [pid 5077] newfstatat(4, "", [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(3 [pid 5075] newfstatat(4, "", [pid 5076] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 5076] rmdir("./17" [pid 5080] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] newfstatat(AT_FDCWD, "./17/file1", [pid 5197] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] getdents64(4, [pid 5197] close(4 [pid 5077] getdents64(4, [pid 5076] mkdir("./18", 0777 [pid 5197] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] close(4 [pid 5076] <... mkdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5197] mkdir("./file1", 0777 [pid 5077] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] rmdir("./18/file1" [pid 5076] <... openat resumed>) = 3 [pid 5075] getdents64(4, [pid 5080] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5075] close(4 [pid 5080] newfstatat(4, "", [pid 5075] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5197] <... mkdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] close(3 [pid 5075] rmdir("./18/file1") = 0 [pid 5080] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./17/file1" [pid 5075] getdents64(3, [pid 5080] <... rmdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [ 123.140221][ T5197] loop3: detected capacity change from 0 to 1024 [pid 5075] close(3) = 0 [pid 5075] rmdir("./18") = 0 [pid 5080] getdents64(3, [pid 5197] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./18" [pid 5196] <... mount resumed>) = 0 [pid 5080] close(3 [pid 5075] mkdir("./19", 0777 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./19", 0777 [pid 5080] <... close resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5196] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] rmdir("./17" [pid 5196] <... openat resumed>) = 3 [pid 5080] <... rmdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5196] chdir("./file1") = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5196] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... openat resumed>) = 3 [pid 5075] <... openat resumed>) = 3 [pid 5196] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] mkdir("./18", 0777 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5196] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... mkdir resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5196] <... openat resumed>) = 4 [pid 5196] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5196] exit_group(0) = ? [pid 5196] +++ exited with 0 +++ [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] close(3 [pid 5197] <... mount resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5196, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5197] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5197] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5197] chdir("./file1" [pid 5079] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5197] <... chdir resumed>) = 0 [pid 5197] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5079] <... openat resumed>) = 3 [pid 5197] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] newfstatat(3, "", [pid 5197] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5198 ./strace-static-x86_64: Process 5198 attached [pid 5198] set_robust_list(0x555574eaa660, 24 [pid 5197] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5198] <... set_robust_list resumed>) = 0 [pid 5198] chdir("./18") = 0 [pid 5198] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5198] setpgid(0, 0 [pid 5197] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5198] <... setpgid resumed>) = 0 [pid 5197] exit_group(0 [pid 5079] getdents64(3, [pid 5197] <... exit_group resumed>) = ? [pid 5198] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5197] +++ exited with 0 +++ [pid 5198] <... openat resumed>) = 3 [pid 5198] write(3, "1000", 4 [pid 5079] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5197, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5075] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5198] <... write resumed>) = 4 [pid 5198] close(3) = 0 [pid 5198] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5198] memfd_create("syzkaller", 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5078] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5198] <... memfd_create resumed>) = 3 [pid 5198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5198] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] unlink("./18/binderfs" [pid 5078] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] close(3 [pid 5079] <... unlink resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] newfstatat(3, "", [ 123.294915][ T5070] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5079] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] close(3 [pid 5078] getdents64(3, [pid 5077] <... close resumed>) = 0 [pid 5075] close(3 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... close resumed>) = 0 [pid 5079] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5199 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./18/file1", [pid 5078] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5199 attached [pid 5079] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5199] set_robust_list(0x555574eaa660, 24 [pid 5079] <... openat resumed>) = 4 [pid 5199] <... set_robust_list resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5199] chdir("./18" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5200 attached ./strace-static-x86_64: Process 5201 attached [pid 5198] <... write resumed>) = 524288 [pid 5079] getdents64(4, [pid 5078] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5200] set_robust_list(0x555574eaa660, 24 [pid 5201] set_robust_list(0x555574eaa660, 24 [pid 5199] <... chdir resumed>) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5201 [pid 5200] <... set_robust_list resumed>) = 0 [pid 5201] <... set_robust_list resumed>) = 0 [pid 5199] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5200 [pid 5200] chdir("./19" [pid 5199] <... prctl resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] unlink("./17/binderfs" [pid 5200] <... chdir resumed>) = 0 [pid 5201] chdir("./19" [pid 5199] setpgid(0, 0 [pid 5079] getdents64(4, [pid 5200] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5201] <... chdir resumed>) = 0 [pid 5199] <... setpgid resumed>) = 0 [pid 5198] munmap(0x7f7064400000, 138412032 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5200] <... prctl resumed>) = 0 [pid 5201] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] close(4 [pid 5078] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5200] setpgid(0, 0 [pid 5201] <... prctl resumed>) = 0 [pid 5199] <... openat resumed>) = 3 [pid 5198] <... munmap resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5200] <... setpgid resumed>) = 0 [pid 5201] setpgid(0, 0 [pid 5200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5201] <... setpgid resumed>) = 0 [pid 5079] rmdir("./18/file1" [pid 5078] <... umount2 resumed>) = 0 [pid 5200] <... openat resumed>) = 3 [pid 5201] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5199] write(3, "1000", 4 [pid 5079] <... rmdir resumed>) = 0 [pid 5200] write(3, "1000", 4 [pid 5198] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] getdents64(3, [pid 5201] <... openat resumed>) = 3 [pid 5200] <... write resumed>) = 4 [pid 5198] <... openat resumed>) = 4 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5200] close(3 [pid 5198] ioctl(4, LOOP_SET_FD, 3 [pid 5079] close(3 [pid 5200] <... close resumed>) = 0 [pid 5201] write(3, "1000", 4 [pid 5200] symlink("/dev/binderfs", "./binderfs" [pid 5199] <... write resumed>) = 4 [pid 5079] <... close resumed>) = 0 [pid 5199] close(3 [pid 5079] rmdir("./18" [pid 5200] <... symlink resumed>) = 0 [pid 5201] <... write resumed>) = 4 [pid 5199] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5199] symlink("/dev/binderfs", "./binderfs" [pid 5200] memfd_create("syzkaller", 0 [pid 5201] close(3 [pid 5199] <... symlink resumed>) = 0 [pid 5200] <... memfd_create resumed>) = 3 [pid 5201] <... close resumed>) = 0 [pid 5199] memfd_create("syzkaller", 0 [pid 5079] mkdir("./19", 0777 [pid 5078] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5201] symlink("/dev/binderfs", "./binderfs" [pid 5200] <... mmap resumed>) = 0x7f7064400000 [pid 5201] <... symlink resumed>) = 0 [pid 5199] <... memfd_create resumed>) = 3 [pid 5198] <... ioctl resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5199] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] newfstatat(AT_FDCWD, "./17/file1", [pid 5201] memfd_create("syzkaller", 0 [pid 5199] <... mmap resumed>) = 0x7f7064400000 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5201] <... memfd_create resumed>) = 3 [pid 5198] close(3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] umount2("./17/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5200] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5201] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5199] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5198] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5198] close(4 [pid 5201] <... mmap resumed>) = 0x7f7064400000 [pid 5078] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5198] <... close resumed>) = 0 [pid 5198] mkdir("./file1", 0777 [pid 5078] <... openat resumed>) = 4 [ 123.400197][ T5198] loop1: detected capacity change from 0 to 1024 [pid 5199] <... write resumed>) = 524288 [pid 5198] <... mkdir resumed>) = 0 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 5201] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] <... close resumed>) = 0 [pid 5198] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5078] rmdir("./17/file1") = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./17" [pid 5200] <... write resumed>) = 524288 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5200] munmap(0x7f7064400000, 138412032 [pid 5201] <... write resumed>) = 524288 [pid 5078] mkdir("./18", 0777 [pid 5198] <... mount resumed>) = 0 [pid 5200] <... munmap resumed>) = 0 [pid 5198] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5078] <... mkdir resumed>) = 0 [pid 5200] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5198] <... openat resumed>) = 3 [pid 5199] munmap(0x7f7064400000, 138412032 [pid 5200] <... openat resumed>) = 4 [pid 5198] chdir("./file1" [pid 5199] <... munmap resumed>) = 0 [pid 5198] <... chdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5198] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5200] ioctl(4, LOOP_SET_FD, 3 [pid 5201] munmap(0x7f7064400000, 138412032 [pid 5198] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... openat resumed>) = 3 [pid 5198] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5198] <... openat resumed>) = 4 [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3 [pid 5199] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] close(3 [pid 5078] <... close resumed>) = 0 [pid 5198] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5199] <... openat resumed>) = 4 [pid 5079] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5201] <... munmap resumed>) = 0 [pid 5199] ioctl(4, LOOP_SET_FD, 3 [pid 5198] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5200] <... ioctl resumed>) = 0 [pid 5201] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5198] exit_group(0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5202 [pid 5198] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 5203 attached ./strace-static-x86_64: Process 5202 attached [pid 5202] set_robust_list(0x555574eaa660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5203 [pid 5203] set_robust_list(0x555574eaa660, 24 [pid 5202] <... set_robust_list resumed>) = 0 [pid 5202] chdir("./18") = 0 [pid 5201] <... openat resumed>) = 4 [pid 5202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5201] ioctl(4, LOOP_SET_FD, 3 [pid 5202] setpgid(0, 0 [pid 5198] +++ exited with 0 +++ [pid 5203] <... set_robust_list resumed>) = 0 [pid 5202] <... setpgid resumed>) = 0 [pid 5200] close(3 [pid 5203] chdir("./19" [pid 5202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5200] <... close resumed>) = 0 [pid 5201] <... ioctl resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5198, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5203] <... chdir resumed>) = 0 [pid 5202] <... openat resumed>) = 3 [pid 5200] close(4 [pid 5201] close(3 [pid 5076] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5203] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5200] <... close resumed>) = 0 [pid 5201] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5203] <... prctl resumed>) = 0 [pid 5200] mkdir("./file1", 0777 [pid 5203] setpgid(0, 0 [pid 5202] write(3, "1000", 4 [pid 5200] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5203] <... setpgid resumed>) = 0 [pid 5203] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5202] <... write resumed>) = 4 [pid 5200] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5201] close(4 [pid 5199] <... ioctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5202] close(3) = 0 [pid 5201] <... close resumed>) = 0 [pid 5203] <... openat resumed>) = 3 [pid 5202] symlink("/dev/binderfs", "./binderfs" [pid 5076] newfstatat(3, "", [pid 5201] mkdir("./file1", 0777 [pid 5203] write(3, "1000", 4 [pid 5199] close(3 [pid 5203] <... write resumed>) = 4 [pid 5202] <... symlink resumed>) = 0 [pid 5199] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5203] close(3 [pid 5202] memfd_create("syzkaller", 0 [pid 5201] <... mkdir resumed>) = 0 [pid 5199] close(4 [pid 5203] <... close resumed>) = 0 [pid 5202] <... memfd_create resumed>) = 3 [pid 5201] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5199] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5203] symlink("/dev/binderfs", "./binderfs" [pid 5202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5203] <... symlink resumed>) = 0 [ 123.535292][ T5200] loop2: detected capacity change from 0 to 1024 [ 123.550647][ T5199] loop5: detected capacity change from 0 to 1024 [ 123.569898][ T5201] loop0: detected capacity change from 0 to 1024 [pid 5199] mkdir("./file1", 0777 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5203] memfd_create("syzkaller", 0 [pid 5199] <... mkdir resumed>) = 0 [pid 5203] <... memfd_create resumed>) = 3 [pid 5199] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5203] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5202] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5203] <... mmap resumed>) = 0x7f7064400000 [pid 5201] <... mount resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5201] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5201] <... openat resumed>) = 3 [pid 5199] <... mount resumed>) = 0 [pid 5076] unlink("./18/binderfs" [pid 5203] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5202] <... write resumed>) = 524288 [pid 5200] <... mount resumed>) = 0 [pid 5201] chdir("./file1" [pid 5199] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5201] <... chdir resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5199] <... openat resumed>) = 3 [pid 5076] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5201] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5200] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5201] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5199] chdir("./file1" [pid 5201] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5199] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5199] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5076] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5201] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5199] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] newfstatat(AT_FDCWD, "./18/file1", [pid 5200] chdir("./file1" [pid 5199] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5201] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5202] munmap(0x7f7064400000, 138412032 [pid 5076] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5202] <... munmap resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5199] <... openat resumed>) = 4 [pid 5200] <... chdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5202] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5200] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5202] <... openat resumed>) = 4 [pid 5199] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5202] ioctl(4, LOOP_SET_FD, 3 [pid 5200] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5200] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5200] <... openat resumed>) = 4 [pid 5076] close(4 [pid 5200] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./18/file1" [pid 5203] <... write resumed>) = 524288 [pid 5076] <... rmdir resumed>) = 0 [pid 5203] munmap(0x7f7064400000, 138412032 [pid 5076] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./18") = 0 [pid 5203] <... munmap resumed>) = 0 [ 123.695972][ T5202] loop3: detected capacity change from 0 to 1024 [pid 5203] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5202] <... ioctl resumed>) = 0 [pid 5076] mkdir("./19", 0777 [pid 5203] ioctl(4, LOOP_SET_FD, 3 [pid 5202] close(3 [pid 5076] <... mkdir resumed>) = 0 [pid 5201] <... ioctl resumed>) = 0 [pid 5202] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5202] close(4 [pid 5200] <... ioctl resumed>) = 0 [pid 5201] exit_group(0 [pid 5199] <... ioctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5202] <... close resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5202] mkdir("./file1", 0777 [pid 5076] <... ioctl resumed>) = 0 [pid 5202] <... mkdir resumed>) = 0 [pid 5076] close(3 [pid 5202] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] <... close resumed>) = 0 [pid 5199] exit_group(0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5200] exit_group(0 [pid 5199] <... exit_group resumed>) = ? [pid 5201] <... exit_group resumed>) = ? [pid 5201] +++ exited with 0 +++ [pid 5202] <... mount resumed>) = 0 [pid 5200] <... exit_group resumed>) = ? [pid 5199] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5201, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5202] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5199, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5202] <... openat resumed>) = 3 [pid 5075] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5204 attached [pid 5202] chdir("./file1" [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5204 [pid 5204] set_robust_list(0x555574eaa660, 24 [pid 5202] <... chdir resumed>) = 0 [pid 5080] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... restart_syscall resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5075] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] newfstatat(3, "", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5202] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] getdents64(3, [pid 5204] <... set_robust_list resumed>) = 0 [pid 5202] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... openat resumed>) = 3 [pid 5200] +++ exited with 0 +++ [pid 5075] newfstatat(3, "", [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5200, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5204] chdir("./19" [pid 5202] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5202] <... openat resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5077] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5204] <... chdir resumed>) = 0 [pid 5202] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] unlink("./18/binderfs" [pid 5077] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... unlink resumed>) = 0 [pid 5202] <... ioctl resumed>) = 0 [ 123.745795][ T5203] loop4: detected capacity change from 0 to 1024 [pid 5204] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5202] exit_group(0) = ? [pid 5080] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5204] setpgid(0, 0 [pid 5202] +++ exited with 0 +++ [pid 5077] <... openat resumed>) = 3 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5203] <... ioctl resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 5204] <... setpgid resumed>) = 0 [pid 5203] close(3 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5202, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5203] <... close resumed>) = 0 [pid 5077] getdents64(3, [pid 5204] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5203] close(4 [pid 5080] <... umount2 resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5203] <... close resumed>) = 0 [pid 5204] <... openat resumed>) = 3 [pid 5203] mkdir("./file1", 0777 [pid 5077] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] unlink("./19/binderfs" [pid 5078] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... unlink resumed>) = 0 [pid 5204] write(3, "1000", 4 [pid 5078] newfstatat(3, "", [pid 5204] <... write resumed>) = 4 [pid 5203] <... mkdir resumed>) = 0 [pid 5080] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5075] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5204] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5204] <... close resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./18/file1", [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5204] symlink("/dev/binderfs", "./binderfs" [pid 5203] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] getdents64(3, [pid 5077] unlink("./19/binderfs" [pid 5204] <... symlink resumed>) = 0 [pid 5080] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... unlink resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5204] memfd_create("syzkaller", 0 [pid 5080] <... openat resumed>) = 4 [pid 5078] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] newfstatat(4, "", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5204] <... memfd_create resumed>) = 3 [pid 5080] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5204] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] unlink("./18/binderfs" [pid 5077] <... umount2 resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5204] <... mmap resumed>) = 0x7f7064400000 [pid 5080] getdents64(4, [pid 5078] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5080] close(4 [pid 5077] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] rmdir("./18/file1" [pid 5077] newfstatat(AT_FDCWD, "./19/file1", [pid 5203] <... mount resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5203] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5075] newfstatat(AT_FDCWD, "./19/file1", [pid 5203] <... openat resumed>) = 3 [pid 5080] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5203] chdir("./file1" [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] close(3 [pid 5077] <... openat resumed>) = 4 [pid 5203] <... chdir resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5077] newfstatat(4, "", [pid 5075] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5203] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] rmdir("./18" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5204] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] <... rmdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5203] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] mkdir("./19", 0777 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] getdents64(4, [pid 5075] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5203] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] <... openat resumed>) = 4 [pid 5203] <... openat resumed>) = 4 [pid 5080] <... mkdir resumed>) = 0 [pid 5078] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] newfstatat(4, "", [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5203] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5078] newfstatat(AT_FDCWD, "./18/file1", [pid 5077] getdents64(4, [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5075] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5203] exit_group(0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] umount2("./18/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] rmdir("./19/file1" [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... rmdir resumed>) = 0 [pid 5075] getdents64(4, [pid 5203] <... exit_group resumed>) = ? [pid 5078] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5075] close(4 [pid 5078] newfstatat(4, "", [pid 5080] <... openat resumed>) = 3 [pid 5077] getdents64(3, [pid 5075] <... close resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] rmdir("./19/file1" [pid 5080] <... ioctl resumed>) = 0 [pid 5078] getdents64(4, [pid 5077] close(3 [pid 5204] <... write resumed>) = 524288 [pid 5080] close(3 [pid 5075] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, [pid 5080] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... close resumed>) = 0 [pid 5078] close(4 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... close resumed>) = 0 [pid 5077] rmdir("./19" [pid 5078] rmdir("./18/file1" [pid 5203] +++ exited with 0 +++ [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, [pid 5078] getdents64(3, [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5203, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] mkdir("./20", 0777 [pid 5078] close(3 [pid 5075] close(3 [pid 5078] <... close resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5078] rmdir("./18" [pid 5075] rmdir("./19" [pid 5079] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 5205 attached [pid 5079] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5075] <... rmdir resumed>) = 0 [pid 5204] munmap(0x7f7064400000, 138412032 [pid 5205] set_robust_list(0x555574eaa660, 24 [pid 5204] <... munmap resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5205 [pid 5079] <... openat resumed>) = 3 [pid 5078] mkdir("./19", 0777 [pid 5075] mkdir("./20", 0777 [pid 5205] <... set_robust_list resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5204] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5205] chdir("./19" [pid 5204] <... openat resumed>) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5204] ioctl(4, LOOP_SET_FD, 3 [pid 5205] <... chdir resumed>) = 0 [pid 5079] getdents64(3, [pid 5078] <... mkdir resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5205] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5205] <... prctl resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5205] setpgid(0, 0) = 0 [pid 5079] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5204] <... ioctl resumed>) = 0 [pid 5204] close(3 [pid 5205] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5204] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5204] close(4 [pid 5205] <... openat resumed>) = 3 [pid 5204] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5078] <... ioctl resumed>) = 0 [pid 5204] mkdir("./file1", 0777) = 0 [pid 5205] write(3, "1000", 4 [pid 5204] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] close(3 [pid 5077] <... ioctl resumed>) = 0 [pid 5205] <... write resumed>) = 4 [pid 5205] close(3 [pid 5079] unlink("./19/binderfs" [pid 5078] <... close resumed>) = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5205] <... close resumed>) = 0 [pid 5205] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... unlink resumed>) = 0 [ 123.956313][ T5204] loop1: detected capacity change from 0 to 1024 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5206 attached [pid 5205] <... symlink resumed>) = 0 [pid 5079] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5206] set_robust_list(0x555574eaa660, 24 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5206 [pid 5205] memfd_create("syzkaller", 0 [pid 5206] <... set_robust_list resumed>) = 0 [pid 5206] chdir("./19" [pid 5205] <... memfd_create resumed>) = 3 [pid 5206] <... chdir resumed>) = 0 [pid 5205] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] close(3 [pid 5075] close(3 [pid 5077] <... close resumed>) = 0 [pid 5205] <... mmap resumed>) = 0x7f7064400000 [pid 5206] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... close resumed>) = 0 [pid 5206] <... prctl resumed>) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5206] setpgid(0, 0) = 0 [pid 5204] <... mount resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5207 attached [pid 5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5207] set_robust_list(0x555574eaa660, 24 [pid 5079] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5207 [pid 5207] <... set_robust_list resumed>) = 0 [pid 5204] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5207] chdir("./20" [pid 5204] <... openat resumed>) = 3 [pid 5079] newfstatat(AT_FDCWD, "./19/file1", [pid 5204] chdir("./file1" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5207] <... chdir resumed>) = 0 [pid 5204] <... chdir resumed>) = 0 [pid 5079] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5207] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5204] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5207] setpgid(0, 0 [pid 5204] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5207] <... setpgid resumed>) = 0 [pid 5204] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5206] <... openat resumed>) = 3 [pid 5207] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5205] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5204] <... openat resumed>) = 4 [pid 5079] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5208 [pid 5206] write(3, "1000", 4 [pid 5079] <... openat resumed>) = 4 [pid 5206] <... write resumed>) = 4 [pid 5204] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] newfstatat(4, "", [pid 5207] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5207] write(3, "1000", 4 [pid 5079] getdents64(4, [pid 5207] <... write resumed>) = 4 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5207] close(3 [pid 5204] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] getdents64(4, [pid 5207] <... close resumed>) = 0 [pid 5204] exit_group(0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5207] symlink("/dev/binderfs", "./binderfs" [pid 5204] <... exit_group resumed>) = ? [pid 5079] close(4 [pid 5207] <... symlink resumed>) = 0 [pid 5206] close(3 [pid 5204] +++ exited with 0 +++ [pid 5079] <... close resumed>) = 0 ./strace-static-x86_64: Process 5208 attached [pid 5207] memfd_create("syzkaller", 0 [pid 5206] <... close resumed>) = 0 [pid 5079] rmdir("./19/file1" [pid 5208] set_robust_list(0x555574eaa660, 24 [pid 5207] <... memfd_create resumed>) = 3 [pid 5206] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... rmdir resumed>) = 0 [pid 5208] <... set_robust_list resumed>) = 0 [pid 5207] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] getdents64(3, [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5204, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5208] chdir("./20" [pid 5207] <... mmap resumed>) = 0x7f7064400000 [pid 5206] <... symlink resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5208] <... chdir resumed>) = 0 [pid 5207] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5205] <... write resumed>) = 524288 [pid 5079] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5208] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5206] memfd_create("syzkaller", 0 [pid 5079] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5208] <... prctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5206] <... memfd_create resumed>) = 3 [pid 5079] rmdir("./19" [pid 5208] setpgid(0, 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] newfstatat(3, "", [pid 5205] munmap(0x7f7064400000, 138412032 [pid 5208] <... setpgid resumed>) = 0 [pid 5208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5206] <... mmap resumed>) = 0x7f7064400000 [pid 5205] <... munmap resumed>) = 0 [pid 5079] mkdir("./20", 0777 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5208] <... openat resumed>) = 3 [pid 5206] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5205] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... mkdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5208] write(3, "1000", 4) = 4 [pid 5205] <... openat resumed>) = 4 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5208] close(3 [pid 5205] ioctl(4, LOOP_SET_FD, 3 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] close(3 [pid 5076] unlink("./19/binderfs" [pid 5208] <... close resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5208] symlink("/dev/binderfs", "./binderfs" [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5208] <... symlink resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5209 [pid 5208] memfd_create("syzkaller", 0) = 3 [pid 5206] <... write resumed>) = 524288 ./strace-static-x86_64: Process 5209 attached [pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5207] <... write resumed>) = 524288 [pid 5209] set_robust_list(0x555574eaa660, 24 [pid 5208] <... mmap resumed>) = 0x7f7064400000 [pid 5209] <... set_robust_list resumed>) = 0 [pid 5207] munmap(0x7f7064400000, 138412032 [pid 5209] chdir("./20" [pid 5207] <... munmap resumed>) = 0 [pid 5205] <... ioctl resumed>) = 0 [pid 5205] close(3) = 0 [pid 5205] close(4) = 0 [pid 5205] mkdir("./file1", 0777 [pid 5209] <... chdir resumed>) = 0 [pid 5207] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5205] <... mkdir resumed>) = 0 [pid 5209] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5207] <... openat resumed>) = 4 [ 124.143962][ T5205] loop5: detected capacity change from 0 to 1024 [pid 5209] <... prctl resumed>) = 0 [pid 5207] ioctl(4, LOOP_SET_FD, 3 [pid 5206] munmap(0x7f7064400000, 138412032 [pid 5205] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] <... umount2 resumed>) = 0 [pid 5208] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5209] setpgid(0, 0) = 0 [pid 5209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5206] <... munmap resumed>) = 0 [pid 5076] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5209] <... openat resumed>) = 3 [pid 5209] write(3, "1000", 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5209] <... write resumed>) = 4 [pid 5209] close(3 [pid 5076] newfstatat(AT_FDCWD, "./19/file1", [pid 5209] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5209] symlink("/dev/binderfs", "./binderfs" [pid 5207] <... ioctl resumed>) = 0 [pid 5206] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5205] <... mount resumed>) = 0 [pid 5209] <... symlink resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5206] <... openat resumed>) = 4 [pid 5205] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5076] newfstatat(4, "", [pid 5207] close(3 [pid 5206] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5208] <... write resumed>) = 524288 [ 124.200203][ T5207] loop2: detected capacity change from 0 to 1024 [pid 5209] memfd_create("syzkaller", 0 [pid 5207] <... close resumed>) = 0 [pid 5205] <... openat resumed>) = 3 [pid 5076] getdents64(4, [pid 5207] close(4 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5207] <... close resumed>) = 0 [pid 5076] getdents64(4, [pid 5207] mkdir("./file1", 0777 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5207] <... mkdir resumed>) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./19/file1" [pid 5209] <... memfd_create resumed>) = 3 [pid 5205] chdir("./file1" [pid 5076] <... rmdir resumed>) = 0 [pid 5209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5208] munmap(0x7f7064400000, 138412032 [pid 5207] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5206] <... ioctl resumed>) = 0 [pid 5205] <... chdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5209] <... mmap resumed>) = 0x7f7064400000 [pid 5205] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5208] <... munmap resumed>) = 0 [pid 5205] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] close(3 [pid 5205] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./19" [pid 5209] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5208] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5206] close(3 [pid 5205] <... openat resumed>) = 4 [pid 5076] <... rmdir resumed>) = 0 [pid 5209] <... write resumed>) = 524288 [pid 5208] <... openat resumed>) = 4 [pid 5207] <... mount resumed>) = 0 [pid 5206] <... close resumed>) = 0 [ 124.250780][ T5206] loop3: detected capacity change from 0 to 1024 [pid 5205] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5207] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5205] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] mkdir("./20", 0777 [pid 5206] close(4 [pid 5208] ioctl(4, LOOP_SET_FD, 3 [pid 5205] exit_group(0 [pid 5076] <... mkdir resumed>) = 0 [pid 5209] munmap(0x7f7064400000, 138412032 [pid 5208] <... ioctl resumed>) = 0 [pid 5207] <... openat resumed>) = 3 [pid 5206] <... close resumed>) = 0 [pid 5205] <... exit_group resumed>) = ? [pid 5207] chdir("./file1") = 0 [pid 5207] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5209] <... munmap resumed>) = 0 [pid 5208] close(3 [pid 5207] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5206] mkdir("./file1", 0777 [pid 5205] +++ exited with 0 +++ [pid 5209] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5208] <... close resumed>) = 0 [pid 5207] <... openat resumed>) = 4 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5208] close(4 [pid 5206] <... mkdir resumed>) = 0 [pid 5209] <... openat resumed>) = 4 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5205, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5208] <... close resumed>) = 0 [pid 5209] ioctl(4, LOOP_SET_FD, 3 [pid 5206] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5207] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 124.327877][ T5208] loop0: detected capacity change from 0 to 1024 [pid 5208] mkdir("./file1", 0777 [pid 5080] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./19/binderfs" [pid 5208] <... mkdir resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5080] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5208] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] <... umount2 resumed>) = 0 [pid 5209] <... ioctl resumed>) = 0 [pid 5209] close(3) = 0 [pid 5209] close(4) = 0 [pid 5209] mkdir("./file1", 0777 [pid 5080] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5209] <... mkdir resumed>) = 0 [pid 5206] <... mount resumed>) = 0 [pid 5209] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5206] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./19/file1", [pid 5206] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5206] chdir("./file1" [ 124.368594][ T5209] loop4: detected capacity change from 0 to 1024 [pid 5080] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5207] <... ioctl resumed>) = 0 [pid 5206] <... chdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5206] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5206] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5206] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5206] exit_group(0 [pid 5207] exit_group(0 [pid 5080] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5206] <... exit_group resumed>) = ? [pid 5207] <... exit_group resumed>) = ? [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 5206] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5206, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5078] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5207] +++ exited with 0 +++ [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5207, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(4, [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... ioctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] close(4 [pid 5208] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5076] close(3 [pid 5080] rmdir("./19/file1" [pid 5076] <... close resumed>) = 0 [pid 5078] unlink("./19/binderfs") = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] newfstatat(3, "", [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5209] <... mount resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5209] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5209] chdir("./file1" [pid 5077] getdents64(3, [pid 5209] <... chdir resumed>) = 0 [pid 5209] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5209] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(3, [pid 5209] <... openat resumed>) = 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5209] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5209] <... ioctl resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] unlink("./20/binderfs" [pid 5209] exit_group(0) = ? [pid 5077] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5210 attached [pid 5208] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] close(3 [pid 5077] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5210] set_robust_list(0x555574eaa660, 24 [pid 5208] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5210 [pid 5210] <... set_robust_list resumed>) = 0 [pid 5208] ioctl(3, LOOP_CLR_FD [pid 5210] chdir("./20" [pid 5080] rmdir("./19" [pid 5210] <... chdir resumed>) = 0 [pid 5208] <... ioctl resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5210] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5210] setpgid(0, 0 [pid 5208] close(3 [pid 5077] <... umount2 resumed>) = 0 [pid 5208] <... close resumed>) = 0 [pid 5080] mkdir("./20", 0777 [pid 5077] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5208] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5210] <... setpgid resumed>) = 0 [pid 5208] <... openat resumed>) = 3 [pid 5078] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5209] +++ exited with 0 +++ [pid 5208] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... mkdir resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./20/file1", [pid 5210] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5208] <... ioctl resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5209, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5080] <... openat resumed>) = 3 [pid 5077] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5210] <... openat resumed>) = 3 [pid 5208] exit_group(0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5208] <... exit_group resumed>) = ? [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./19/file1", [pid 5077] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5210] write(3, "1000", 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5210] <... write resumed>) = 4 [pid 5078] umount2("./19/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5210] close(3 [pid 5077] newfstatat(4, "", [pid 5210] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5210] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5210] <... symlink resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5210] memfd_create("syzkaller", 0 [ 124.419481][ T5208] hfsplus: unable to set blocksize to 1024! [ 124.441781][ T5208] hfsplus: unable to find HFS+ superblock [pid 5078] newfstatat(4, "", [pid 5208] +++ exited with 0 +++ [pid 5079] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, [pid 5079] newfstatat(3, "", [pid 5210] <... memfd_create resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(3, [pid 5077] getdents64(4, [pid 5210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] getdents64(4, [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5208, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5210] <... mmap resumed>) = 0x7f7064400000 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] close(4 [pid 5075] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5210] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] getdents64(4, [pid 5077] <... close resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] rmdir("./20/file1" [pid 5079] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] close(4 [pid 5079] unlink("./20/binderfs" [pid 5078] <... close resumed>) = 0 [pid 5077] getdents64(3, [pid 5075] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] newfstatat(3, "", [pid 5078] rmdir("./19/file1" [pid 5077] close(3 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... close resumed>) = 0 [pid 5075] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... unlink resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] rmdir("./20" [pid 5075] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5077] <... rmdir resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] mkdir("./21", 0777 [pid 5075] unlink("./20/binderfs") = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5075] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./20/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] close(3) = 0 [pid 5075] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5210] <... write resumed>) = 524288 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] rmdir("./19" [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] <... openat resumed>) = 4 [pid 5210] munmap(0x7f7064400000, 138412032) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5075] newfstatat(4, "", [pid 5077] <... openat resumed>) = 3 [pid 5210] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5079] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5210] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5210] <... ioctl resumed>) = 0 [pid 5080] close(3 [pid 5079] newfstatat(AT_FDCWD, "./20/file1", [pid 5078] mkdir("./20", 0777 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5075] getdents64(4, [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] rmdir("./20/file1" [pid 5080] <... close resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... mkdir resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, [pid 5079] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] <... openat resumed>) = 3 [pid 5075] close(3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5079] getdents64(4, [pid 5075] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] rmdir("./20" [pid 5079] close(4 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5211 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./20/file1"./strace-static-x86_64: Process 5211 attached ) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5079] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5075] mkdir("./21", 0777 [pid 5211] set_robust_list(0x555574eaa660, 24 [pid 5079] rmdir("./20" [pid 5211] <... set_robust_list resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5079] mkdir("./21", 0777 [pid 5211] chdir("./20" [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5211] <... chdir resumed>) = 0 [pid 5210] close(3 [pid 5079] <... mkdir resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5210] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5211] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5210] close(4 [pid 5079] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5211] <... prctl resumed>) = 0 [pid 5210] <... close resumed>) = 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5210] mkdir("./file1", 0777 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5211] setpgid(0, 0 [pid 5210] <... mkdir resumed>) = 0 [pid 5211] <... setpgid resumed>) = 0 [pid 5210] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5075] close(3 [pid 5211] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] <... close resumed>) = 0 [ 124.563249][ T5210] loop1: detected capacity change from 0 to 1024 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5211] <... openat resumed>) = 3 [pid 5210] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5212 attached [pid 5211] write(3, "1000", 4 [pid 5078] <... ioctl resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5211] <... write resumed>) = 4 [pid 5212] set_robust_list(0x555574eaa660, 24 [pid 5210] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5212 [pid 5212] <... set_robust_list resumed>) = 0 [pid 5211] close(3 [pid 5210] <... openat resumed>) = 3 [pid 5212] chdir("./21" [pid 5210] chdir("./file1" [pid 5211] <... close resumed>) = 0 [pid 5210] <... chdir resumed>) = 0 [pid 5212] <... chdir resumed>) = 0 [pid 5210] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5212] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5211] symlink("/dev/binderfs", "./binderfs" [pid 5210] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] close(3 [pid 5212] <... prctl resumed>) = 0 [pid 5210] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5212] setpgid(0, 0 [pid 5210] <... openat resumed>) = 4 [pid 5078] <... close resumed>) = 0 [pid 5212] <... setpgid resumed>) = 0 [pid 5210] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5211] <... symlink resumed>) = 0 [pid 5210] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5212] <... openat resumed>) = 3 [pid 5212] write(3, "1000", 4 [pid 5210] exit_group(0 [pid 5212] <... write resumed>) = 4 [pid 5210] <... exit_group resumed>) = ? [pid 5211] memfd_create("syzkaller", 0 [pid 5210] +++ exited with 0 +++ [pid 5077] close(3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5210, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5212] close(3) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5213 [pid 5212] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... close resumed>) = 0 [pid 5212] <... symlink resumed>) = 0 [pid 5211] <... memfd_create resumed>) = 3 [pid 5076] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5212] memfd_create("syzkaller", 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5213 attached [pid 5076] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5213] set_robust_list(0x555574eaa660, 24 [pid 5212] <... memfd_create resumed>) = 3 [pid 5076] <... openat resumed>) = 3 [pid 5213] <... set_robust_list resumed>) = 0 [pid 5212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] newfstatat(3, "", [pid 5213] chdir("./20" [pid 5212] <... mmap resumed>) = 0x7f7064400000 [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5213] <... chdir resumed>) = 0 [pid 5211] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5213] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5213] <... prctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5213] setpgid(0, 0 [pid 5212] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5211] <... mmap resumed>) = 0x7f7064400000 [pid 5076] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5213] <... setpgid resumed>) = 0 [pid 5213] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] close(3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... close resumed>) = 0 ./strace-static-x86_64: Process 5214 attached [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] unlink("./20/binderfs" [pid 5214] set_robust_list(0x555574eaa660, 24 [pid 5213] <... openat resumed>) = 3 [pid 5211] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5214 [pid 5076] <... unlink resumed>) = 0 [pid 5214] <... set_robust_list resumed>) = 0 [pid 5213] write(3, "1000", 4 [pid 5214] chdir("./21" [pid 5213] <... write resumed>) = 4 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5215 [pid 5213] close(3) = 0 [ 124.647261][ T5087] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5213] symlink("/dev/binderfs", "./binderfs" [pid 5214] <... chdir resumed>) = 0 [pid 5213] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5215 attached [pid 5214] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5215] set_robust_list(0x555574eaa660, 24 [pid 5214] <... prctl resumed>) = 0 [pid 5213] memfd_create("syzkaller", 0 [pid 5215] <... set_robust_list resumed>) = 0 [pid 5214] setpgid(0, 0) = 0 [pid 5215] chdir("./21" [pid 5214] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5212] <... write resumed>) = 524288 [pid 5215] <... chdir resumed>) = 0 [pid 5214] <... openat resumed>) = 3 [pid 5213] <... memfd_create resumed>) = 3 [pid 5215] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5213] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5215] <... prctl resumed>) = 0 [pid 5214] write(3, "1000", 4 [pid 5213] <... mmap resumed>) = 0x7f7064400000 [pid 5215] setpgid(0, 0) = 0 [pid 5214] <... write resumed>) = 4 [pid 5213] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5076] <... umount2 resumed>) = 0 [pid 5215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5214] close(3 [pid 5215] <... openat resumed>) = 3 [pid 5214] <... close resumed>) = 0 [pid 5214] symlink("/dev/binderfs", "./binderfs" [pid 5215] write(3, "1000", 4 [pid 5214] <... symlink resumed>) = 0 [pid 5215] <... write resumed>) = 4 [pid 5214] memfd_create("syzkaller", 0 [pid 5212] munmap(0x7f7064400000, 138412032 [pid 5215] close(3 [pid 5214] <... memfd_create resumed>) = 3 [pid 5212] <... munmap resumed>) = 0 [pid 5215] <... close resumed>) = 0 [pid 5214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5215] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5211] <... write resumed>) = 524288 [pid 5076] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5215] memfd_create("syzkaller", 0 [pid 5214] <... mmap resumed>) = 0x7f7064400000 [pid 5212] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5214] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5212] <... openat resumed>) = 4 [pid 5211] munmap(0x7f7064400000, 138412032 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5215] <... memfd_create resumed>) = 3 [pid 5213] <... write resumed>) = 524288 [pid 5211] <... munmap resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./20/file1", [pid 5215] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5212] ioctl(4, LOOP_SET_FD, 3 [pid 5215] <... mmap resumed>) = 0x7f7064400000 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5211] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5076] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5211] ioctl(4, LOOP_SET_FD, 3 [pid 5076] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5213] munmap(0x7f7064400000, 138412032 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5215] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5213] <... munmap resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5214] <... write resumed>) = 524288 [pid 5212] <... ioctl resumed>) = 0 [pid 5211] <... ioctl resumed>) = 0 [ 124.749968][ T5212] loop0: detected capacity change from 0 to 1024 [ 124.758900][ T5211] loop5: detected capacity change from 0 to 1024 [pid 5076] rmdir("./20/file1" [pid 5211] close(3 [pid 5076] <... rmdir resumed>) = 0 [pid 5213] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5212] close(3 [pid 5213] <... openat resumed>) = 4 [pid 5212] <... close resumed>) = 0 [pid 5212] close(4) = 0 [pid 5213] ioctl(4, LOOP_SET_FD, 3 [pid 5212] mkdir("./file1", 0777) = 0 [pid 5211] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5214] munmap(0x7f7064400000, 138412032) = 0 [pid 5212] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5214] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5211] close(4 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5214] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5211] <... close resumed>) = 0 [pid 5076] close(3 [pid 5211] mkdir("./file1", 0777 [pid 5076] <... close resumed>) = 0 [pid 5215] <... write resumed>) = 524288 [pid 5211] <... mkdir resumed>) = 0 [pid 5076] rmdir("./20" [pid 5211] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5213] <... ioctl resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./21", 0777 [pid 5213] close(3) = 0 [pid 5215] munmap(0x7f7064400000, 138412032 [ 124.796784][ T5213] loop3: detected capacity change from 0 to 1024 [ 124.813542][ T5214] loop2: detected capacity change from 0 to 1024 [pid 5213] close(4 [pid 5215] <... munmap resumed>) = 0 [pid 5213] <... close resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5213] mkdir("./file1", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5215] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5213] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] <... openat resumed>) = 3 [pid 5215] <... openat resumed>) = 4 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5215] ioctl(4, LOOP_SET_FD, 3 [pid 5211] <... mount resumed>) = 0 [pid 5211] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5211] chdir("./file1") = 0 [pid 5211] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5214] close(3 [pid 5212] <... mount resumed>) = 0 [pid 5211] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5214] <... close resumed>) = 0 [pid 5211] <... openat resumed>) = 4 [pid 5214] close(4 [pid 5212] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5211] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5214] <... close resumed>) = 0 [pid 5212] <... openat resumed>) = 3 [pid 5214] mkdir("./file1", 0777 [pid 5212] chdir("./file1" [pid 5215] <... ioctl resumed>) = 0 [pid 5214] <... mkdir resumed>) = 0 [pid 5213] <... mount resumed>) = 0 [pid 5212] <... chdir resumed>) = 0 [pid 5215] close(3 [pid 5212] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5214] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5213] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5076] <... ioctl resumed>) = 0 [pid 5213] <... openat resumed>) = 3 [pid 5076] close(3 [pid 5212] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5215] <... close resumed>) = 0 [pid 5213] chdir("./file1" [pid 5212] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5215] close(4 [pid 5213] <... chdir resumed>) = 0 [pid 5212] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5216 attached [pid 5215] <... close resumed>) = 0 [pid 5213] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5212] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5211] <... ioctl resumed>) = 0 [pid 5216] set_robust_list(0x555574eaa660, 24 [pid 5215] mkdir("./file1", 0777 [pid 5213] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5212] <... ioctl resumed>) = 0 [ 124.838370][ T5215] loop4: detected capacity change from 0 to 1024 [pid 5211] exit_group(0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5216 [pid 5216] <... set_robust_list resumed>) = 0 [pid 5215] <... mkdir resumed>) = 0 [pid 5213] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5212] exit_group(0 [pid 5211] <... exit_group resumed>) = ? [pid 5216] chdir("./21" [pid 5215] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5213] <... openat resumed>) = 4 [pid 5212] <... exit_group resumed>) = ? [pid 5213] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5212] +++ exited with 0 +++ [pid 5216] <... chdir resumed>) = 0 [pid 5213] <... ioctl resumed>) = 0 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5212, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5216] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5213] exit_group(0 [pid 5216] <... prctl resumed>) = 0 [pid 5213] <... exit_group resumed>) = ? [pid 5211] +++ exited with 0 +++ [pid 5216] setpgid(0, 0 [pid 5213] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5211, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5075] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5216] <... setpgid resumed>) = 0 [pid 5214] <... mount resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5216] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5213, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5075] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5216] <... openat resumed>) = 3 [pid 5215] <... mount resumed>) = 0 [pid 5080] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... openat resumed>) = 3 [pid 5216] write(3, "1000", 4 [pid 5215] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5214] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(3, "", [pid 5216] <... write resumed>) = 4 [pid 5215] <... openat resumed>) = 3 [pid 5214] <... openat resumed>) = 3 [pid 5080] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5216] close(3 [pid 5215] chdir("./file1" [pid 5214] chdir("./file1" [pid 5080] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5075] getdents64(3, [pid 5216] <... close resumed>) = 0 [pid 5215] <... chdir resumed>) = 0 [pid 5214] <... chdir resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 5078] newfstatat(3, "", [pid 5216] symlink("/dev/binderfs", "./binderfs" [pid 5215] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5214] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5216] <... symlink resumed>) = 0 [pid 5215] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5214] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] getdents64(3, [pid 5078] getdents64(3, [pid 5216] memfd_create("syzkaller", 0 [pid 5215] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5214] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5216] <... memfd_create resumed>) = 3 [pid 5215] <... openat resumed>) = 4 [pid 5214] <... openat resumed>) = 4 [pid 5080] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5215] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5214] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5216] <... mmap resumed>) = 0x7f7064400000 [pid 5215] <... ioctl resumed>) = 0 [pid 5214] <... ioctl resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5078] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5215] exit_group(0 [pid 5214] exit_group(0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5215] <... exit_group resumed>) = ? [pid 5214] <... exit_group resumed>) = ? [pid 5080] unlink("./20/binderfs" [pid 5078] unlink("./20/binderfs" [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5214] +++ exited with 0 +++ [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5075] unlink("./21/binderfs") = 0 [pid 5216] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5214, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5075] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5215] +++ exited with 0 +++ [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5215, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5079] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5080] <... umount2 resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5075] <... umount2 resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] unlink("./21/binderfs" [pid 5079] getdents64(3, [pid 5080] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] newfstatat(AT_FDCWD, "./20/file1", [pid 5079] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... unlink resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] unlink("./21/binderfs" [pid 5078] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(AT_FDCWD, "./21/file1", [pid 5080] <... openat resumed>) = 4 [pid 5079] <... unlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] newfstatat(4, "", [pid 5078] newfstatat(AT_FDCWD, "./20/file1", [pid 5075] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(4, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] umount2("./20/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... openat resumed>) = 4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = 0 [pid 5080] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5078] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] newfstatat(4, "", [pid 5080] <... close resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5216] <... write resumed>) = 524288 [pid 5080] rmdir("./20/file1" [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5077] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5216] munmap(0x7f7064400000, 138412032 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] newfstatat(4, "", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] getdents64(4, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] newfstatat(AT_FDCWD, "./21/file1", [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(3, [pid 5216] <... munmap resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./20") = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] newfstatat(AT_FDCWD, "./21/file1", [pid 5080] mkdir("./21", 0777 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5216] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] getdents64(4, [pid 5077] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(4, [pid 5216] <... openat resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5216] ioctl(4, LOOP_SET_FD, 3 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] getdents64(4, [pid 5077] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] close(4 [pid 5080] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5075] <... close resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] newfstatat(4, "", [pid 5078] close(4 [pid 5077] newfstatat(4, "", [pid 5075] rmdir("./21/file1" [pid 5216] <... ioctl resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5080] close(3 [pid 5079] getdents64(4, [pid 5080] <... close resumed>) = 0 [pid 5078] rmdir("./20/file1" [pid 5077] getdents64(4, [pid 5075] getdents64(3, [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] getdents64(4, [pid 5078] getdents64(3, [pid 5077] getdents64(4, [pid 5075] close(3 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] <... close resumed>) = 0 [pid 5079] close(4 [pid 5078] close(3 [pid 5077] close(4 [pid 5079] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5075] rmdir("./21" [pid 5079] rmdir("./21/file1" [pid 5078] rmdir("./20" [pid 5077] rmdir("./21/file1" [pid 5075] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5217 attached [pid 5216] close(3 [pid 5079] <... rmdir resumed>) = 0 [pid 5216] <... close resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5217 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5217] set_robust_list(0x555574eaa660, 24 [pid 5216] close(4 [pid 5217] <... set_robust_list resumed>) = 0 [pid 5216] <... close resumed>) = 0 [pid 5079] getdents64(3, [pid 5077] getdents64(3, [pid 5075] mkdir("./22", 0777 [pid 5216] mkdir("./file1", 0777 [pid 5217] chdir("./21" [pid 5216] <... mkdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] mkdir("./21", 0777 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5217] <... chdir resumed>) = 0 [pid 5216] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] close(3 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] close(3 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5217] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5217] <... prctl resumed>) = 0 [pid 5079] rmdir("./21" [pid 5077] rmdir("./21" [pid 5217] setpgid(0, 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5217] <... setpgid resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5075] <... ioctl resumed>) = 0 [pid 5217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] mkdir("./22", 0777 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5075] close(3 [pid 5217] <... openat resumed>) = 3 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] mkdir("./22", 0777 [pid 5075] <... close resumed>) = 0 [pid 5216] <... mount resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5216] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5217] write(3, "1000", 4) = 4 [pid 5216] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [ 125.052458][ T5216] loop1: detected capacity change from 0 to 1024 [pid 5217] close(3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5216] chdir("./file1" [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5217] <... close resumed>) = 0 [pid 5216] <... chdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5218 [pid 5216] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5218 attached [pid 5217] symlink("/dev/binderfs", "./binderfs" [pid 5218] set_robust_list(0x555574eaa660, 24 [pid 5216] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5218] <... set_robust_list resumed>) = 0 [pid 5217] <... symlink resumed>) = 0 [pid 5216] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5218] chdir("./22" [pid 5217] memfd_create("syzkaller", 0 [pid 5216] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5216] exit_group(0 [pid 5218] <... chdir resumed>) = 0 [pid 5217] <... memfd_create resumed>) = 3 [pid 5216] <... exit_group resumed>) = ? [pid 5078] <... ioctl resumed>) = 0 [pid 5218] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5217] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5216] +++ exited with 0 +++ [pid 5218] <... prctl resumed>) = 0 [pid 5217] <... mmap resumed>) = 0x7f7064400000 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5216, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5218] setpgid(0, 0) = 0 [pid 5076] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5217] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5218] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 3 [pid 5218] write(3, "1000", 4 [pid 5217] <... write resumed>) = 524288 [pid 5077] <... ioctl resumed>) = 0 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5218] <... write resumed>) = 4 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5218] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5218] <... close resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5218] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5217] munmap(0x7f7064400000, 138412032 [pid 5078] close(3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... close resumed>) = 0 [pid 5218] memfd_create("syzkaller", 0 [pid 5217] <... munmap resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] unlink("./21/binderfs" [pid 5218] <... memfd_create resumed>) = 3 [pid 5218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5217] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5217] <... openat resumed>) = 4 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5219 [pid 5077] close(3./strace-static-x86_64: Process 5219 attached [pid 5218] <... mmap resumed>) = 0x7f7064400000 [pid 5217] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5219] set_robust_list(0x555574eaa660, 24 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5217] <... ioctl resumed>) = 0 [pid 5219] <... set_robust_list resumed>) = 0 [pid 5076] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5220 [pid 5219] chdir("./21" [pid 5218] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5219] <... chdir resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./21/file1", [pid 5219] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5219] <... prctl resumed>) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5221 [pid 5076] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5220 attached [pid 5219] setpgid(0, 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5219] <... setpgid resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5220] set_robust_list(0x555574eaa660, 24./strace-static-x86_64: Process 5221 attached ) = 0 [pid 5219] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... openat resumed>) = 4 [pid 5221] set_robust_list(0x555574eaa660, 24 [pid 5076] newfstatat(4, "", [pid 5221] <... set_robust_list resumed>) = 0 [pid 5220] chdir("./22" [pid 5221] chdir("./22" [pid 5219] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5221] <... chdir resumed>) = 0 [pid 5220] <... chdir resumed>) = 0 [pid 5219] write(3, "1000", 4 [pid 5221] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5221] setpgid(0, 0) = 0 [pid 5221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5221] write(3, "1000", 4) = 4 [pid 5220] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5219] <... write resumed>) = 4 [pid 5218] <... write resumed>) = 524288 [pid 5076] getdents64(4, [pid 5221] close(3 [pid 5220] <... prctl resumed>) = 0 [pid 5219] close(3 [pid 5217] close(3 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5221] <... close resumed>) = 0 [pid 5220] setpgid(0, 0 [pid 5219] <... close resumed>) = 0 [pid 5217] <... close resumed>) = 0 [pid 5220] <... setpgid resumed>) = 0 [pid 5219] symlink("/dev/binderfs", "./binderfs" [pid 5217] close(4 [pid 5076] getdents64(4, [pid 5221] symlink("/dev/binderfs", "./binderfs" [pid 5219] <... symlink resumed>) = 0 [pid 5217] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5221] <... symlink resumed>) = 0 [pid 5217] mkdir("./file1", 0777 [pid 5076] close(4 [pid 5221] memfd_create("syzkaller", 0 [pid 5219] memfd_create("syzkaller", 0 [pid 5217] <... mkdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5221] <... memfd_create resumed>) = 3 [pid 5217] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5220] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5221] <... mmap resumed>) = 0x7f7064400000 [ 125.243175][ T5217] loop5: detected capacity change from 0 to 1024 [pid 5076] rmdir("./21/file1" [pid 5221] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5220] <... openat resumed>) = 3 [pid 5219] <... memfd_create resumed>) = 3 [pid 5218] munmap(0x7f7064400000, 138412032 [pid 5217] <... mount resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5220] write(3, "1000", 4 [pid 5219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5218] <... munmap resumed>) = 0 [pid 5217] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5076] getdents64(3, [pid 5220] <... write resumed>) = 4 [pid 5219] <... mmap resumed>) = 0x7f7064400000 [pid 5220] close(3 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5217] <... openat resumed>) = 3 [pid 5220] <... close resumed>) = 0 [pid 5076] close(3 [pid 5220] symlink("/dev/binderfs", "./binderfs" [pid 5219] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5217] chdir("./file1" [pid 5076] <... close resumed>) = 0 [pid 5220] <... symlink resumed>) = 0 [pid 5218] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5217] <... chdir resumed>) = 0 [pid 5076] rmdir("./21" [pid 5217] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5076] <... rmdir resumed>) = 0 [pid 5218] <... openat resumed>) = 4 [pid 5217] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5220] memfd_create("syzkaller", 0 [pid 5218] ioctl(4, LOOP_SET_FD, 3 [pid 5217] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] mkdir("./22", 0777 [pid 5217] <... openat resumed>) = 4 [pid 5217] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5076] <... mkdir resumed>) = 0 [pid 5220] <... memfd_create resumed>) = 3 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5220] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5076] <... openat resumed>) = 3 [pid 5221] <... write resumed>) = 524288 [pid 5220] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5221] munmap(0x7f7064400000, 138412032) = 0 [pid 5076] <... ioctl resumed>) = 0 [ 125.344822][ T5218] loop0: detected capacity change from 0 to 1024 [pid 5076] close(3 [pid 5221] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5218] <... ioctl resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5221] ioctl(4, LOOP_SET_FD, 3 [pid 5219] <... write resumed>) = 524288 [pid 5218] close(3 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5218] <... close resumed>) = 0 [pid 5218] close(4) = 0 [pid 5221] <... ioctl resumed>) = 0 [pid 5218] mkdir("./file1", 0777 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5222 ./strace-static-x86_64: Process 5222 attached [pid 5221] close(3 [pid 5219] munmap(0x7f7064400000, 138412032 [pid 5218] <... mkdir resumed>) = 0 [pid 5221] <... close resumed>) = 0 [pid 5221] close(4 [pid 5222] set_robust_list(0x555574eaa660, 24 [pid 5219] <... munmap resumed>) = 0 [pid 5218] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5222] <... set_robust_list resumed>) = 0 [pid 5221] <... close resumed>) = 0 [pid 5221] mkdir("./file1", 0777 [pid 5222] chdir("./22" [pid 5221] <... mkdir resumed>) = 0 [pid 5222] <... chdir resumed>) = 0 [pid 5222] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5221] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5222] <... prctl resumed>) = 0 [pid 5222] setpgid(0, 0) = 0 [ 125.387314][ T5221] loop2: detected capacity change from 0 to 1024 [ 125.434675][ T5218] ================================================================== [ 125.442789][ T5218] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0xf86/0x1070 [ 125.451116][ T5218] Read of size 2 at addr ffff888024fba400 by task syz-executor204/5218 [ 125.459375][ T5218] [ 125.461707][ T5218] CPU: 1 PID: 5218 Comm: syz-executor204 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 125.471830][ T5218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 125.481999][ T5218] Call Trace: [ 125.485357][ T5218] [ 125.488304][ T5218] dump_stack_lvl+0x116/0x1f0 [ 125.493037][ T5218] print_report+0xc3/0x620 [ 125.497492][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.502397][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.507293][ T5218] ? __phys_addr+0xc6/0x150 [ 125.511829][ T5218] kasan_report+0xd9/0x110 [ 125.516291][ T5218] ? hfsplus_read_wrapper+0xf86/0x1070 [ 125.521822][ T5218] ? hfsplus_read_wrapper+0xf86/0x1070 [ 125.527332][ T5218] hfsplus_read_wrapper+0xf86/0x1070 [ 125.532668][ T5218] ? __pfx_hfsplus_read_wrapper+0x10/0x10 [ 125.538430][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.543326][ T5218] ? do_raw_spin_lock+0x12d/0x2c0 [ 125.548392][ T5218] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 125.553811][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.558823][ T5218] ? do_raw_spin_unlock+0x172/0x230 [ 125.564127][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.569058][ T5218] ? _raw_spin_unlock+0x28/0x50 [ 125.573955][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.578853][ T5218] ? find_nls+0x125/0x170 [ 125.583234][ T5218] hfsplus_fill_super+0x352/0x1bc0 [ 125.588403][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.593310][ T5218] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 125.598906][ T5218] ? bdev_name.constprop.0+0xa1/0x330 [ 125.604327][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.609228][ T5218] ? find_held_lock+0x2d/0x110 [ 125.614117][ T5218] ? do_raw_spin_lock+0x12d/0x2c0 [ 125.619197][ T5218] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 125.624795][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.629698][ T5218] ? set_blocksize+0x2b1/0x350 [ 125.634523][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.639423][ T5218] ? sb_set_blocksize+0xf6/0x120 [ 125.644419][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.649321][ T5218] ? setup_bdev_super+0x392/0x720 [ 125.654390][ T5218] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 125.660000][ T5218] mount_bdev+0x1e6/0x2d0 [ 125.664385][ T5218] ? __pfx_mount_bdev+0x10/0x10 [ 125.669334][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.674243][ T5218] ? apparmor_capable+0x126/0x1e0 [ 125.679300][ T5218] ? __pfx_hfsplus_mount+0x10/0x10 [ 125.684462][ T5218] legacy_get_tree+0x10c/0x220 [ 125.689270][ T5218] vfs_get_tree+0x92/0x380 [ 125.693733][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.698640][ T5218] path_mount+0x14e6/0x1f20 [ 125.703193][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.708090][ T5218] ? kmem_cache_free+0x12e/0x360 [ 125.713059][ T5218] ? __pfx_path_mount+0x10/0x10 [ 125.717957][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.722860][ T5218] ? putname+0x12e/0x170 [ 125.727163][ T5218] __x64_sys_mount+0x297/0x320 [ 125.731973][ T5218] ? __pfx___x64_sys_mount+0x10/0x10 [ 125.737302][ T5218] ? lockdep_hardirqs_on+0x7c/0x110 [ 125.742544][ T5218] ? _raw_spin_unlock_irq+0x2e/0x50 [ 125.747777][ T5218] ? srso_return_thunk+0x5/0x5f [ 125.752677][ T5218] ? ptrace_notify+0xf1/0x130 [ 125.757410][ T5218] do_syscall_64+0xd5/0x260 [ 125.762062][ T5218] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 125.768011][ T5218] RIP: 0033:0x7f706ca0c69a [ 125.772453][ T5218] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 125.792105][ T5218] RSP: 002b:00007ffcd3a1c1c8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 125.800553][ T5218] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f706ca0c69a [ 125.808553][ T5218] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffcd3a1c210 [ 125.816551][ T5218] RBP: 0000000000000004 R08: 00007ffcd3a1c250 R09: 0000000000000632 [ 125.824550][ T5218] R10: 0000000000000050 R11: 0000000000000286 R12: 00007ffcd3a1c210 [ 125.832571][ T5218] R13: 00007ffcd3a1c250 R14: 0000000000080000 R15: 0000000000000003 [ 125.840579][ T5218] [ 125.843614][ T5218] [ 125.845956][ T5218] The buggy address belongs to the object at ffff888024fba400 [ 125.845956][ T5218] which belongs to the cache kmalloc-512 of size 512 [ 125.860036][ T5218] The buggy address is located 0 bytes inside of [ 125.860036][ T5218] freed 512-byte region [ffff888024fba400, ffff888024fba600) [ 125.873975][ T5218] [ 125.876306][ T5218] The buggy address belongs to the physical page: [ 125.882812][ T5218] page:ffffea000093ee00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24fb8 [ 125.892992][ T5218] head:ffffea000093ee00 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 125.901949][ T5218] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 125.910380][ T5218] page_type: 0xffffffff() [ 125.914734][ T5218] raw: 00fff00000000840 ffff888015041c80 0000000000000000 dead000000000001 [ 125.923346][ T5218] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 125.931944][ T5218] page dumped because: kasan: bad access detected [ 125.938365][ T5218] page_owner tracks the page as allocated [ 125.944174][ T5218] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4522, tgid 4522 (udevd), ts 49858478025, free_ts 49837791007 [ 125.964970][ T5218] post_alloc_hook+0x2d4/0x350 [ 125.969775][ T5218] get_page_from_freelist+0xa28/0x3780 [ 125.975279][ T5218] __alloc_pages+0x22b/0x2410 [ 125.979998][ T5218] new_slab+0xcc/0x3a0 [ 125.984111][ T5218] ___slab_alloc+0x66d/0x1790 [ 125.988833][ T5218] __slab_alloc.constprop.0+0x56/0xb0 [ 125.994254][ T5218] kmalloc_trace+0x2fb/0x330 [ 125.998871][ T5218] kernfs_fop_open+0x28b/0xd40 [ 126.003690][ T5218] do_dentry_open+0x8dd/0x18c0 [ 126.008494][ T5218] path_openat+0x1dfb/0x2990 [ 126.013121][ T5218] do_filp_open+0x1dc/0x430 [ 126.017663][ T5218] do_sys_openat2+0x17a/0x1e0 [ 126.022370][ T5218] __x64_sys_openat+0x175/0x210 [ 126.027263][ T5218] do_syscall_64+0xd5/0x260 [ 126.031813][ T5218] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 126.037755][ T5218] page last free pid 4529 tgid 4529 stack trace: [ 126.044093][ T5218] free_unref_page_prepare+0x527/0xb10 [ 126.049588][ T5218] free_unref_page+0x33/0x3c0 [ 126.054306][ T5218] __put_partials+0x14c/0x170 [ 126.059051][ T5218] qlist_free_all+0x4e/0x140 [ 126.063683][ T5218] kasan_quarantine_reduce+0x192/0x1e0 [ 126.069359][ T5218] __kasan_slab_alloc+0x69/0x90 [ 126.074233][ T5218] kmem_cache_alloc_node+0x177/0x340 [ 126.079547][ T5218] __alloc_skb+0x2b1/0x380 [ 126.084005][ T5218] netlink_alloc_large_skb+0x69/0x130 [ 126.089420][ T5218] netlink_sendmsg+0x689/0xd70 [ 126.094231][ T5218] ____sys_sendmsg+0xab8/0xc90 [ 126.099028][ T5218] ___sys_sendmsg+0x135/0x1e0 [ 126.103729][ T5218] __sys_sendmsg+0x117/0x1f0 [ 126.108342][ T5218] do_syscall_64+0xd5/0x260 [ 126.112892][ T5218] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 126.118836][ T5218] [ 126.121204][ T5218] Memory state around the buggy address: [ 126.126843][ T5218] ffff888024fba300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 126.134927][ T5218] ffff888024fba380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 126.143011][ T5218] >ffff888024fba400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 126.151087][ T5218] ^ [ 126.155164][ T5218] ffff888024fba480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 126.163245][ T5218] ffff888024fba500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 126.171331][ T5218] ================================================================== [pid 5219] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5222] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5220] <... write resumed>) = 524288 [pid 5219] <... openat resumed>) = 4 [pid 5217] <... ioctl resumed>) = 0 [pid 5222] <... openat resumed>) = 3 [pid 5220] munmap(0x7f7064400000, 138412032 [pid 5219] ioctl(4, LOOP_SET_FD, 3 [pid 5217] exit_group(0) = ? [pid 5217] +++ exited with 0 +++ [pid 5220] <... munmap resumed>) = 0 [pid 5218] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5222] write(3, "1000", 4) = 4 [pid 5222] close(3) = 0 [pid 5222] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5220] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5220] ioctl(4, LOOP_SET_FD, 3 [pid 5218] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5222] memfd_create("syzkaller", 0 [pid 5218] <... openat resumed>) = 3 [pid 5222] <... memfd_create resumed>) = 3 [pid 5222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5218] ioctl(3, LOOP_CLR_FD [pid 5222] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5218] <... ioctl resumed>) = 0 [pid 5218] close(3 [pid 5220] <... ioctl resumed>) = 0 [pid 5222] <... write resumed>) = 524288 [pid 5221] <... mount resumed>) = 0 [pid 5219] <... ioctl resumed>) = 0 [pid 5218] <... close resumed>) = 0 [pid 5221] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5218] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5217, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5221] <... openat resumed>) = 3 [pid 5222] munmap(0x7f7064400000, 138412032 [pid 5220] close(3 [pid 5219] close(3 [pid 5222] <... munmap resumed>) = 0 [pid 5221] chdir("./file1" [pid 5220] <... close resumed>) = 0 [pid 5219] <... close resumed>) = 0 [pid 5218] <... openat resumed>) = 3 [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5220] close(4 [pid 5219] close(4 [pid 5222] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5221] <... chdir resumed>) = 0 [pid 5219] <... close resumed>) = 0 [pid 5218] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... restart_syscall resumed>) = 0 [pid 5222] <... openat resumed>) = 4 [pid 5221] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5218] <... ioctl resumed>) = 0 [pid 5221] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5218] exit_group(0 [pid 5222] ioctl(4, LOOP_SET_FD, 3 [ 126.192837][ T5218] Disabling lock debugging due to kernel taint [ 126.199503][ T5219] loop3: detected capacity change from 0 to 1024 [ 126.209348][ T5218] hfsplus: unable to set blocksize to 1024! [ 126.215905][ T5218] hfsplus: unable to find HFS+ superblock [ 126.225795][ T5220] loop4: detected capacity change from 0 to 1024 [pid 5221] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5220] <... close resumed>) = 0 [pid 5218] <... exit_group resumed>) = ? [pid 5080] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5221] <... openat resumed>) = 4 [pid 5220] mkdir("./file1", 0777 [pid 5219] mkdir("./file1", 0777 [pid 5218] +++ exited with 0 +++ [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5221] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5221] <... ioctl resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5221] exit_group(0 [pid 5080] newfstatat(3, "", [pid 5221] <... exit_group resumed>) = ? [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5221] +++ exited with 0 +++ [pid 5220] <... mkdir resumed>) = 0 [pid 5219] <... mkdir resumed>) = 0 [pid 5080] getdents64(3, [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5218, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5221, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5080] unlink("./21/binderfs" [pid 5220] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] <... unlink resumed>) = 0 [pid 5075] <... restart_syscall resumed>) = 0 [pid 5219] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5080] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5222] <... ioctl resumed>) = 0 [pid 5220] <... mount resumed>) = 0 [pid 5077] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5220] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5220] chdir("./file1") = 0 [pid 5077] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5220] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5075] <... openat resumed>) = 3 [pid 5220] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... openat resumed>) = 3 [pid 5220] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5220] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(3, "", [pid 5075] newfstatat(3, "", [pid 5220] exit_group(0 [pid 5080] newfstatat(AT_FDCWD, "./21/file1", [pid 5220] <... exit_group resumed>) = ? [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5220] +++ exited with 0 +++ [pid 5080] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] getdents64(3, [pid 5075] getdents64(3, [pid 5080] <... openat resumed>) = 4 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] newfstatat(4, "", [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5220, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5075] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5077] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5079] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] getdents64(4, [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5080] rmdir("./21/file1" [pid 5077] unlink("./22/binderfs" [pid 5075] unlink("./22/binderfs" [pid 5080] <... rmdir resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5077] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] close(3 [pid 5075] newfstatat(AT_FDCWD, "./22/file1", [pid 5219] <... mount resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] getdents64(3, [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] rmdir("./21" [pid 5075] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... rmdir resumed>) = 0 [ 126.303747][ T5222] loop1: detected capacity change from 0 to 1024 [pid 5222] close(3 [pid 5219] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] mkdir("./22", 0777 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5222] <... close resumed>) = 0 [pid 5079] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5222] close(4 [pid 5219] <... openat resumed>) = 3 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5222] <... close resumed>) = 0 [pid 5222] mkdir("./file1", 0777 [pid 5219] chdir("./file1" [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... openat resumed>) = 4 [pid 5079] unlink("./22/binderfs" [pid 5075] newfstatat(4, "", [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] newfstatat(AT_FDCWD, "./22/file1", [pid 5222] <... mkdir resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5222] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5219] <... chdir resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] <... unlink resumed>) = 0 [pid 5077] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(4, [pid 5219] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5079] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] close(3 [pid 5077] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5219] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5075] getdents64(4, [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] newfstatat(4, "", [pid 5219] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5222] <... mount resumed>) = 0 [pid 5219] <... openat resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] close(4 [pid 5077] getdents64(4, [pid 5222] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5219] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] newfstatat(AT_FDCWD, "./22/file1", [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... close resumed>) = 0 [pid 5219] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] rmdir("./22/file1" [pid 5222] <... openat resumed>) = 3 [pid 5219] exit_group(0 [pid 5079] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... rmdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(4, [pid 5219] <... exit_group resumed>) = ? [pid 5222] chdir("./file1" [pid 5075] getdents64(3, [pid 5222] <... chdir resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5223 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5075] close(3 [pid 5077] rmdir("./22/file1" [pid 5075] <... close resumed>) = 0 [pid 5075] rmdir("./22" [pid 5077] <... rmdir resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5223 attached [pid 5077] getdents64(3, [pid 5223] set_robust_list(0x555574eaa660, 24 [pid 5079] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5222] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] mkdir("./23", 0777 [pid 5223] <... set_robust_list resumed>) = 0 [pid 5077] close(3 [pid 5223] chdir("./22" [pid 5077] <... close resumed>) = 0 [pid 5223] <... chdir resumed>) = 0 [pid 5077] rmdir("./22" [pid 5223] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... rmdir resumed>) = 0 [pid 5222] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5075] <... mkdir resumed>) = 0 [pid 5223] <... prctl resumed>) = 0 [pid 5077] mkdir("./23", 0777 [pid 5223] setpgid(0, 0 [pid 5222] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... openat resumed>) = 4 [pid 5077] <... mkdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5223] <... setpgid resumed>) = 0 [pid 5223] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5222] <... openat resumed>) = 4 [pid 5075] <... openat resumed>) = 3 [pid 5223] <... openat resumed>) = 3 [pid 5222] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] newfstatat(4, "", [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5077] <... openat resumed>) = 3 [pid 5223] write(3, "1000", 4) = 4 [pid 5222] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5223] close(3 [pid 5219] +++ exited with 0 +++ [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5223] <... close resumed>) = 0 [pid 5077] close(3 [pid 5075] close(3 [pid 5223] symlink("/dev/binderfs", "./binderfs" [pid 5222] exit_group(0 [pid 5079] getdents64(4, [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5219, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5223] <... symlink resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5222] <... exit_group resumed>) = ? [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5222] +++ exited with 0 +++ [pid 5079] getdents64(4, [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5223] memfd_create("syzkaller", 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5222, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5223] <... memfd_create resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5079] close(4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5223] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... close resumed>) = 0 [pid 5076] unlink("./22/binderfs" [pid 5223] <... mmap resumed>) = 0x7f7064400000 [pid 5079] rmdir("./22/file1" [pid 5078] <... openat resumed>) = 3 [pid 5076] <... unlink resumed>) = 0 [pid 5076] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5224 attached [pid 5079] <... rmdir resumed>) = 0 [pid 5078] newfstatat(3, "", ./strace-static-x86_64: Process 5225 attached [pid 5224] set_robust_list(0x555574eaa660, 24 [pid 5223] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5224 [pid 5076] <... umount2 resumed>) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5225 [pid 5223] <... write resumed>) = 524288 [pid 5076] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./22/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5224] <... set_robust_list resumed>) = 0 [pid 5076] getdents64(4, [pid 5224] chdir("./23" [pid 5078] getdents64(3, [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5225] set_robust_list(0x555574eaa660, 24 [pid 5224] <... chdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5224] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] close(3 [pid 5224] <... prctl resumed>) = 0 [pid 5076] getdents64(4, [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5224] setpgid(0, 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] <... close resumed>) = 0 [pid 5076] close(4 [pid 5224] <... setpgid resumed>) = 0 [pid 5225] <... set_robust_list resumed>) = 0 [pid 5079] rmdir("./22" [pid 5078] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5225] chdir("./23" [pid 5224] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... close resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5225] <... chdir resumed>) = 0 [pid 5223] munmap(0x7f7064400000, 138412032 [pid 5076] rmdir("./22/file1" [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5224] <... openat resumed>) = 3 [pid 5223] <... munmap resumed>) = 0 [pid 5078] unlink("./21/binderfs" [pid 5076] <... rmdir resumed>) = 0 [pid 5225] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] mkdir("./23", 0777 [pid 5076] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5223] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5076] close(3 [pid 5225] <... prctl resumed>) = 0 [pid 5223] <... openat resumed>) = 4 [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5223] ioctl(4, LOOP_SET_FD, 3 [pid 5076] rmdir("./22" [pid 5225] setpgid(0, 0 [pid 5224] write(3, "1000", 4 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... unlink resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5225] <... setpgid resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5225] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5224] <... write resumed>) = 4 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] mkdir("./23", 0777 [pid 5225] <... openat resumed>) = 3 [pid 5076] <... mkdir resumed>) = 0 [pid 5225] write(3, "1000", 4 [pid 5224] close(3 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD) = 0 [pid 5076] close(3 [pid 5078] <... umount2 resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5225] <... write resumed>) = 4 [pid 5224] <... close resumed>) = 0 [pid 5225] close(3 [pid 5224] symlink("/dev/binderfs", "./binderfs" [pid 5078] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5224] <... symlink resumed>) = 0 [pid 5225] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5225] symlink("/dev/binderfs", "./binderfs" [pid 5224] memfd_create("syzkaller", 0 [pid 5078] newfstatat(AT_FDCWD, "./21/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5225] <... symlink resumed>) = 0 [pid 5224] <... memfd_create resumed>) = 3 [pid 5078] umount2("./21/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5226 [pid 5223] <... ioctl resumed>) = 0 [pid 5223] close(3) = 0 [pid 5223] close(4) = 0 ./strace-static-x86_64: Process 5226 attached [pid 5225] memfd_create("syzkaller", 0 [pid 5224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5223] mkdir("./file1", 0777 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5226] set_robust_list(0x555574eaa660, 24) = 0 [pid 5225] <... memfd_create resumed>) = 3 [pid 5224] <... mmap resumed>) = 0x7f7064400000 [pid 5223] <... mkdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5223] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5226] chdir("./23" [pid 5225] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... openat resumed>) = 4 [pid 5226] <... chdir resumed>) = 0 [pid 5225] <... mmap resumed>) = 0x7f7064400000 [pid 5078] newfstatat(4, "", [ 126.501021][ T5223] loop5: detected capacity change from 0 to 1024 [pid 5226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5223] <... mount resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5226] setpgid(0, 0 [pid 5223] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5226] <... setpgid resumed>) = 0 [pid 5223] <... openat resumed>) = 3 [pid 5078] getdents64(4, [pid 5226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5225] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5224] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5223] chdir("./file1" [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5226] <... openat resumed>) = 3 [pid 5224] <... write resumed>) = 524288 [pid 5079] close(3 [pid 5078] getdents64(4, [pid 5226] write(3, "1000", 4 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 5223] <... chdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5226] <... write resumed>) = 4 [pid 5225] <... write resumed>) = 524288 [pid 5223] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... close resumed>) = 0 [pid 5078] rmdir("./21/file1" [pid 5223] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5226] close(3 [pid 5223] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5227 attached [pid 5226] <... close resumed>) = 0 [pid 5225] munmap(0x7f7064400000, 138412032 [pid 5224] munmap(0x7f7064400000, 138412032 [pid 5223] <... openat resumed>) = 4 [pid 5078] getdents64(3, [pid 5227] set_robust_list(0x555574eaa660, 24 [pid 5226] symlink("/dev/binderfs", "./binderfs" [pid 5227] <... set_robust_list resumed>) = 0 [pid 5225] <... munmap resumed>) = 0 [pid 5224] <... munmap resumed>) = 0 [pid 5223] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5227 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5226] <... symlink resumed>) = 0 [pid 5223] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5223] exit_group(0 [pid 5227] chdir("./23" [pid 5226] memfd_create("syzkaller", 0 [pid 5225] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5224] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5223] <... exit_group resumed>) = ? [pid 5078] close(3 [pid 5226] <... memfd_create resumed>) = 3 [pid 5227] <... chdir resumed>) = 0 [pid 5225] <... openat resumed>) = 4 [pid 5224] <... openat resumed>) = 4 [pid 5223] +++ exited with 0 +++ [pid 5078] <... close resumed>) = 0 [pid 5227] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5226] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5225] ioctl(4, LOOP_SET_FD, 3 [pid 5224] ioctl(4, LOOP_SET_FD, 3 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5223, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5078] rmdir("./21" [pid 5227] <... prctl resumed>) = 0 [pid 5226] <... mmap resumed>) = 0x7f7064400000 [pid 5080] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5080] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./22/binderfs") = 0 [pid 5080] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5227] setpgid(0, 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5227] <... setpgid resumed>) = 0 [pid 5080] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./22/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5080] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", [pid 5227] <... openat resumed>) = 3 [pid 5226] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] mkdir("./22", 0777 [pid 5227] write(3, "1000", 4 [pid 5226] <... write resumed>) = 524288 [pid 5080] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5078] <... mkdir resumed>) = 0 [pid 5227] <... write resumed>) = 4 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./22/file1") = 0 [pid 5227] close(3 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5227] <... close resumed>) = 0 [pid 5080] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3 [pid 5078] <... openat resumed>) = 3 [pid 5227] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./22" [pid 5227] <... symlink resumed>) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD) = 0 [pid 5224] <... ioctl resumed>) = 0 [pid 5078] close(3 [pid 5224] close(3) = 0 [pid 5078] <... close resumed>) = 0 [pid 5080] mkdir("./23", 0777 [pid 5227] memfd_create("syzkaller", 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [ 126.646509][ T5224] loop2: detected capacity change from 0 to 1024 [ 126.661360][ T5225] loop0: detected capacity change from 0 to 1024 [pid 5224] close(4./strace-static-x86_64: Process 5228 attached [pid 5227] <... memfd_create resumed>) = 3 [pid 5226] munmap(0x7f7064400000, 138412032 [pid 5225] <... ioctl resumed>) = 0 [pid 5224] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5228] set_robust_list(0x555574eaa660, 24 [pid 5224] mkdir("./file1", 0777 [pid 5227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5226] <... munmap resumed>) = 0 [pid 5225] close(3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5228 [pid 5227] <... mmap resumed>) = 0x7f7064400000 [pid 5225] <... close resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5225] close(4 [pid 5080] close(3) = 0 [pid 5228] <... set_robust_list resumed>) = 0 [pid 5227] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5226] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5225] <... close resumed>) = 0 [pid 5224] <... mkdir resumed>) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5228] chdir("./22"./strace-static-x86_64: Process 5229 attached [pid 5227] <... write resumed>) = 524288 [pid 5226] <... openat resumed>) = 4 [pid 5225] mkdir("./file1", 0777 [pid 5224] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5229] set_robust_list(0x555574eaa660, 24 [pid 5228] <... chdir resumed>) = 0 [pid 5227] munmap(0x7f7064400000, 138412032 [pid 5226] ioctl(4, LOOP_SET_FD, 3 [pid 5225] <... mkdir resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5229 [pid 5229] <... set_robust_list resumed>) = 0 [pid 5228] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5229] chdir("./23" [pid 5228] setpgid(0, 0) = 0 [pid 5229] <... chdir resumed>) = 0 [pid 5228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5227] <... munmap resumed>) = 0 [pid 5226] <... ioctl resumed>) = 0 [pid 5225] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5229] setpgid(0, 0) = 0 [pid 5228] <... openat resumed>) = 3 [pid 5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5227] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5226] close(3 [pid 5224] <... mount resumed>) = 0 [pid 5229] <... openat resumed>) = 3 [pid 5228] write(3, "1000", 4 [pid 5226] <... close resumed>) = 0 [pid 5228] <... write resumed>) = 4 [pid 5226] close(4 [pid 5228] close(3 [pid 5227] <... openat resumed>) = 4 [pid 5226] <... close resumed>) = 0 [pid 5228] <... close resumed>) = 0 [pid 5226] mkdir("./file1", 0777 [pid 5227] ioctl(4, LOOP_SET_FD, 3 [pid 5228] symlink("/dev/binderfs", "./binderfs" [pid 5229] write(3, "1000", 4 [pid 5226] <... mkdir resumed>) = 0 [pid 5229] <... write resumed>) = 4 [pid 5224] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5228] <... symlink resumed>) = 0 [pid 5229] close(3 [pid 5228] memfd_create("syzkaller", 0 [pid 5226] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5224] chdir("./file1" [pid 5229] <... close resumed>) = 0 [pid 5229] symlink("/dev/binderfs", "./binderfs" [pid 5224] <... chdir resumed>) = 0 [pid 5229] <... symlink resumed>) = 0 [pid 5224] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5229] memfd_create("syzkaller", 0 [pid 5228] <... memfd_create resumed>) = 3 [pid 5225] <... mount resumed>) = 0 [pid 5224] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5224] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5229] <... memfd_create resumed>) = 3 [pid 5228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5225] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5224] <... openat resumed>) = 4 [pid 5229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5224] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5228] <... mmap resumed>) = 0x7f7064400000 [pid 5229] <... mmap resumed>) = 0x7f7064400000 [pid 5225] <... openat resumed>) = 3 [pid 5229] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5227] <... ioctl resumed>) = 0 [pid 5225] chdir("./file1" [pid 5228] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5225] <... chdir resumed>) = 0 [pid 5227] close(3 [pid 5225] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5227] <... close resumed>) = 0 [pid 5227] close(4 [pid 5225] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5227] <... close resumed>) = 0 [pid 5225] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5227] mkdir("./file1", 0777) = 0 [pid 5225] <... openat resumed>) = 4 [pid 5225] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [ 126.754193][ T5226] loop1: detected capacity change from 0 to 1024 [ 126.786109][ T5227] loop4: detected capacity change from 0 to 1024 [pid 5227] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5225] <... ioctl resumed>) = 0 [pid 5224] <... ioctl resumed>) = 0 [pid 5225] exit_group(0 [pid 5224] exit_group(0) = ? [pid 5225] <... exit_group resumed>) = ? [pid 5225] +++ exited with 0 +++ [pid 5224] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5224, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5225, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5077] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", [pid 5226] <... mount resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5229] <... write resumed>) = 524288 [pid 5226] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] getdents64(3, [pid 5228] <... write resumed>) = 524288 [pid 5226] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5228] munmap(0x7f7064400000, 138412032 [pid 5226] chdir("./file1" [pid 5077] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5226] <... chdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5226] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5077] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5229] munmap(0x7f7064400000, 138412032 [pid 5228] <... munmap resumed>) = 0 [pid 5226] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5226] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] unlink("./23/binderfs" [pid 5229] <... munmap resumed>) = 0 [pid 5228] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5226] <... openat resumed>) = 4 [pid 5077] <... unlink resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5229] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5228] <... openat resumed>) = 4 [pid 5227] <... mount resumed>) = 0 [pid 5077] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5229] <... openat resumed>) = 4 [pid 5228] ioctl(4, LOOP_SET_FD, 3 [pid 5227] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5075] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5227] <... openat resumed>) = 3 [pid 5226] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5227] chdir("./file1" [pid 5075] <... openat resumed>) = 3 [pid 5075] newfstatat(3, "", [pid 5226] exit_group(0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5226] <... exit_group resumed>) = ? [pid 5226] +++ exited with 0 +++ [pid 5075] getdents64(3, [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5226, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5229] ioctl(4, LOOP_SET_FD, 3 [pid 5077] <... umount2 resumed>) = 0 [pid 5229] <... ioctl resumed>) = 0 [pid 5228] <... ioctl resumed>) = 0 [pid 5227] <... chdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5229] close(3 [pid 5227] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5228] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5228] <... close resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5229] <... close resumed>) = 0 [pid 5228] close(4 [pid 5227] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... openat resumed>) = 3 [pid 5075] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5229] close(4 [pid 5228] <... close resumed>) = 0 [pid 5227] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] newfstatat(3, "", [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5228] mkdir("./file1", 0777) = 0 [pid 5227] <... openat resumed>) = 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] unlink("./23/binderfs" [pid 5228] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5227] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] newfstatat(AT_FDCWD, "./23/file1", [pid 5075] <... unlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5227] <... ioctl resumed>) = 0 [ 126.885378][ T5228] loop3: detected capacity change from 0 to 1024 [ 126.893382][ T5229] loop5: detected capacity change from 0 to 1024 [pid 5229] <... close resumed>) = 0 [pid 5228] <... mount resumed>) = 0 [pid 5227] exit_group(0 [pid 5077] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5075] <... umount2 resumed>) = 0 [pid 5229] mkdir("./file1", 0777 [pid 5228] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5227] <... exit_group resumed>) = ? [pid 5229] <... mkdir resumed>) = 0 [pid 5228] <... openat resumed>) = 3 [pid 5229] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] newfstatat(AT_FDCWD, "./23/file1", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(4, [pid 5228] chdir("./file1" [pid 5227] +++ exited with 0 +++ [pid 5076] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5227, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./23/file1" [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] unlink("./23/binderfs" [pid 5228] <... chdir resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5228] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5079] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] getdents64(3, [pid 5075] <... openat resumed>) = 4 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5075] newfstatat(4, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5228] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5228] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] getdents64(4, [pid 5079] <... openat resumed>) = 3 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5228] <... openat resumed>) = 4 [pid 5079] newfstatat(3, "", [pid 5075] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5228] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] close(4 [pid 5228] <... ioctl resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5228] exit_group(0 [pid 5075] rmdir("./23/file1" [pid 5229] <... mount resumed>) = 0 [pid 5079] getdents64(3, [pid 5077] rmdir("./23" [pid 5075] <... rmdir resumed>) = 0 [pid 5228] <... exit_group resumed>) = ? [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, [pid 5079] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] close(3 [pid 5079] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5075] <... close resumed>) = 0 [pid 5075] rmdir("./23" [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] mkdir("./24", 0777) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5229] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5228] +++ exited with 0 +++ [pid 5079] unlink("./23/binderfs" [pid 5076] <... umount2 resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5228, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5075] mkdir("./24", 0777 [pid 5079] <... unlink resumed>) = 0 [pid 5229] <... openat resumed>) = 3 [pid 5079] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... mkdir resumed>) = 0 [pid 5229] chdir("./file1" [pid 5078] umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5229] <... chdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./23/file1", [pid 5229] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5229] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... openat resumed>) = 3 [pid 5076] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5229] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] newfstatat(3, "", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5229] <... openat resumed>) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... ioctl resumed>) = 0 [pid 5229] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] getdents64(3, [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] <... openat resumed>) = 4 [pid 5075] close(3 [pid 5077] <... ioctl resumed>) = 0 [pid 5076] newfstatat(4, "", [pid 5075] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5229] <... ioctl resumed>) = 0 [pid 5078] umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] close(3 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5230 attached [pid 5229] exit_group(0 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 5076] getdents64(4, [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5230 [pid 5229] <... exit_group resumed>) = ? [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] getdents64(4, [pid 5078] unlink("./22/binderfs" [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5230] set_robust_list(0x555574eaa660, 24 [pid 5229] +++ exited with 0 +++ [pid 5078] <... unlink resumed>) = 0 [pid 5076] close(4 [pid 5230] <... set_robust_list resumed>) = 0 [pid 5230] chdir("./24" [pid 5078] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5230] <... chdir resumed>) = 0 [pid 5230] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5229, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] rmdir("./23/file1" [pid 5230] <... prctl resumed>) = 0 [pid 5080] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5230] setpgid(0, 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5231 [pid 5230] <... setpgid resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... openat resumed>) = 3 [pid 5079] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./23/file1", [pid 5080] newfstatat(3, "", [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5231 attached [pid 5230] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... rmdir resumed>) = 0 [pid 5231] set_robust_list(0x555574eaa660, 24 [pid 5080] getdents64(3, [pid 5079] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] getdents64(3, [pid 5231] <... set_robust_list resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... openat resumed>) = 4 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] newfstatat(4, "", [pid 5080] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(3 [pid 5231] chdir("./24" [pid 5079] getdents64(4, [pid 5231] <... chdir resumed>) = 0 [pid 5230] write(3, "1000", 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... close resumed>) = 0 [pid 5231] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5230] <... write resumed>) = 4 [pid 5080] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5079] getdents64(4, [pid 5076] rmdir("./23" [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5231] <... prctl resumed>) = 0 [pid 5230] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] close(4 [pid 5078] <... umount2 resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5231] setpgid(0, 0 [pid 5230] <... close resumed>) = 0 [pid 5080] unlink("./23/binderfs" [pid 5079] <... close resumed>) = 0 [pid 5231] <... setpgid resumed>) = 0 [pid 5230] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... unlink resumed>) = 0 [pid 5079] rmdir("./23/file1" [pid 5076] mkdir("./24", 0777 [pid 5231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5230] <... symlink resumed>) = 0 [pid 5080] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... rmdir resumed>) = 0 [pid 5231] <... openat resumed>) = 3 [pid 5230] memfd_create("syzkaller", 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5079] getdents64(3, [pid 5078] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5231] write(3, "1000", 4 [pid 5230] <... memfd_create resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5231] <... write resumed>) = 4 [pid 5230] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5079] close(3 [pid 5078] newfstatat(AT_FDCWD, "./22/file1", [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5231] close(3 [pid 5230] <... mmap resumed>) = 0x7f7064400000 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5078] umount2("./22/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... close resumed>) = 0 [pid 5078] getdents64(4, [pid 5231] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] close(3 [pid 5079] rmdir("./23" [pid 5078] getdents64(4, [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./22/file1" [pid 5231] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5079] mkdir("./24", 0777 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5231] <... symlink resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] getdents64(3, [pid 5079] <... openat resumed>) = 3 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5231] memfd_create("syzkaller", 0 [pid 5078] rmdir("./22" [pid 5231] <... memfd_create resumed>) = 3 [pid 5080] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5232 [pid 5231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5231] <... mmap resumed>) = 0x7f7064400000 [pid 5080] newfstatat(AT_FDCWD, "./23/file1", [pid 5078] mkdir("./23", 0777 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5232 attached [pid 5231] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5230] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5232] set_robust_list(0x555574eaa660, 24) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5232] chdir("./24" [pid 5080] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5232] <... chdir resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5232] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... openat resumed>) = 4 [pid 5078] ioctl(3, LOOP_CLR_FD) = 0 [pid 5078] close(3) = 0 [pid 5232] <... prctl resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5232] setpgid(0, 0 [pid 5080] newfstatat(4, "", [pid 5232] <... setpgid resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] getdents64(4, [pid 5232] <... openat resumed>) = 3 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5233 ./strace-static-x86_64: Process 5233 attached [pid 5232] write(3, "1000", 4 [pid 5233] set_robust_list(0x555574eaa660, 24 [pid 5232] <... write resumed>) = 4 [pid 5233] <... set_robust_list resumed>) = 0 [pid 5233] chdir("./23" [pid 5232] close(3 [pid 5233] <... chdir resumed>) = 0 [pid 5232] <... close resumed>) = 0 [pid 5233] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5232] symlink("/dev/binderfs", "./binderfs" [pid 5080] rmdir("./23/file1" [pid 5233] <... prctl resumed>) = 0 [pid 5232] <... symlink resumed>) = 0 [pid 5230] <... write resumed>) = 524288 [pid 5080] <... rmdir resumed>) = 0 [pid 5233] setpgid(0, 0) = 0 [pid 5233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5232] memfd_create("syzkaller", 0 [pid 5230] munmap(0x7f7064400000, 138412032 [pid 5080] getdents64(3, [pid 5233] write(3, "1000", 4) = 4 [pid 5233] close(3) = 0 [pid 5232] <... memfd_create resumed>) = 3 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5233] symlink("/dev/binderfs", "./binderfs" [pid 5231] <... write resumed>) = 524288 [pid 5080] close(3 [pid 5232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5231] munmap(0x7f7064400000, 138412032 [pid 5232] <... mmap resumed>) = 0x7f7064400000 [pid 5231] <... munmap resumed>) = 0 [pid 5230] <... munmap resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5233] <... symlink resumed>) = 0 [pid 5080] rmdir("./23" [pid 5233] memfd_create("syzkaller", 0 [pid 5232] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5231] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5230] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... ioctl resumed>) = 0 [pid 5233] <... memfd_create resumed>) = 3 [pid 5233] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5230] <... openat resumed>) = 4 [pid 5080] <... rmdir resumed>) = 0 [pid 5233] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5230] ioctl(4, LOOP_SET_FD, 3 [pid 5080] mkdir("./24", 0777 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... mkdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5234 ./strace-static-x86_64: Process 5234 attached [pid 5234] set_robust_list(0x555574eaa660, 24) = 0 [pid 5234] chdir("./24") = 0 [pid 5234] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5233] <... write resumed>) = 524288 [pid 5231] <... openat resumed>) = 4 [pid 5231] ioctl(4, LOOP_SET_FD, 3 [pid 5234] <... prctl resumed>) = 0 [pid 5234] setpgid(0, 0) = 0 [pid 5234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] close(3 [pid 5233] munmap(0x7f7064400000, 138412032 [pid 5080] <... close resumed>) = 0 [pid 5232] <... write resumed>) = 524288 [pid 5234] <... openat resumed>) = 3 [pid 5233] <... munmap resumed>) = 0 [pid 5232] munmap(0x7f7064400000, 138412032 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5234] write(3, "1000", 4 [pid 5233] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5234] <... write resumed>) = 4 [pid 5233] <... openat resumed>) = 4 [pid 5234] close(3 [pid 5233] ioctl(4, LOOP_SET_FD, 3 [pid 5234] <... close resumed>) = 0 [pid 5234] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5232] <... munmap resumed>) = 0 [pid 5234] memfd_create("syzkaller", 0 [pid 5233] <... ioctl resumed>) = 0 [pid 5232] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5235 attached [pid 5234] <... memfd_create resumed>) = 3 [pid 5235] set_robust_list(0x555574eaa660, 24 [pid 5234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5230] <... ioctl resumed>) = 0 [pid 5235] <... set_robust_list resumed>) = 0 [pid 5234] <... mmap resumed>) = 0x7f7064400000 [pid 5235] chdir("./24" [pid 5234] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5232] <... openat resumed>) = 4 [pid 5230] close(3 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5235 [pid 5235] <... chdir resumed>) = 0 [pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5232] ioctl(4, LOOP_SET_FD, 3 [pid 5230] <... close resumed>) = 0 [pid 5235] <... prctl resumed>) = 0 [pid 5235] setpgid(0, 0 [pid 5230] close(4 [pid 5235] <... setpgid resumed>) = 0 [ 127.193880][ T5230] loop0: detected capacity change from 0 to 1024 [ 127.222524][ T5233] loop3: detected capacity change from 0 to 1024 [ 127.237908][ T5232] loop1: detected capacity change from 0 to 1024 [pid 5235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "1000", 4 [pid 5233] close(3 [pid 5235] <... write resumed>) = 4 [pid 5233] <... close resumed>) = 0 [pid 5235] close(3 [pid 5233] close(4 [pid 5235] <... close resumed>) = 0 [pid 5233] <... close resumed>) = 0 [pid 5230] <... close resumed>) = 0 [pid 5235] symlink("/dev/binderfs", "./binderfs" [pid 5233] mkdir("./file1", 0777 [pid 5235] <... symlink resumed>) = 0 [pid 5233] <... mkdir resumed>) = 0 [pid 5235] memfd_create("syzkaller", 0 [pid 5233] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5235] <... memfd_create resumed>) = 3 [pid 5230] mkdir("./file1", 0777 [pid 5235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5231] <... ioctl resumed>) = 0 [pid 5230] <... mkdir resumed>) = 0 [pid 5234] <... write resumed>) = 524288 [pid 5233] <... mount resumed>) = 0 [pid 5231] close(3 [pid 5230] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5231] <... close resumed>) = 0 [pid 5233] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5235] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5234] munmap(0x7f7064400000, 138412032 [pid 5233] chdir("./file1" [pid 5231] close(4 [pid 5234] <... munmap resumed>) = 0 [pid 5233] <... chdir resumed>) = 0 [pid 5232] <... ioctl resumed>) = 0 [pid 5231] <... close resumed>) = 0 [pid 5233] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5232] close(3 [pid 5231] mkdir("./file1", 0777 [pid 5233] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5233] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5234] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5233] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5232] <... close resumed>) = 0 [pid 5231] <... mkdir resumed>) = 0 [pid 5234] <... openat resumed>) = 4 [pid 5234] ioctl(4, LOOP_SET_FD, 3 [pid 5232] close(4 [pid 5231] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5232] <... close resumed>) = 0 [pid 5232] mkdir("./file1", 0777 [pid 5235] <... write resumed>) = 524288 [pid 5232] <... mkdir resumed>) = 0 [pid 5235] munmap(0x7f7064400000, 138412032 [pid 5232] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5235] <... munmap resumed>) = 0 [pid 5234] <... ioctl resumed>) = 0 [pid 5235] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5234] close(3 [pid 5235] <... openat resumed>) = 4 [pid 5234] <... close resumed>) = 0 [ 127.253611][ T5231] loop2: detected capacity change from 0 to 1024 [ 127.285634][ T5234] loop4: detected capacity change from 0 to 1024 [pid 5234] close(4 [pid 5235] ioctl(4, LOOP_SET_FD, 3 [pid 5234] <... close resumed>) = 0 [pid 5231] <... mount resumed>) = 0 [pid 5234] mkdir("./file1", 0777 [pid 5231] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5233] <... ioctl resumed>) = 0 [pid 5233] exit_group(0) = ? [pid 5233] +++ exited with 0 +++ [pid 5234] <... mkdir resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5233, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5078] umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5231] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5234] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5078] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5231] chdir("./file1" [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./23/binderfs" [pid 5231] <... chdir resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5078] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5231] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5231] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5234] <... mount resumed>) = 0 [pid 5231] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] <... umount2 resumed>) = 0 [pid 5234] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5231] <... ioctl resumed>) = 0 [pid 5234] <... openat resumed>) = 3 [pid 5232] <... mount resumed>) = 0 [pid 5234] chdir("./file1" [pid 5235] <... ioctl resumed>) = 0 [pid 5234] <... chdir resumed>) = 0 [pid 5232] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5231] exit_group(0 [pid 5078] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5232] <... openat resumed>) = 3 [pid 5231] <... exit_group resumed>) = ? [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./23/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./23/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 5235] close(3 [pid 5232] chdir("./file1" [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5232] <... chdir resumed>) = 0 [pid 5231] +++ exited with 0 +++ [pid 5235] <... close resumed>) = 0 [pid 5234] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] getdents64(4, [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5231, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5232] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5235] close(4 [pid 5234] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5232] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5230] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5235] <... close resumed>) = 0 [pid 5234] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] close(4 [pid 5235] mkdir("./file1", 0777 [pid 5234] <... openat resumed>) = 4 [pid 5078] <... close resumed>) = 0 [pid 5235] <... mkdir resumed>) = 0 [pid 5078] rmdir("./23/file1") = 0 [pid 5078] getdents64(3, [pid 5230] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5232] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [ 127.331419][ T5235] loop5: detected capacity change from 0 to 1024 [ 127.343933][ T5230] hfsplus: unable to set blocksize to 1024! [ 127.369148][ T5230] hfsplus: unable to find HFS+ superblock [pid 5234] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5230] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5234] <... ioctl resumed>) = 0 [pid 5232] <... openat resumed>) = 4 [pid 5230] ioctl(3, LOOP_CLR_FD [pid 5078] close(3 [pid 5077] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5234] exit_group(0 [pid 5078] <... close resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5234] <... exit_group resumed>) = ? [pid 5078] rmdir("./23" [pid 5077] newfstatat(3, "", [pid 5234] +++ exited with 0 +++ [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5235] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5077] getdents64(3, [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5234, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5078] mkdir("./24", 0777 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5077] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5232] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5230] <... ioctl resumed>) = 0 [pid 5079] <... restart_syscall resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5232] <... ioctl resumed>) = 0 [pid 5230] close(3 [pid 5077] newfstatat(AT_FDCWD, "./24/binderfs", [pid 5230] <... close resumed>) = 0 [pid 5232] exit_group(0 [pid 5230] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5232] <... exit_group resumed>) = ? [pid 5230] <... openat resumed>) = 3 [pid 5079] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... openat resumed>) = 3 [pid 5077] unlink("./24/binderfs" [pid 5230] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] <... unlink resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3 [pid 5230] exit_group(0 [pid 5079] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5230] <... exit_group resumed>) = ? [pid 5079] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5235] <... mount resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5230] +++ exited with 0 +++ [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5235] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... restart_syscall resumed>) = 0 [pid 5235] chdir("./file1") = 0 [pid 5235] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5235] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5235] <... openat resumed>) = 4 [pid 5235] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5236 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5235] <... ioctl resumed>) = 0 [pid 5235] exit_group(0 [pid 5075] <... openat resumed>) = 3 [pid 5235] <... exit_group resumed>) = ? [pid 5075] newfstatat(3, "", [pid 5235] +++ exited with 0 +++ [pid 5079] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5235, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5232] +++ exited with 0 +++ [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(3, ./strace-static-x86_64: Process 5236 attached [pid 5236] set_robust_list(0x555574eaa660, 24) = 0 [pid 5236] chdir("./24" [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] newfstatat(AT_FDCWD, "./24/binderfs", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5236] <... chdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] newfstatat(AT_FDCWD, "./24/file1", [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5232, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(AT_FDCWD, "./24/binderfs", [pid 5079] unlink("./24/binderfs" [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5236] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] unlink("./24/binderfs" [pid 5236] <... prctl resumed>) = 0 [pid 5236] setpgid(0, 0 [pid 5079] <... unlink resumed>) = 0 [pid 5236] <... setpgid resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... unlink resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(3, "", [pid 5075] newfstatat(AT_FDCWD, "./24/file1", [pid 5236] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 3 [pid 5077] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5236] write(3, "1000", 4) = 4 [pid 5076] getdents64(3, [pid 5075] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5236] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5236] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5236] symlink("/dev/binderfs", "./binderfs" [pid 5077] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5236] <... symlink resumed>) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5076] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5236] memfd_create("syzkaller", 0 [pid 5077] newfstatat(4, "", [pid 5080] newfstatat(3, "", [pid 5236] <... memfd_create resumed>) = 3 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 4 [pid 5236] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] getdents64(4, [pid 5076] newfstatat(AT_FDCWD, "./24/binderfs", [pid 5075] newfstatat(4, "", [pid 5236] <... mmap resumed>) = 0x7f7064400000 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] unlink("./24/binderfs" [pid 5075] getdents64(4, [pid 5079] <... umount2 resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... unlink resumed>) = 0 [pid 5075] getdents64(4, [pid 5077] close(4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] rmdir("./24/file1" [pid 5075] close(4) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5075] rmdir("./24/file1" [pid 5079] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5075] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5236] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] getdents64(3, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] close(3 [pid 5076] <... umount2 resumed>) = 0 [pid 5075] close(3 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./24/binderfs") = 0 [pid 5080] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] newfstatat(AT_FDCWD, "./24/file1", [pid 5077] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5077] rmdir("./24" [pid 5075] rmdir("./24") = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5075] mkdir("./25", 0777) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] mkdir("./25", 0777 [pid 5076] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(AT_FDCWD, "./24/file1", [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5079] <... openat resumed>) = 4 [pid 5077] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(3 [pid 5080] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./24/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5236] <... write resumed>) = 524288 [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, [pid 5236] munmap(0x7f7064400000, 138412032 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... close resumed>) = 0 [pid 5236] <... munmap resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./24/file1") = 0 [pid 5236] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] getdents64(3, [pid 5079] getdents64(4, [pid 5076] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5236] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] <... openat resumed>) = 4 [pid 5236] ioctl(4, LOOP_SET_FD, 3 [pid 5080] close(3 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] <... close resumed>) = 0 [pid 5079] getdents64(4, [pid 5076] newfstatat(4, "", ./strace-static-x86_64: Process 5237 attached [pid 5080] rmdir("./24" [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5237 [pid 5079] close(4 [pid 5076] getdents64(4, [pid 5079] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] rmdir("./24/file1" [pid 5237] set_robust_list(0x555574eaa660, 24 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] getdents64(4, [pid 5079] getdents64(3, [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5237] <... set_robust_list resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5237] chdir("./25") = 0 [pid 5079] close(3 [pid 5076] <... close resumed>) = 0 [pid 5237] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] mkdir("./25", 0777 [pid 5079] <... close resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5076] rmdir("./24/file1" [pid 5079] rmdir("./24" [pid 5080] <... mkdir resumed>) = 0 [pid 5237] <... prctl resumed>) = 0 [pid 5237] setpgid(0, 0) = 0 [pid 5237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5237] write(3, "1000", 4) = 4 [pid 5237] close(3) = 0 [pid 5237] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5237] memfd_create("syzkaller", 0 [pid 5236] <... ioctl resumed>) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] <... rmdir resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5236] close(3) = 0 [pid 5237] <... memfd_create resumed>) = 3 [pid 5236] close(4) = 0 [pid 5080] close(3 [pid 5236] mkdir("./file1", 0777 [pid 5237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... close resumed>) = 0 [pid 5079] mkdir("./25", 0777 [pid 5076] getdents64(3, [pid 5237] <... mmap resumed>) = 0x7f7064400000 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... mkdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5237] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5236] <... mkdir resumed>) = 0 [pid 5076] close(3 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] close(3 [pid 5076] <... close resumed>) = 0 [pid 5236] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5077] <... close resumed>) = 0 [pid 5076] rmdir("./24" [pid 5079] <... openat resumed>) = 3 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... rmdir resumed>) = 0 [ 127.568070][ T5236] loop3: detected capacity change from 0 to 1024 [pid 5076] mkdir("./25", 0777./strace-static-x86_64: Process 5238 attached ./strace-static-x86_64: Process 5239 attached [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] <... mkdir resumed>) = 0 [pid 5239] set_robust_list(0x555574eaa660, 24 [pid 5238] set_robust_list(0x555574eaa660, 24 [pid 5237] <... write resumed>) = 524288 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5238 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5239 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5239] <... set_robust_list resumed>) = 0 [pid 5238] <... set_robust_list resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD) = 0 [pid 5239] chdir("./25" [pid 5238] chdir("./25" [pid 5076] close(3 [pid 5238] <... chdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5236] <... mount resumed>) = 0 [pid 5236] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY./strace-static-x86_64: Process 5240 attached [pid 5239] <... chdir resumed>) = 0 [pid 5236] <... openat resumed>) = 3 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5240 [pid 5239] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5240] set_robust_list(0x555574eaa660, 24 [pid 5239] <... prctl resumed>) = 0 [pid 5240] <... set_robust_list resumed>) = 0 [pid 5239] setpgid(0, 0 [pid 5238] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5236] chdir("./file1") = 0 [pid 5238] <... prctl resumed>) = 0 [pid 5236] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5238] setpgid(0, 0 [pid 5236] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5239] <... setpgid resumed>) = 0 [pid 5236] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5240] chdir("./25" [pid 5239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5238] <... setpgid resumed>) = 0 [pid 5236] <... openat resumed>) = 4 [pid 5240] <... chdir resumed>) = 0 [pid 5237] munmap(0x7f7064400000, 138412032 [pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5237] <... munmap resumed>) = 0 [pid 5240] <... prctl resumed>) = 0 [pid 5240] setpgid(0, 0) = 0 [pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5239] <... openat resumed>) = 3 [pid 5237] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5236] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5238] <... openat resumed>) = 3 [pid 5240] <... openat resumed>) = 3 [pid 5239] write(3, "1000", 4 [pid 5238] write(3, "1000", 4 [pid 5237] <... openat resumed>) = 4 [pid 5236] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5237] ioctl(4, LOOP_SET_FD, 3 [pid 5236] exit_group(0) = ? [pid 5239] <... write resumed>) = 4 [pid 5238] <... write resumed>) = 4 [pid 5236] +++ exited with 0 +++ [pid 5240] write(3, "1000", 4 [pid 5239] close(3 [pid 5238] close(3 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5236, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5078] umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5240] <... write resumed>) = 4 [pid 5239] <... close resumed>) = 0 [pid 5238] <... close resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./24/binderfs") = 0 [pid 5078] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5238] symlink("/dev/binderfs", "./binderfs" [pid 5240] close(3 [pid 5239] symlink("/dev/binderfs", "./binderfs" [pid 5238] <... symlink resumed>) = 0 [pid 5237] <... ioctl resumed>) = 0 [pid 5237] close(3) = 0 [pid 5240] <... close resumed>) = 0 [pid 5239] <... symlink resumed>) = 0 [pid 5238] memfd_create("syzkaller", 0 [pid 5237] close(4 [pid 5079] close(3 [pid 5240] symlink("/dev/binderfs", "./binderfs" [pid 5238] <... memfd_create resumed>) = 3 [pid 5237] <... close resumed>) = 0 [pid 5237] mkdir("./file1", 0777 [pid 5240] <... symlink resumed>) = 0 [pid 5239] memfd_create("syzkaller", 0 [pid 5238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5237] <... mkdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5237] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5238] <... mmap resumed>) = 0x7f7064400000 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5240] memfd_create("syzkaller", 0) = 3 [pid 5239] <... memfd_create resumed>) = 3 [pid 5240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5239] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5238] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5241 [pid 5078] <... umount2 resumed>) = 0 [pid 5239] <... mmap resumed>) = 0x7f7064400000 ./strace-static-x86_64: Process 5241 attached [pid 5240] <... mmap resumed>) = 0x7f7064400000 [ 127.697483][ T5237] loop0: detected capacity change from 0 to 1024 [pid 5078] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5241] set_robust_list(0x555574eaa660, 24 [pid 5237] <... mount resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5241] <... set_robust_list resumed>) = 0 [pid 5237] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5241] chdir("./25" [pid 5237] <... openat resumed>) = 3 [pid 5078] newfstatat(AT_FDCWD, "./24/file1", [pid 5241] <... chdir resumed>) = 0 [pid 5240] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5239] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5238] <... write resumed>) = 524288 [pid 5241] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./24/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5241] <... prctl resumed>) = 0 [pid 5237] chdir("./file1" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5241] setpgid(0, 0 [pid 5237] <... chdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5241] <... setpgid resumed>) = 0 [pid 5237] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] <... openat resumed>) = 4 [pid 5241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5237] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] newfstatat(4, "", [pid 5237] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5241] <... openat resumed>) = 3 [pid 5237] <... openat resumed>) = 4 [pid 5078] getdents64(4, [pid 5241] write(3, "1000", 4 [pid 5237] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5241] <... write resumed>) = 4 [pid 5078] getdents64(4, [pid 5241] close(3 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5241] <... close resumed>) = 0 [pid 5078] close(4 [pid 5241] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... close resumed>) = 0 [pid 5078] rmdir("./24/file1") = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./24" [pid 5238] munmap(0x7f7064400000, 138412032 [pid 5078] <... rmdir resumed>) = 0 [pid 5241] <... symlink resumed>) = 0 [pid 5078] mkdir("./25", 0777 [pid 5241] memfd_create("syzkaller", 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5241] <... memfd_create resumed>) = 3 [pid 5238] <... munmap resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... openat resumed>) = 3 [pid 5241] <... mmap resumed>) = 0x7f7064400000 [pid 5239] <... write resumed>) = 524288 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5241] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5240] <... write resumed>) = 524288 [pid 5238] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] <... ioctl resumed>) = 0 [pid 5240] munmap(0x7f7064400000, 138412032 [pid 5239] munmap(0x7f7064400000, 138412032 [pid 5078] close(3) = 0 [pid 5239] <... munmap resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5240] <... munmap resumed>) = 0 [pid 5239] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5238] <... openat resumed>) = 4 [pid 5240] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5239] <... openat resumed>) = 4 [pid 5238] ioctl(4, LOOP_SET_FD, 3 [pid 5237] <... ioctl resumed>) = 0 [pid 5237] exit_group(0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5242 [pid 5237] <... exit_group resumed>) = ? [pid 5237] +++ exited with 0 +++ [pid 5238] <... ioctl resumed>) = 0 [pid 5239] ioctl(4, LOOP_SET_FD, 3 [pid 5238] close(3 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5237, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- ./strace-static-x86_64: Process 5242 attached [pid 5242] set_robust_list(0x555574eaa660, 24) = 0 [pid 5242] chdir("./25") = 0 [pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5242] setpgid(0, 0 [pid 5238] <... close resumed>) = 0 [pid 5075] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5242] <... setpgid resumed>) = 0 [pid 5238] close(4 [pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5240] <... openat resumed>) = 4 [pid 5238] <... close resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5240] ioctl(4, LOOP_SET_FD, 3 [pid 5238] mkdir("./file1", 0777 [pid 5242] <... openat resumed>) = 3 [pid 5238] <... mkdir resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5242] write(3, "1000", 4) = 4 [pid 5242] close(3) = 0 [pid 5242] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5242] memfd_create("syzkaller", 0 [pid 5241] <... write resumed>) = 524288 [pid 5240] <... ioctl resumed>) = 0 [pid 5239] <... ioctl resumed>) = 0 [pid 5238] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5075] newfstatat(3, "", [pid 5240] close(3 [pid 5239] close(3 [pid 5240] <... close resumed>) = 0 [pid 5239] <... close resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5240] close(4 [pid 5239] close(4 [pid 5075] getdents64(3, [pid 5240] <... close resumed>) = 0 [pid 5239] <... close resumed>) = 0 [pid 5242] <... memfd_create resumed>) = 3 [pid 5241] munmap(0x7f7064400000, 138412032 [pid 5240] mkdir("./file1", 0777 [pid 5239] mkdir("./file1", 0777 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5242] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5241] <... munmap resumed>) = 0 [pid 5240] <... mkdir resumed>) = 0 [pid 5242] <... mmap resumed>) = 0x7f7064400000 [pid 5241] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5242] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5241] <... openat resumed>) = 4 [pid 5240] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5239] <... mkdir resumed>) = 0 [ 127.813582][ T5238] loop5: detected capacity change from 0 to 1024 [ 127.822397][ T5239] loop2: detected capacity change from 0 to 1024 [ 127.834902][ T5240] loop1: detected capacity change from 0 to 1024 [pid 5075] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5241] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5239] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5075] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5239] <... mount resumed>) = 0 [pid 5238] <... mount resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] unlink("./25/binderfs" [pid 5241] <... ioctl resumed>) = 0 [pid 5242] <... write resumed>) = 524288 [pid 5241] close(3 [pid 5239] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5238] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5075] <... unlink resumed>) = 0 [pid 5075] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5241] <... close resumed>) = 0 [pid 5241] close(4) = 0 [pid 5239] <... openat resumed>) = 3 [pid 5238] <... openat resumed>) = 3 [pid 5241] mkdir("./file1", 0777 [pid 5239] chdir("./file1" [pid 5238] chdir("./file1" [pid 5241] <... mkdir resumed>) = 0 [pid 5239] <... chdir resumed>) = 0 [pid 5238] <... chdir resumed>) = 0 [pid 5239] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5238] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5241] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5238] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5238] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5239] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5241] <... mount resumed>) = 0 [pid 5239] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5238] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5239] <... openat resumed>) = 4 [pid 5238] <... ioctl resumed>) = 0 [pid 5241] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5239] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5238] exit_group(0) = ? [pid 5239] <... ioctl resumed>) = 0 [pid 5241] <... openat resumed>) = 3 [pid 5241] chdir("./file1") = 0 [pid 5241] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5241] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5241] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5241] exit_group(0) = ? [pid 5241] +++ exited with 0 +++ [pid 5238] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5238, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [ 127.873753][ T5241] loop4: detected capacity change from 0 to 1024 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5241, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5239] exit_group(0 [pid 5080] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] newfstatat(3, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] getdents64(3, [pid 5079] <... openat resumed>) = 3 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] newfstatat(3, "", [pid 5242] munmap(0x7f7064400000, 138412032 [pid 5080] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5242] <... munmap resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] getdents64(3, [pid 5080] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5242] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5242] <... openat resumed>) = 4 [pid 5080] unlink("./25/binderfs" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5242] ioctl(4, LOOP_SET_FD, 3 [pid 5239] <... exit_group resumed>) = ? [pid 5080] <... unlink resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5242] <... ioctl resumed>) = 0 [pid 5080] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5079] unlink("./25/binderfs") = 0 [pid 5079] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./25/file1", [pid 5239] +++ exited with 0 +++ [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5240] <... mount resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5239, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5075] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5077] <... restart_syscall resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5075] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] close(4) = 0 [pid 5075] rmdir("./25/file1" [pid 5240] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... rmdir resumed>) = 0 [pid 5240] <... openat resumed>) = 3 [pid 5080] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] getdents64(3, [pid 5077] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... openat resumed>) = 3 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] newfstatat(AT_FDCWD, "./25/file1", [pid 5079] newfstatat(AT_FDCWD, "./25/file1", [pid 5077] newfstatat(3, "", [pid 5075] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... close resumed>) = 0 [pid 5080] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5075] rmdir("./25" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... rmdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] mkdir("./26", 0777 [pid 5240] chdir("./file1" [pid 5080] <... openat resumed>) = 4 [pid 5079] <... openat resumed>) = 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5240] <... chdir resumed>) = 0 [pid 5080] newfstatat(4, "", [pid 5079] newfstatat(4, "", [pid 5077] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5075] <... mkdir resumed>) = 0 [pid 5242] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5242] <... close resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] getdents64(4, [pid 5242] close(4 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5240] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5242] <... close resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] getdents64(4, [pid 5242] mkdir("./file1", 0777 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5242] <... mkdir resumed>) = 0 [pid 5240] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 127.943878][ T5242] loop3: detected capacity change from 0 to 1024 [pid 5080] close(4 [pid 5240] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... close resumed>) = 0 [pid 5079] close(4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5242] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5240] <... openat resumed>) = 4 [pid 5080] rmdir("./25/file1" [pid 5079] <... close resumed>) = 0 [pid 5077] unlink("./25/binderfs" [pid 5075] <... openat resumed>) = 3 [pid 5240] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] rmdir("./25/file1" [pid 5077] <... unlink resumed>) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5240] <... ioctl resumed>) = 0 [pid 5077] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... rmdir resumed>) = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5075] close(3 [pid 5240] exit_group(0 [pid 5080] getdents64(3, [pid 5075] <... close resumed>) = 0 [pid 5240] <... exit_group resumed>) = ? [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] getdents64(3, [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5240] +++ exited with 0 +++ [pid 5077] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... close resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5240, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5242] <... mount resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./25") = 0 [pid 5076] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] newfstatat(AT_FDCWD, "./25/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5243 [pid 5076] <... openat resumed>) = 3 [pid 5079] rmdir("./25" [pid 5242] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5242] <... openat resumed>) = 3 [pid 5077] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5242] chdir("./file1" [pid 5080] mkdir("./26", 0777 [pid 5077] <... openat resumed>) = 4 [pid 5242] <... chdir resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5077] newfstatat(4, "", [pid 5242] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5242] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] getdents64(4, [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] newfstatat(3, "", ./strace-static-x86_64: Process 5243 attached [pid 5242] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... openat resumed>) = 3 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] getdents64(4, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5243] set_robust_list(0x555574eaa660, 24 [pid 5242] <... openat resumed>) = 4 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5243] <... set_robust_list resumed>) = 0 [pid 5242] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... ioctl resumed>) = 0 [pid 5077] close(4 [pid 5243] chdir("./26" [pid 5242] <... ioctl resumed>) = 0 [pid 5080] close(3 [pid 5077] <... close resumed>) = 0 [pid 5242] exit_group(0 [pid 5080] <... close resumed>) = 0 [pid 5077] rmdir("./25/file1" [pid 5242] <... exit_group resumed>) = ? [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... rmdir resumed>) = 0 [pid 5243] <... chdir resumed>) = 0 [pid 5242] +++ exited with 0 +++ [pid 5079] mkdir("./26", 0777 [pid 5077] getdents64(3, [pid 5076] getdents64(3, [pid 5243] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5242, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5243] <... prctl resumed>) = 0 [pid 5077] close(3 [pid 5243] setpgid(0, 0 [pid 5077] <... close resumed>) = 0 [pid 5076] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5243] <... setpgid resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] rmdir("./25" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5244 [pid 5078] umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] <... rmdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] newfstatat(3, "", [pid 5243] <... openat resumed>) = 3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] mkdir("./26", 0777 [pid 5078] getdents64(3, [pid 5077] <... mkdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5078] umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5244 attached [pid 5243] write(3, "1000", 4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5243] <... write resumed>) = 4 [pid 5078] newfstatat(AT_FDCWD, "./25/binderfs", [pid 5077] <... ioctl resumed>) = 0 [pid 5243] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] close(3 [pid 5243] <... close resumed>) = 0 [pid 5078] unlink("./25/binderfs" [pid 5077] <... close resumed>) = 0 [pid 5243] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... unlink resumed>) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5243] <... symlink resumed>) = 0 [pid 5078] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5244] set_robust_list(0x555574eaa660, 24 [pid 5243] memfd_create("syzkaller", 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5244] <... set_robust_list resumed>) = 0 [pid 5243] <... memfd_create resumed>) = 3 [pid 5079] <... openat resumed>) = 3 [pid 5076] unlink("./25/binderfs" [pid 5244] chdir("./26" [pid 5243] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5245 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] <... unlink resumed>) = 0 [pid 5244] <... chdir resumed>) = 0 [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5243] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] <... ioctl resumed>) = 0 [pid 5076] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5244] <... prctl resumed>) = 0 [pid 5244] setpgid(0, 0 [pid 5079] close(3 [pid 5244] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5245 attached [pid 5079] <... close resumed>) = 0 [pid 5245] set_robust_list(0x555574eaa660, 24 [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5245] <... set_robust_list resumed>) = 0 [pid 5245] chdir("./26") = 0 [pid 5245] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5245] setpgid(0, 0 [pid 5244] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5246 attached [pid 5245] <... setpgid resumed>) = 0 [pid 5244] write(3, "1000", 4 [pid 5246] set_robust_list(0x555574eaa660, 24 [pid 5245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5244] <... write resumed>) = 4 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5246 [pid 5246] <... set_robust_list resumed>) = 0 [pid 5245] <... openat resumed>) = 3 [pid 5244] close(3 [pid 5243] <... write resumed>) = 524288 [pid 5245] write(3, "1000", 4 [pid 5244] <... close resumed>) = 0 [pid 5246] chdir("./26" [pid 5244] symlink("/dev/binderfs", "./binderfs" [pid 5246] <... chdir resumed>) = 0 [pid 5246] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5245] <... write resumed>) = 4 [pid 5244] <... symlink resumed>) = 0 [pid 5245] close(3) = 0 [pid 5245] symlink("/dev/binderfs", "./binderfs" [pid 5243] munmap(0x7f7064400000, 138412032) = 0 [pid 5246] <... prctl resumed>) = 0 [pid 5245] <... symlink resumed>) = 0 [pid 5244] memfd_create("syzkaller", 0 [pid 5246] setpgid(0, 0 [pid 5244] <... memfd_create resumed>) = 3 [pid 5246] <... setpgid resumed>) = 0 [pid 5244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5245] memfd_create("syzkaller", 0) = 3 [pid 5243] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5245] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5244] <... mmap resumed>) = 0x7f7064400000 [pid 5243] <... openat resumed>) = 4 [pid 5246] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5245] <... mmap resumed>) = 0x7f7064400000 [pid 5245] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5244] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5243] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5246] <... openat resumed>) = 3 [pid 5246] write(3, "1000", 4 [pid 5243] ioctl(4, LOOP_CLR_FD [pid 5246] <... write resumed>) = 4 [pid 5243] <... ioctl resumed>) = 0 [pid 5246] close(3) = 0 [pid 5246] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5246] memfd_create("syzkaller", 0) = 3 [pid 5243] ioctl(4, LOOP_SET_FD, 3 [pid 5246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5243] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5243] close(4) = 0 [pid 5246] <... mmap resumed>) = 0x7f7064400000 [pid 5243] close(3 [pid 5078] <... umount2 resumed>) = 0 [pid 5246] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5244] <... write resumed>) = 524288 [pid 5078] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 5244] munmap(0x7f7064400000, 138412032 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5244] <... munmap resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./25/file1", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] newfstatat(AT_FDCWD, "./25/file1", [pid 5078] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./25/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 4 [pid 5076] openat(AT_FDCWD, "./25/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] newfstatat(4, "", [pid 5076] <... openat resumed>) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, [pid 5076] newfstatat(4, "", [pid 5245] <... write resumed>) = 524288 [pid 5244] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5243] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5245] munmap(0x7f7064400000, 138412032 [pid 5244] <... openat resumed>) = 4 [pid 5243] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] getdents64(4, [pid 5076] getdents64(4, [pid 5243] <... openat resumed>) = 3 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5243] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] close(4 [pid 5076] getdents64(4, [pid 5078] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] rmdir("./25/file1" [pid 5076] close(4 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./25/file1" [pid 5244] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... rmdir resumed>) = 0 [pid 5245] <... munmap resumed>) = 0 [pid 5244] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] getdents64(3, [pid 5244] ioctl(4, LOOP_CLR_FD [pid 5243] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] getdents64(3, [pid 5244] <... ioctl resumed>) = 0 [pid 5243] exit_group(0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 5076] close(3 [pid 5243] <... exit_group resumed>) = ? [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./25") = 0 [pid 5244] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5078] <... close resumed>) = 0 [pid 5245] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5244] close(4 [pid 5243] +++ exited with 0 +++ [pid 5078] rmdir("./25" [pid 5246] <... write resumed>) = 524288 [pid 5244] <... close resumed>) = 0 [pid 5076] mkdir("./26", 0777 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5243, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5245] <... openat resumed>) = 4 [pid 5244] close(3 [pid 5076] <... mkdir resumed>) = 0 [pid 5244] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5246] munmap(0x7f7064400000, 138412032) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5078] <... rmdir resumed>) = 0 [pid 5078] mkdir("./26", 0777 [pid 5246] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... mkdir resumed>) = 0 [pid 5246] <... openat resumed>) = 4 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5246] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5246] ioctl(4, LOOP_CLR_FD) = 0 [pid 5245] ioctl(4, LOOP_SET_FD, 3 [pid 5075] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] ioctl(3, LOOP_CLR_FD) = 0 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5246] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5246] close(4) = 0 [pid 5246] close(3 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5075] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(3, ./strace-static-x86_64: Process 5247 attached [pid 5247] set_robust_list(0x555574eaa660, 24 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5247 [pid 5247] <... set_robust_list resumed>) = 0 [pid 5247] chdir("./26" [pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 3 entries */, 32768) = 80 [pid 5244] <... openat resumed>) = 3 [pid 5075] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5247] <... chdir resumed>) = 0 [pid 5246] <... close resumed>) = 0 [pid 5244] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5247] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5247] setpgid(0, 0 [pid 5244] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5247] <... setpgid resumed>) = 0 [pid 5244] exit_group(0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5247] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5246] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5245] <... ioctl resumed>) = 0 [pid 5244] <... exit_group resumed>) = ? [pid 5075] newfstatat(AT_FDCWD, "./26/binderfs", [pid 5245] close(3 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5245] <... close resumed>) = 0 [pid 5075] unlink("./26/binderfs" [ 128.235846][ T5245] loop2: detected capacity change from 0 to 1024 [pid 5245] close(4 [pid 5247] <... openat resumed>) = 3 [pid 5246] <... openat resumed>) = 3 [pid 5245] <... close resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5246] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5245] mkdir("./file1", 0777) = 0 [pid 5247] write(3, "1000", 4 [pid 5246] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5244] +++ exited with 0 +++ [pid 5247] <... write resumed>) = 4 [pid 5245] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5244, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5246] exit_group(0 [pid 5247] close(3 [pid 5076] close(3 [pid 5247] <... close resumed>) = 0 [pid 5247] symlink("/dev/binderfs", "./binderfs" [pid 5246] <... exit_group resumed>) = ? [pid 5080] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5247] <... symlink resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] getdents64(3, [pid 5080] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5075] close(3 [pid 5080] newfstatat(3, "", [pid 5075] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] rmdir("./26" [pid 5080] getdents64(3, [pid 5075] <... rmdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 3 entries */, 32768) = 80 [pid 5075] mkdir("./27", 0777 [pid 5246] +++ exited with 0 +++ [pid 5245] <... mount resumed>) = 0 [pid 5080] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... mkdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5246, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5248 ./strace-static-x86_64: Process 5248 attached [pid 5247] memfd_create("syzkaller", 0 [pid 5245] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] newfstatat(AT_FDCWD, "./26/binderfs", [pid 5075] <... openat resumed>) = 3 [pid 5248] set_robust_list(0x555574eaa660, 24 [pid 5245] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5248] <... set_robust_list resumed>) = 0 [pid 5245] chdir("./file1" [pid 5080] unlink("./26/binderfs" [pid 5079] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5248] chdir("./26" [pid 5245] <... chdir resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5247] <... memfd_create resumed>) = 3 [pid 5248] <... chdir resumed>) = 0 [pid 5245] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] getdents64(3, [pid 5079] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] close(3 [pid 5248] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5247] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5245] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5248] <... prctl resumed>) = 0 [pid 5080] close(3 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] <... close resumed>) = 0 [pid 5080] rmdir("./26" [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5249 [pid 5248] setpgid(0, 0 [pid 5245] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... rmdir resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5248] <... setpgid resumed>) = 0 [pid 5247] <... mmap resumed>) = 0x7f7064400000 [pid 5245] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5249 attached [pid 5248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5245] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5249] set_robust_list(0x555574eaa660, 24 [pid 5245] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5249] <... set_robust_list resumed>) = 0 [pid 5245] exit_group(0 [pid 5080] mkdir("./27", 0777 [pid 5249] chdir("./27" [pid 5245] <... exit_group resumed>) = ? [pid 5249] <... chdir resumed>) = 0 [pid 5248] <... openat resumed>) = 3 [pid 5247] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5245] +++ exited with 0 +++ [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5249] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5248] write(3, "1000", 4 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] getdents64(3, [pid 5249] <... prctl resumed>) = 0 [pid 5248] <... write resumed>) = 4 [pid 5080] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 3 entries */, 32768) = 80 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5245, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5249] setpgid(0, 0 [pid 5248] close(3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5249] <... setpgid resumed>) = 0 [pid 5248] <... close resumed>) = 0 [pid 5080] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5249] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5248] symlink("/dev/binderfs", "./binderfs" [pid 5080] close(3 [pid 5079] newfstatat(AT_FDCWD, "./26/binderfs", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5249] <... openat resumed>) = 3 [pid 5248] <... symlink resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... openat resumed>) = 3 [pid 5248] memfd_create("syzkaller", 0 [pid 5077] newfstatat(3, "", [pid 5248] <... memfd_create resumed>) = 3 [pid 5079] unlink("./26/binderfs" [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5249] write(3, "1000", 4 [pid 5077] getdents64(3, [pid 5249] <... write resumed>) = 4 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... unlink resumed>) = 0 [pid 5249] close(3 [pid 5077] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5249] <... close resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5250 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5249] symlink("/dev/binderfs", "./binderfs" [pid 5077] newfstatat(AT_FDCWD, "./26/binderfs", [pid 5249] <... symlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./26/binderfs") = 0 [pid 5077] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5249] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5250 attached [pid 5250] set_robust_list(0x555574eaa660, 24) = 0 [pid 5249] <... memfd_create resumed>) = 3 [pid 5250] chdir("./27" [pid 5249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5247] <... write resumed>) = 524288 [pid 5249] <... mmap resumed>) = 0x7f7064400000 [pid 5250] <... chdir resumed>) = 0 [pid 5250] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5250] setpgid(0, 0) = 0 [pid 5250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] getdents64(3, [pid 5250] <... openat resumed>) = 3 [pid 5077] <... umount2 resumed>) = 0 [pid 5249] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5250] write(3, "1000", 4) = 4 [pid 5250] close(3 [pid 5248] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5250] <... close resumed>) = 0 [pid 5248] <... mmap resumed>) = 0x7f7064400000 [pid 5079] close(3 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5250] symlink("/dev/binderfs", "./binderfs" [pid 5077] newfstatat(AT_FDCWD, "./26/file1", [pid 5250] <... symlink resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5250] memfd_create("syzkaller", 0 [pid 5077] openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5250] <... memfd_create resumed>) = 3 [pid 5077] <... openat resumed>) = 4 [pid 5250] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5077] newfstatat(4, "", [pid 5250] <... mmap resumed>) = 0x7f7064400000 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5250] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5248] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] rmdir("./26" [pid 5077] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5249] <... write resumed>) = 524288 [pid 5247] munmap(0x7f7064400000, 138412032 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 5247] <... munmap resumed>) = 0 [pid 5079] mkdir("./27", 0777 [pid 5077] <... close resumed>) = 0 [pid 5250] <... write resumed>) = 524288 [pid 5079] <... mkdir resumed>) = 0 [pid 5077] rmdir("./26/file1" [pid 5248] <... write resumed>) = 524288 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] <... rmdir resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5077] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./26" [pid 5247] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5079] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5077] <... rmdir resumed>) = 0 [pid 5247] <... openat resumed>) = 4 [pid 5079] close(3 [pid 5247] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... close resumed>) = 0 [pid 5077] mkdir("./27", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555574eaa650) = 5251 [pid 5249] munmap(0x7f7064400000, 138412032 [pid 5248] munmap(0x7f7064400000, 138412032 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5249] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5251 attached [pid 5250] munmap(0x7f7064400000, 138412032 [pid 5249] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5251] set_robust_list(0x555574eaa660, 24 [pid 5250] <... munmap resumed>) = 0 [pid 5249] <... openat resumed>) = 4 [pid 5251] <... set_robust_list resumed>) = 0 [pid 5248] <... munmap resumed>) = 0 [pid 5251] chdir("./27" [pid 5248] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5252 attached ) = 4 [pid 5247] <... ioctl resumed>) = 0 [pid 5252] set_robust_list(0x555574eaa660, 24 [pid 5248] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5252 [pid 5247] close(3) = 0 [pid 5251] <... chdir resumed>) = 0 [pid 5250] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5249] ioctl(4, LOOP_SET_FD, 3 [pid 5252] <... set_robust_list resumed>) = 0 [pid 5251] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5248] <... ioctl resumed>) = 0 [pid 5247] close(4 [pid 5252] chdir("./27" [pid 5251] <... prctl resumed>) = 0 [pid 5250] <... openat resumed>) = 4 [pid 5248] close(3 [pid 5247] <... close resumed>) = 0 [pid 5247] mkdir("./file1", 0777 [pid 5252] <... chdir resumed>) = 0 [pid 5250] ioctl(4, LOOP_SET_FD, 3 [pid 5251] setpgid(0, 0) = 0 [pid 5251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5247] <... mkdir resumed>) = 0 [pid 5251] <... openat resumed>) = 3 [pid 5251] write(3, "1000", 4) = 4 [pid 5251] close(3) = 0 [pid 5251] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5251] memfd_create("syzkaller", 0) = 3 [pid 5251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5252] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5251] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5248] <... close resumed>) = 0 [pid 5252] <... prctl resumed>) = 0 [pid 5248] close(4 [pid 5252] setpgid(0, 0 [pid 5248] <... close resumed>) = 0 [pid 5247] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5252] <... setpgid resumed>) = 0 [pid 5248] mkdir("./file1", 0777) = 0 [pid 5249] <... ioctl resumed>) = 0 [pid 5252] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5248] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5249] close(3) = 0 [ 128.468093][ T5247] loop3: detected capacity change from 0 to 1024 [ 128.493206][ T5248] loop1: detected capacity change from 0 to 1024 [ 128.494728][ T5249] loop0: detected capacity change from 0 to 1024 [pid 5249] close(4) = 0 [pid 5249] mkdir("./file1", 0777) = 0 [pid 5251] <... write resumed>) = 524288 [pid 5249] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5252] <... openat resumed>) = 3 [pid 5252] write(3, "1000", 4 [pid 5251] munmap(0x7f7064400000, 138412032 [pid 5250] <... ioctl resumed>) = 0 [pid 5249] <... mount resumed>) = 0 [pid 5247] <... mount resumed>) = 0 [pid 5252] <... write resumed>) = 4 [pid 5251] <... munmap resumed>) = 0 [pid 5250] close(3 [pid 5249] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5252] close(3 [pid 5250] <... close resumed>) = 0 [pid 5249] <... openat resumed>) = 3 [pid 5250] close(4 [pid 5249] chdir("./file1" [pid 5247] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5249] <... chdir resumed>) = 0 [pid 5248] <... mount resumed>) = 0 [pid 5252] <... close resumed>) = 0 [pid 5251] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5250] <... close resumed>) = 0 [pid 5249] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5248] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5250] mkdir("./file1", 0777 [pid 5249] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5252] symlink("/dev/binderfs", "./binderfs" [pid 5250] <... mkdir resumed>) = 0 [pid 5249] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5248] <... openat resumed>) = 3 [pid 5247] <... openat resumed>) = 3 [pid 5251] <... openat resumed>) = 4 [pid 5249] <... openat resumed>) = 4 [pid 5248] chdir("./file1" [pid 5252] <... symlink resumed>) = 0 [pid 5251] ioctl(4, LOOP_SET_FD, 3 [pid 5249] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5252] memfd_create("syzkaller", 0 [pid 5248] <... chdir resumed>) = 0 [pid 5247] chdir("./file1" [pid 5250] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5252] <... memfd_create resumed>) = 3 [pid 5248] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5247] <... chdir resumed>) = 0 [pid 5247] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5248] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5247] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5252] <... mmap resumed>) = 0x7f7064400000 [pid 5248] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5247] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5248] <... openat resumed>) = 4 [pid 5250] <... mount resumed>) = 0 [pid 5248] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5247] <... openat resumed>) = 4 [pid 5250] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5250] chdir("./file1" [pid 5251] <... ioctl resumed>) = 0 [pid 5250] <... chdir resumed>) = 0 [pid 5250] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5247] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5250] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [ 128.548240][ T5250] loop5: detected capacity change from 0 to 1024 [ 128.586622][ T5251] loop2: detected capacity change from 0 to 1024 [pid 5250] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5252] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5251] close(3) = 0 [pid 5251] close(4) = 0 [pid 5251] mkdir("./file1", 0777) = 0 [pid 5251] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5249] <... ioctl resumed>) = 0 [pid 5249] exit_group(0) = ? [pid 5252] <... write resumed>) = 524288 [pid 5249] +++ exited with 0 +++ [pid 5248] <... ioctl resumed>) = 0 [pid 5247] <... ioctl resumed>) = 0 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5249, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5248] exit_group(0 [pid 5247] exit_group(0 [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5248] <... exit_group resumed>) = ? [pid 5247] <... exit_group resumed>) = ? [pid 5250] <... ioctl resumed>) = 0 [pid 5075] <... restart_syscall resumed>) = 0 [pid 5250] exit_group(0) = ? [pid 5250] +++ exited with 0 +++ [pid 5247] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5250, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5075] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5252] munmap(0x7f7064400000, 138412032 [pid 5251] <... mount resumed>) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5247, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5251] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5078] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5251] <... openat resumed>) = 3 [pid 5248] +++ exited with 0 +++ [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5251] chdir("./file1" [pid 5078] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... openat resumed>) = 3 [pid 5252] <... munmap resumed>) = 0 [pid 5251] <... chdir resumed>) = 0 [pid 5075] newfstatat(3, "", [pid 5252] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5251] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... openat resumed>) = 3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5248, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5252] <... openat resumed>) = 4 [pid 5251] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5252] ioctl(4, LOOP_SET_FD, 3 [pid 5251] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] newfstatat(3, "", [pid 5076] umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(3, [pid 5251] <... openat resumed>) = 4 [pid 5080] <... openat resumed>) = 3 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5251] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] newfstatat(3, "", [pid 5075] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5251] <... ioctl resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5251] exit_group(0 [pid 5080] getdents64(3, [pid 5075] newfstatat(AT_FDCWD, "./27/binderfs", [pid 5251] <... exit_group resumed>) = ? [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5251] +++ exited with 0 +++ [pid 5080] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] unlink("./27/binderfs" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... unlink resumed>) = 0 [pid 5252] <... ioctl resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./27/binderfs", [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5251, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] unlink("./27/binderfs" [pid 5078] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... openat resumed>) = 3 [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", [pid 5076] newfstatat(3, "", [pid 5080] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(3, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] newfstatat(AT_FDCWD, "./26/binderfs", [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] newfstatat(AT_FDCWD, "./27/binderfs", [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] unlink("./26/binderfs" [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] unlink("./27/binderfs" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./26/binderfs", [pid 5078] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5076] unlink("./26/binderfs") = 0 [pid 5076] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./27/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] newfstatat(AT_FDCWD, "./27/file1", [pid 5252] close(3 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5252] <... close resumed>) = 0 [pid 5252] close(4 [pid 5080] <... openat resumed>) = 4 [pid 5252] <... close resumed>) = 0 [pid 5075] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5252] mkdir("./file1", 0777 [pid 5080] newfstatat(4, "", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] getdents64(4, [pid 5075] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5252] <... mkdir resumed>) = 0 [pid 5080] getdents64(4, [pid 5075] newfstatat(4, "", [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... close resumed>) = 0 [pid 5075] getdents64(4, [pid 5080] rmdir("./27/file1" [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] <... rmdir resumed>) = 0 [pid 5252] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5078] <... umount2 resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5075] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] close(4) = 0 [ 128.663453][ T5252] loop4: detected capacity change from 0 to 1024 [pid 5075] rmdir("./27/file1") = 0 [pid 5252] <... mount resumed>) = 0 [pid 5080] getdents64(3, [pid 5078] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 5252] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5252] <... openat resumed>) = 3 [pid 5080] close(3 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... close resumed>) = 0 [pid 5075] getdents64(3, [pid 5252] chdir("./file1" [pid 5080] rmdir("./27" [pid 5076] newfstatat(AT_FDCWD, "./26/file1", [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] newfstatat(AT_FDCWD, "./26/file1", [pid 5077] newfstatat(AT_FDCWD, "./27/file1", [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] close(3 [pid 5252] <... chdir resumed>) = 0 [pid 5252] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./26/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] rmdir("./27" [pid 5252] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5252] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "./26/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... rmdir resumed>) = 0 [pid 5252] <... openat resumed>) = 4 [pid 5078] <... openat resumed>) = 4 [pid 5077] <... openat resumed>) = 4 [pid 5076] <... openat resumed>) = 4 [pid 5252] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] newfstatat(4, "", [pid 5076] newfstatat(4, "", [pid 5252] <... ioctl resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5252] exit_group(0 [pid 5080] mkdir("./28", 0777 [pid 5078] newfstatat(4, "", [pid 5077] getdents64(4, [pid 5076] getdents64(4, [pid 5075] mkdir("./28", 0777 [pid 5252] <... exit_group resumed>) = ? [pid 5080] <... mkdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... mkdir resumed>) = 0 [pid 5078] getdents64(4, [pid 5077] getdents64(4, [pid 5076] getdents64(4, [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] getdents64(4, [pid 5075] <... openat resumed>) = 3 [pid 5076] close(4) = 0 [pid 5076] rmdir("./26/file1") = 0 [pid 5077] close(4 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5078] close(4 [pid 5077] rmdir("./27/file1" [pid 5078] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5076] close(3 [pid 5075] close(3 [pid 5076] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5078] rmdir("./26/file1" [pid 5076] rmdir("./26" [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./27", 0777 [pid 5077] getdents64(3, [pid 5076] <... mkdir resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5078] close(3 [pid 5077] rmdir("./27" [pid 5078] <... close resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5078] rmdir("./26") = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5253 ./strace-static-x86_64: Process 5253 attached [pid 5077] mkdir("./28", 0777 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] <... mkdir resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5078] mkdir("./27", 0777 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5253] set_robust_list(0x555574eaa660, 24 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5253] <... set_robust_list resumed>) = 0 [pid 5253] chdir("./28" [pid 5078] <... openat resumed>) = 3 [pid 5077] <... ioctl resumed>) = 0 [pid 5253] <... chdir resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5077] close(3 [pid 5253] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5252] +++ exited with 0 +++ [pid 5077] <... close resumed>) = 0 [pid 5253] <... prctl resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5252, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5253] setpgid(0, 0 [pid 5079] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5254 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5254 attached [pid 5254] set_robust_list(0x555574eaa660, 24) = 0 [pid 5254] chdir("./27") = 0 [pid 5079] newfstatat(3, "", [pid 5254] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5254] setpgid(0, 0) = 0 [pid 5254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 5255 attached [pid 5254] write(3, "1000", 4 [pid 5253] <... setpgid resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5254] <... write resumed>) = 4 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5255 [pid 5254] close(3 [pid 5079] getdents64(3, [pid 5254] <... close resumed>) = 0 [pid 5253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5254] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5255] set_robust_list(0x555574eaa660, 24 [pid 5254] <... symlink resumed>) = 0 [pid 5253] <... openat resumed>) = 3 [pid 5079] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5255] <... set_robust_list resumed>) = 0 [pid 5253] write(3, "1000", 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5255] chdir("./28" [pid 5253] <... write resumed>) = 4 [pid 5079] newfstatat(AT_FDCWD, "./27/binderfs", [pid 5254] memfd_create("syzkaller", 0 [pid 5253] close(3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5253] <... close resumed>) = 0 [pid 5079] unlink("./27/binderfs" [pid 5253] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... unlink resumed>) = 0 [pid 5254] <... memfd_create resumed>) = 3 [pid 5253] <... symlink resumed>) = 0 [pid 5079] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5255] <... chdir resumed>) = 0 [pid 5253] memfd_create("syzkaller", 0 [pid 5255] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5254] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./27/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5253] <... memfd_create resumed>) = 3 [pid 5079] <... openat resumed>) = 4 [pid 5253] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5255] <... prctl resumed>) = 0 [pid 5253] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, [pid 5255] setpgid(0, 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5254] <... write resumed>) = 524288 [pid 5079] close(4 [pid 5255] <... setpgid resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5255] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] rmdir("./27/file1" [pid 5255] <... openat resumed>) = 3 [pid 5079] <... rmdir resumed>) = 0 [pid 5255] write(3, "1000", 4 [pid 5080] <... ioctl resumed>) = 0 [pid 5255] <... write resumed>) = 4 [pid 5255] close(3 [pid 5080] close(3 [pid 5079] getdents64(3, [pid 5080] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] close(3) = 0 [pid 5079] rmdir("./27") = 0 [pid 5255] <... close resumed>) = 0 [pid 5079] mkdir("./28", 0777) = 0 [pid 5255] symlink("/dev/binderfs", "./binderfs" [pid 5254] munmap(0x7f7064400000, 138412032 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5256 [pid 5255] <... symlink resumed>) = 0 [pid 5254] <... munmap resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD) = 0 [pid 5079] close(3./strace-static-x86_64: Process 5256 attached [pid 5254] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... close resumed>) = 0 [pid 5256] set_robust_list(0x555574eaa660, 24 [pid 5255] memfd_create("syzkaller", 0 [pid 5254] <... openat resumed>) = 4 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5256] <... set_robust_list resumed>) = 0 [pid 5255] <... memfd_create resumed>) = 3 [pid 5253] <... write resumed>) = 524288 [pid 5256] chdir("./28" [pid 5254] ioctl(4, LOOP_SET_FD, 3 [pid 5256] <... chdir resumed>) = 0 [pid 5254] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5256] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5254] ioctl(4, LOOP_CLR_FD [pid 5256] <... prctl resumed>) = 0 [pid 5255] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5078] <... ioctl resumed>) = 0 [pid 5256] setpgid(0, 0 [pid 5254] <... ioctl resumed>) = 0 [pid 5256] <... setpgid resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5257 [pid 5256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5255] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5253] munmap(0x7f7064400000, 138412032 [pid 5256] write(3, "1000", 4 [pid 5254] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5257 attached [pid 5256] <... write resumed>) = 4 [pid 5254] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5257] set_robust_list(0x555574eaa660, 24 [pid 5256] close(3 [pid 5254] close(4 [pid 5257] <... set_robust_list resumed>) = 0 [pid 5256] <... close resumed>) = 0 [pid 5254] <... close resumed>) = 0 [pid 5257] chdir("./28" [pid 5256] symlink("/dev/binderfs", "./binderfs" [pid 5254] close(3 [pid 5257] <... chdir resumed>) = 0 [pid 5256] <... symlink resumed>) = 0 [pid 5253] <... munmap resumed>) = 0 [pid 5257] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5253] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5257] <... prctl resumed>) = 0 [pid 5257] setpgid(0, 0) = 0 [pid 5253] <... openat resumed>) = 4 [pid 5257] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5256] memfd_create("syzkaller", 0 [pid 5253] ioctl(4, LOOP_SET_FD, 3 [pid 5078] close(3) = 0 [pid 5256] <... memfd_create resumed>) = 3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 128.870688][ T5149] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5256] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5257] write(3, "1000", 4 [pid 5256] <... mmap resumed>) = 0x7f7064400000 [pid 5257] <... write resumed>) = 4 [pid 5256] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5253] <... ioctl resumed>) = 0 [pid 5257] close(3) = 0 [pid 5257] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5257] memfd_create("syzkaller", 0) = 3 [pid 5255] <... write resumed>) = 524288 [pid 5254] <... close resumed>) = 0 [pid 5257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5258 [pid 5257] <... mmap resumed>) = 0x7f7064400000 [pid 5254] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5257] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5256] <... write resumed>) = 524288 [pid 5254] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5258 attached [pid 5254] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5258] set_robust_list(0x555574eaa660, 24 [pid 5255] munmap(0x7f7064400000, 138412032 [pid 5253] close(3 [pid 5258] <... set_robust_list resumed>) = 0 [pid 5257] <... write resumed>) = 524288 [pid 5255] <... munmap resumed>) = 0 [pid 5253] <... close resumed>) = 0 [pid 5253] close(4 [pid 5258] chdir("./27" [pid 5253] <... close resumed>) = 0 [pid 5256] munmap(0x7f7064400000, 138412032 [pid 5253] mkdir("./file1", 0777 [pid 5256] <... munmap resumed>) = 0 [pid 5256] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [ 128.912893][ T5253] loop0: detected capacity change from 0 to 1024 [pid 5256] ioctl(4, LOOP_SET_FD, 3 [pid 5258] <... chdir resumed>) = 0 [pid 5255] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5253] <... mkdir resumed>) = 0 [pid 5258] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5257] munmap(0x7f7064400000, 138412032 [pid 5255] <... openat resumed>) = 4 [pid 5253] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5258] <... prctl resumed>) = 0 [pid 5257] <... munmap resumed>) = 0 [pid 5258] setpgid(0, 0 [pid 5257] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5257] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5258] <... setpgid resumed>) = 0 [pid 5257] ioctl(4, LOOP_CLR_FD [pid 5255] ioctl(4, LOOP_SET_FD, 3 [pid 5257] <... ioctl resumed>) = 0 [pid 5258] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5254] <... ioctl resumed>) = 0 [pid 5257] ioctl(4, LOOP_SET_FD, 3 [pid 5254] exit_group(0 [pid 5257] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5254] <... exit_group resumed>) = ? [pid 5257] close(4 [pid 5254] +++ exited with 0 +++ [pid 5257] <... close resumed>) = 0 [pid 5257] close(3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5254, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5258] <... openat resumed>) = 3 [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 128.959273][ T5256] loop5: detected capacity change from 0 to 1024 [ 128.981441][ T5255] loop2: detected capacity change from 0 to 1024 [pid 5257] <... close resumed>) = 0 [pid 5256] <... ioctl resumed>) = 0 [pid 5076] getdents64(3, [pid 5256] close(3) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 3 entries */, 32768) = 80 [pid 5256] close(4) = 0 [pid 5076] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5256] mkdir("./file1", 0777 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5256] <... mkdir resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./27/binderfs" [pid 5257] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] <... unlink resumed>) = 0 [pid 5257] <... openat resumed>) = 3 [pid 5076] getdents64(3, [pid 5257] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5257] exit_group(0 [pid 5076] close(3 [pid 5257] <... exit_group resumed>) = ? [pid 5076] <... close resumed>) = 0 [pid 5257] +++ exited with 0 +++ [pid 5076] rmdir("./27" [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5257, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5256] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] <... rmdir resumed>) = 0 [pid 5079] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] mkdir("./28", 0777 [pid 5079] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5076] <... mkdir resumed>) = 0 [pid 5256] <... mount resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 3 entries */, 32768) = 80 [pid 5256] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5256] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5256] chdir("./file1" [pid 5079] newfstatat(AT_FDCWD, "./28/binderfs", [pid 5256] <... chdir resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5256] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] unlink("./28/binderfs" [pid 5256] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 129.002225][ T5253] ================================================================== [ 129.010318][ T5253] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0xf86/0x1070 [ 129.018628][ T5253] Read of size 2 at addr ffff8880229e0800 by task syz-executor204/5253 [ 129.026902][ T5253] [ 129.029246][ T5253] CPU: 1 PID: 5253 Comm: syz-executor204 Tainted: G B 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 129.040834][ T5253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 129.050918][ T5253] Call Trace: [ 129.054222][ T5253] [ 129.057176][ T5253] dump_stack_lvl+0x116/0x1f0 [ 129.061910][ T5253] print_report+0xc3/0x620 [ 129.066362][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.071264][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.076164][ T5253] ? __phys_addr+0xc6/0x150 [ 129.080702][ T5253] kasan_report+0xd9/0x110 [ 129.085149][ T5253] ? hfsplus_read_wrapper+0xf86/0x1070 [ 129.090654][ T5253] ? hfsplus_read_wrapper+0xf86/0x1070 [ 129.096165][ T5253] hfsplus_read_wrapper+0xf86/0x1070 [ 129.101605][ T5253] ? lock_release+0x4cc/0x6a0 [ 129.106337][ T5253] ? __pfx_hfsplus_read_wrapper+0x10/0x10 [ 129.112103][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.117062][ T5253] ? do_raw_spin_lock+0x12d/0x2c0 [ 129.122127][ T5253] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 129.127541][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.132461][ T5253] ? do_raw_spin_unlock+0x172/0x230 [ 129.137701][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.142598][ T5253] ? _raw_spin_unlock+0x28/0x50 [ 129.147490][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.152391][ T5253] ? find_nls+0x125/0x170 [ 129.156763][ T5253] hfsplus_fill_super+0x352/0x1bc0 [ 129.161924][ T5253] ? rcu_is_watching+0x12/0xc0 [ 129.166741][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.171641][ T5253] ? lock_release+0x4cc/0x6a0 [ 129.176356][ T5253] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 129.181949][ T5253] ? bdev_name.constprop.0+0xa1/0x330 [ 129.187402][ T5253] ? do_raw_spin_lock+0x12d/0x2c0 [ 129.192472][ T5253] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 129.197889][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.202784][ T5253] ? set_blocksize+0x2b1/0x350 [ 129.207597][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.212497][ T5253] ? sb_set_blocksize+0xf6/0x120 [ 129.217494][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.222480][ T5253] ? setup_bdev_super+0x392/0x720 [ 129.227655][ T5253] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 129.233264][ T5253] mount_bdev+0x1e6/0x2d0 [ 129.237642][ T5253] ? __pfx_mount_bdev+0x10/0x10 [ 129.242536][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.247429][ T5253] ? apparmor_capable+0x126/0x1e0 [ 129.252491][ T5253] ? __pfx_hfsplus_mount+0x10/0x10 [ 129.257644][ T5253] legacy_get_tree+0x10c/0x220 [ 129.262446][ T5253] vfs_get_tree+0x92/0x380 [ 129.266909][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.271808][ T5253] path_mount+0x14e6/0x1f20 [ 129.276356][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.281264][ T5253] ? kmem_cache_free+0x12e/0x360 [ 129.286230][ T5253] ? __pfx_path_mount+0x10/0x10 [ 129.291119][ T5253] ? lock_release+0xa9/0x6a0 [ 129.295747][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.300643][ T5253] ? putname+0x12e/0x170 [ 129.304918][ T5253] __x64_sys_mount+0x297/0x320 [ 129.309756][ T5253] ? __pfx___x64_sys_mount+0x10/0x10 [ 129.315095][ T5253] ? _raw_spin_unlock_irq+0x2e/0x50 [ 129.320326][ T5253] ? srso_return_thunk+0x5/0x5f [ 129.325742][ T5253] ? ptrace_notify+0xf1/0x130 [ 129.330497][ T5253] do_syscall_64+0xd5/0x260 [ 129.335053][ T5253] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 129.341000][ T5253] RIP: 0033:0x7f706ca0c69a [ 129.345440][ T5253] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 129.365083][ T5253] RSP: 002b:00007ffcd3a1c1c8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 129.373523][ T5253] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f706ca0c69a [ 129.381512][ T5253] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffcd3a1c210 [ 129.389511][ T5253] RBP: 0000000000000004 R08: 00007ffcd3a1c250 R09: 0000000000000632 [ 129.398649][ T5253] R10: 0000000000000050 R11: 0000000000000286 R12: 00007ffcd3a1c210 [ 129.406642][ T5253] R13: 00007ffcd3a1c250 R14: 0000000000080000 R15: 0000000000000003 [ 129.414649][ T5253] [ 129.417682][ T5253] [ 129.420011][ T5253] The buggy address belongs to the object at ffff8880229e0800 [ 129.420011][ T5253] which belongs to the cache kmalloc-512 of size 512 [ 129.434082][ T5253] The buggy address is located 0 bytes inside of [ 129.434082][ T5253] freed 512-byte region [ffff8880229e0800, ffff8880229e0a00) [ 129.447727][ T5253] [ 129.450055][ T5253] The buggy address belongs to the physical page: [ 129.456471][ T5253] page:ffffea00008a7800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x229e0 [ 129.466648][ T5253] head:ffffea00008a7800 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 129.476384][ T5253] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 129.484817][ T5253] page_type: 0xffffffff() [ 129.490499][ T5253] raw: 00fff00000000840 ffff888015041c80 0000000000000000 dead000000000001 [ 129.499109][ T5253] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 129.507709][ T5253] page dumped because: kasan: bad access detected [ 129.514131][ T5253] page_owner tracks the page as allocated [ 129.520027][ T5253] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4523, tgid 4523 (udevadm), ts 45235199564, free_ts 45172054560 [ 129.541004][ T5253] post_alloc_hook+0x2d4/0x350 [ 129.545812][ T5253] get_page_from_freelist+0xa28/0x3780 [ 129.551310][ T5253] __alloc_pages+0x22b/0x2410 [ 129.556028][ T5253] new_slab+0xcc/0x3a0 [ 129.560228][ T5253] ___slab_alloc+0x66d/0x1790 [ 129.564950][ T5253] __slab_alloc.constprop.0+0x56/0xb0 [ 129.570369][ T5253] kmalloc_trace+0x2fb/0x330 [ 129.575071][ T5253] kernfs_fop_open+0x28b/0xd40 [ 129.579864][ T5253] do_dentry_open+0x8dd/0x18c0 [ 129.584670][ T5253] path_openat+0x1dfb/0x2990 [ 129.589295][ T5253] do_filp_open+0x1dc/0x430 [ 129.593840][ T5253] do_sys_openat2+0x17a/0x1e0 [ 129.598544][ T5253] __x64_sys_openat+0x175/0x210 [ 129.603421][ T5253] do_syscall_64+0xd5/0x260 [ 129.607973][ T5253] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 129.613911][ T5253] page last free pid 4523 tgid 4523 stack trace: [ 129.620248][ T5253] free_unref_page_prepare+0x527/0xb10 [ 129.625739][ T5253] free_unref_page+0x33/0x3c0 [ 129.630448][ T5253] __put_partials+0x14c/0x170 [ 129.635174][ T5253] qlist_free_all+0x4e/0x140 [ 129.639805][ T5253] kasan_quarantine_reduce+0x192/0x1e0 [ 129.645308][ T5253] __kasan_slab_alloc+0x69/0x90 [ 129.650206][ T5253] kmem_cache_alloc+0x136/0x320 [ 129.655084][ T5253] getname_flags.part.0+0x50/0x4f0 [ 129.660225][ T5253] getname+0x8f/0xe0 [ 129.664157][ T5253] do_sys_openat2+0x104/0x1e0 [ 129.668862][ T5253] __x64_sys_openat+0x175/0x210 [ 129.673744][ T5253] do_syscall_64+0xd5/0x260 [ 129.678316][ T5253] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 129.684255][ T5253] [ 129.686585][ T5253] Memory state around the buggy address: [ 129.692223][ T5253] ffff8880229e0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 129.700301][ T5253] ffff8880229e0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [pid 5079] <... unlink resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5258] write(3, "1000", 4 [pid 5256] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] getdents64(3, [pid 5256] <... openat resumed>) = 4 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5256] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] close(3 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5256] <... ioctl resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5076] close(3 [pid 5256] exit_group(0 [pid 5079] rmdir("./28" [pid 5076] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5256] <... exit_group resumed>) = ? [pid 5079] mkdir("./29", 0777 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5259 [pid 5079] <... mkdir resumed>) = 0 [pid 5256] +++ exited with 0 +++ [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5256, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5259 attached ) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD) = 0 [pid 5255] <... ioctl resumed>) = 0 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5259] set_robust_list(0x555574eaa660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5260 [pid 5259] <... set_robust_list resumed>) = 0 [pid 5259] chdir("./28") = 0 [pid 5080] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5259] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5259] <... prctl resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5259] setpgid(0, 0 [pid 5080] <... openat resumed>) = 3 [pid 5259] <... setpgid resumed>) = 0 [pid 5080] newfstatat(3, "", ./strace-static-x86_64: Process 5260 attached [pid 5259] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5260] set_robust_list(0x555574eaa660, 24 [pid 5259] <... openat resumed>) = 3 [pid 5080] getdents64(3, [pid 5260] <... set_robust_list resumed>) = 0 [pid 5259] write(3, "1000", 4 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5260] chdir("./29" [pid 5259] <... write resumed>) = 4 [pid 5080] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5260] <... chdir resumed>) = 0 [pid 5259] close(3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5260] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5259] <... close resumed>) = 0 [pid 5080] newfstatat(AT_FDCWD, "./28/binderfs", [pid 5260] <... prctl resumed>) = 0 [pid 5259] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5260] setpgid(0, 0 [pid 5259] <... symlink resumed>) = 0 [pid 5080] unlink("./28/binderfs" [pid 5260] <... setpgid resumed>) = 0 [pid 5259] memfd_create("syzkaller", 0 [pid 5080] <... unlink resumed>) = 0 [pid 5260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5259] <... memfd_create resumed>) = 3 [pid 5080] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5260] <... openat resumed>) = 3 [ 129.708379][ T5253] >ffff8880229e0800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 129.716453][ T5253] ^ [ 129.720532][ T5253] ffff8880229e0880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 129.728614][ T5253] ffff8880229e0900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 129.736686][ T5253] ================================================================== [pid 5259] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5260] write(3, "1000", 4 [pid 5259] <... mmap resumed>) = 0x7f7064400000 [pid 5260] <... write resumed>) = 4 [pid 5259] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5260] close(3) = 0 [pid 5260] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5258] <... write resumed>) = 4 [pid 5260] memfd_create("syzkaller", 0 [pid 5258] close(3 [pid 5260] <... memfd_create resumed>) = 3 [pid 5259] <... write resumed>) = 524288 [pid 5258] <... close resumed>) = 0 [pid 5258] symlink("/dev/binderfs", "./binderfs" [pid 5259] munmap(0x7f7064400000, 138412032) = 0 [pid 5258] <... symlink resumed>) = 0 [pid 5258] memfd_create("syzkaller", 0 [pid 5260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5258] <... memfd_create resumed>) = 3 [pid 5260] <... mmap resumed>) = 0x7f7064400000 [pid 5258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5260] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5258] <... mmap resumed>) = 0x7f7064400000 [pid 5258] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5260] <... write resumed>) = 524288 [pid 5259] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5080] <... umount2 resumed>) = 0 [pid 5259] <... openat resumed>) = 4 [ 129.803738][ T5253] hfsplus: unable to set blocksize to 1024! [ 129.830928][ T5253] hfsplus: unable to find HFS+ superblock [pid 5260] munmap(0x7f7064400000, 138412032 [pid 5259] ioctl(4, LOOP_SET_FD, 3 [pid 5253] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5260] <... munmap resumed>) = 0 [pid 5259] <... ioctl resumed>) = 0 [pid 5258] <... write resumed>) = 524288 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5260] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5258] munmap(0x7f7064400000, 138412032 [pid 5080] newfstatat(AT_FDCWD, "./28/file1", [pid 5260] <... openat resumed>) = 4 [pid 5258] <... munmap resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5260] ioctl(4, LOOP_SET_FD, 3 [pid 5259] close(3 [pid 5258] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5253] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5260] <... ioctl resumed>) = 0 [pid 5259] <... close resumed>) = 0 [pid 5253] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5259] close(4 [pid 5253] ioctl(3, LOOP_CLR_FD [pid 5080] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5259] <... close resumed>) = 0 [pid 5253] <... ioctl resumed>) = 0 [pid 5259] mkdir("./file1", 0777 [pid 5253] close(3 [pid 5259] <... mkdir resumed>) = 0 [pid 5253] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5259] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5253] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 3 [pid 5080] newfstatat(4, "", [pid 5259] <... mount resumed>) = 0 [pid 5253] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5259] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5253] <... ioctl resumed>) = 0 [pid 5259] <... openat resumed>) = 3 [pid 5253] exit_group(0 [pid 5080] getdents64(4, [pid 5259] chdir("./file1") = 0 [pid 5253] <... exit_group resumed>) = ? [pid 5259] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5253] +++ exited with 0 +++ [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5259] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] getdents64(4, [pid 5259] <... openat resumed>) = 4 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5253, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5259] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] close(4 [pid 5259] <... ioctl resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5259] exit_group(0 [pid 5080] rmdir("./28/file1" [pid 5259] <... exit_group resumed>) = ? [pid 5075] <... restart_syscall resumed>) = 0 [pid 5259] +++ exited with 0 +++ [pid 5080] <... rmdir resumed>) = 0 [pid 5080] getdents64(3, [pid 5075] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5259, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] close(3 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5075] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 129.874685][ T5259] loop1: detected capacity change from 0 to 1024 [ 129.893874][ T5260] loop4: detected capacity change from 0 to 1024 [pid 5260] close(3 [pid 5258] <... openat resumed>) = 4 [pid 5255] close(3 [pid 5080] <... close resumed>) = 0 [pid 5076] <... restart_syscall resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5258] ioctl(4, LOOP_SET_FD, 3 [pid 5255] <... close resumed>) = 0 [pid 5075] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] unlink("./28/binderfs") = 0 [pid 5075] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5260] <... close resumed>) = 0 [pid 5258] <... ioctl resumed>) = 0 [pid 5255] close(4 [pid 5080] rmdir("./28" [pid 5260] close(4 [pid 5258] close(3 [pid 5255] <... close resumed>) = 0 [pid 5076] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5255] mkdir("./file1", 0777 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./28/file1", [pid 5076] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... rmdir resumed>) = 0 [pid 5075] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] mkdir("./29", 0777 [pid 5076] newfstatat(3, "", [pid 5075] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5260] <... close resumed>) = 0 [pid 5258] <... close resumed>) = 0 [pid 5255] <... mkdir resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5260] mkdir("./file1", 0777 [pid 5258] close(4 [pid 5255] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5075] <... openat resumed>) = 4 [pid 5075] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(4, [pid 5076] getdents64(3, [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] close(4) = 0 [pid 5075] rmdir("./28/file1" [pid 5260] <... mkdir resumed>) = 0 [pid 5258] <... close resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5076] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... rmdir resumed>) = 0 [pid 5260] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5258] mkdir("./file1", 0777 [pid 5080] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./28/binderfs", [pid 5075] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] close(3 [pid 5258] <... mkdir resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... close resumed>) = 0 [pid 5075] rmdir("./28" [pid 5258] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] unlink("./28/binderfs" [pid 5075] <... rmdir resumed>) = 0 [pid 5075] mkdir("./29", 0777./strace-static-x86_64: Process 5261 attached [pid 5076] <... unlink resumed>) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5261 [pid 5076] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5261] set_robust_list(0x555574eaa660, 24) = 0 [pid 5261] chdir("./29") = 0 [pid 5261] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] <... mkdir resumed>) = 0 [pid 5261] <... prctl resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5261] setpgid(0, 0 [pid 5075] <... openat resumed>) = 3 [pid 5261] <... setpgid resumed>) = 0 [ 129.946033][ T5258] loop3: detected capacity change from 0 to 1024 [pid 5261] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5075] close(3 [pid 5261] <... openat resumed>) = 3 [pid 5258] <... mount resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5258] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... umount2 resumed>) = 0 [pid 5261] write(3, "1000", 4 [pid 5258] chdir("./file1" [pid 5261] <... write resumed>) = 4 [pid 5258] <... chdir resumed>) = 0 [pid 5261] close(3 [pid 5258] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5261] <... close resumed>) = 0 [pid 5258] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5255] <... mount resumed>) = 0 [pid 5261] symlink("/dev/binderfs", "./binderfs" [pid 5258] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5261] <... symlink resumed>) = 0 [pid 5258] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5258] exit_group(0 [pid 5255] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5076] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5258] <... exit_group resumed>) = ? [pid 5255] <... openat resumed>) = 3 [pid 5255] chdir("./file1" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5262 attached [pid 5261] memfd_create("syzkaller", 0 [pid 5255] <... chdir resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./28/file1", [pid 5262] set_robust_list(0x555574eaa660, 24 [pid 5261] <... memfd_create resumed>) = 3 [pid 5255] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5262] <... set_robust_list resumed>) = 0 [pid 5261] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5260] <... mount resumed>) = 0 [pid 5258] +++ exited with 0 +++ [pid 5255] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5262 [pid 5261] <... mmap resumed>) = 0x7f7064400000 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5258, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5261] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", [pid 5260] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5255] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] getdents64(3, [pid 5262] chdir("./29" [pid 5260] <... openat resumed>) = 3 [pid 5255] <... openat resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5262] <... chdir resumed>) = 0 [pid 5260] chdir("./file1" [pid 5078] umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5262] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5262] <... prctl resumed>) = 0 [pid 5078] newfstatat(AT_FDCWD, "./27/binderfs", [pid 5262] setpgid(0, 0 [pid 5260] <... chdir resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5262] <... setpgid resumed>) = 0 [pid 5260] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] unlink("./27/binderfs" [pid 5262] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... unlink resumed>) = 0 [pid 5262] <... openat resumed>) = 3 [pid 5260] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5255] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 4 [pid 5261] <... write resumed>) = 524288 [pid 5260] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5262] write(3, "1000", 4) = 4 [pid 5262] close(3) = 0 [pid 5262] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5262] memfd_create("syzkaller", 0) = 3 [pid 5262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5076] newfstatat(4, "", [pid 5262] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5260] <... openat resumed>) = 4 [pid 5255] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5260] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5076] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5260] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] close(4) = 0 [pid 5076] rmdir("./28/file1" [pid 5260] exit_group(0) = ? [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5255] exit_group(0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./28") = 0 [pid 5076] mkdir("./29", 0777 [pid 5260] +++ exited with 0 +++ [pid 5076] <... mkdir resumed>) = 0 [pid 5255] <... exit_group resumed>) = ? [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5260, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5078] <... umount2 resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5079] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] newfstatat(3, "", [pid 5262] <... write resumed>) = 524288 [pid 5255] +++ exited with 0 +++ [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5255, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5261] munmap(0x7f7064400000, 138412032 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5261] <... munmap resumed>) = 0 [pid 5079] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5261] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5261] <... openat resumed>) = 4 [pid 5079] newfstatat(AT_FDCWD, "./29/binderfs", [pid 5261] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] unlink("./29/binderfs" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... unlink resumed>) = 0 [pid 5078] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... openat resumed>) = 3 [pid 5078] newfstatat(AT_FDCWD, "./27/file1", [pid 5077] newfstatat(3, "", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] umount2("./27/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] getdents64(3, [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] openat(AT_FDCWD, "./27/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... openat resumed>) = 4 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] newfstatat(AT_FDCWD, "./28/binderfs", [pid 5078] getdents64(4, [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] unlink("./28/binderfs" [pid 5078] getdents64(4, [pid 5077] <... unlink resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5262] munmap(0x7f7064400000, 138412032 [pid 5078] close(4) = 0 [pid 5078] rmdir("./27/file1") = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3) = 0 [pid 5078] rmdir("./27") = 0 [pid 5078] mkdir("./28", 0777 [pid 5262] <... munmap resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5261] <... ioctl resumed>) = 0 [pid 5261] close(3) = 0 [pid 5261] close(4) = 0 [pid 5261] mkdir("./file1", 0777) = 0 [pid 5262] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5262] <... openat resumed>) = 4 [pid 5078] <... openat resumed>) = 3 [pid 5262] ioctl(4, LOOP_SET_FD, 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5261] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3 [pid 5077] <... umount2 resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [ 130.098090][ T5261] loop5: detected capacity change from 0 to 1024 [ 130.133121][ T5262] loop0: detected capacity change from 0 to 1024 [pid 5262] <... ioctl resumed>) = 0 [pid 5261] <... mount resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5076] close(3 [pid 5261] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5261] <... openat resumed>) = 3 [pid 5079] newfstatat(AT_FDCWD, "./29/file1", [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] newfstatat(AT_FDCWD, "./28/file1", [pid 5261] chdir("./file1" [pid 5079] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5262] close(3 [pid 5076] <... close resumed>) = 0 [pid 5261] <... chdir resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... close resumed>) = 0 [pid 5077] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5261] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5261] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5261] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... openat resumed>) = 4 [pid 5077] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5261] <... openat resumed>) = 4 [pid 5079] newfstatat(4, "", [pid 5077] <... openat resumed>) = 4 [pid 5261] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] newfstatat(4, "", [pid 5079] getdents64(4, [pid 5262] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 5077] getdents64(4, [pid 5262] close(4 [pid 5079] <... close resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] close(4 [pid 5079] rmdir("./29/file1" [pid 5077] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5077] rmdir("./28/file1") = 0 [pid 5077] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5079] getdents64(3, [pid 5077] rmdir("./28") = 0 ./strace-static-x86_64: Process 5263 attached [pid 5262] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5263 [pid 5262] mkdir("./file1", 0777 [pid 5263] set_robust_list(0x555574eaa660, 24 [pid 5079] close(3 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] mkdir("./29", 0777 [pid 5263] <... set_robust_list resumed>) = 0 [pid 5262] <... mkdir resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5079] rmdir("./29" [pid 5263] chdir("./29" [pid 5079] <... rmdir resumed>) = 0 [pid 5079] mkdir("./30", 0777 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5262] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] <... mkdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5264 [pid 5077] <... ioctl resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5263] <... chdir resumed>) = 0 [pid 5263] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 5264 attached [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5264] set_robust_list(0x555574eaa660, 24) = 0 [pid 5264] chdir("./28") = 0 [pid 5261] <... ioctl resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5263] setpgid(0, 0 [pid 5261] exit_group(0 [pid 5263] <... setpgid resumed>) = 0 [pid 5261] <... exit_group resumed>) = ? [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5263] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5265 [pid 5264] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5264] setpgid(0, 0) = 0 [pid 5264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5263] <... openat resumed>) = 3 [pid 5263] write(3, "1000", 4 [pid 5264] <... openat resumed>) = 3 [pid 5263] <... write resumed>) = 4 [pid 5264] write(3, "1000", 4./strace-static-x86_64: Process 5265 attached ) = 4 [pid 5263] close(3 [pid 5264] close(3 [pid 5263] <... close resumed>) = 0 [pid 5265] set_robust_list(0x555574eaa660, 24 [pid 5263] symlink("/dev/binderfs", "./binderfs" [pid 5264] <... close resumed>) = 0 [pid 5261] +++ exited with 0 +++ [pid 5264] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5261, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5265] <... set_robust_list resumed>) = 0 [pid 5263] <... symlink resumed>) = 0 [pid 5264] memfd_create("syzkaller", 0 [pid 5080] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5264] <... memfd_create resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5265] chdir("./29" [pid 5080] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5264] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] <... openat resumed>) = 3 [pid 5263] memfd_create("syzkaller", 0) = 3 [pid 5080] newfstatat(3, "", [pid 5265] <... chdir resumed>) = 0 [pid 5263] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5262] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5265] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5263] <... mmap resumed>) = 0x7f7064400000 [pid 5080] getdents64(3, [pid 5265] <... prctl resumed>) = 0 [pid 5265] setpgid(0, 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5265] <... setpgid resumed>) = 0 [pid 5080] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5265] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5264] <... write resumed>) = 524288 [pid 5263] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5262] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] unlink("./29/binderfs" [pid 5079] <... ioctl resumed>) = 0 [pid 5265] <... openat resumed>) = 3 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5265] write(3, "1000", 4 [pid 5080] <... unlink resumed>) = 0 [pid 5265] <... write resumed>) = 4 [pid 5265] close(3 [pid 5262] <... openat resumed>) = 3 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5266 [pid 5265] <... close resumed>) = 0 [pid 5262] ioctl(3, LOOP_CLR_FD [pid 5080] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5265] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5266 attached [pid 5264] munmap(0x7f7064400000, 138412032 [pid 5266] set_robust_list(0x555574eaa660, 24 [pid 5264] <... munmap resumed>) = 0 [pid 5266] <... set_robust_list resumed>) = 0 [ 130.272694][ T5262] hfsplus: unable to set blocksize to 1024! [ 130.282783][ T5262] hfsplus: unable to find HFS+ superblock [pid 5266] chdir("./30") = 0 [pid 5264] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5266] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5264] <... openat resumed>) = 4 [pid 5266] <... prctl resumed>) = 0 [pid 5264] ioctl(4, LOOP_SET_FD, 3 [pid 5266] setpgid(0, 0 [pid 5265] <... symlink resumed>) = 0 [pid 5263] <... write resumed>) = 524288 [pid 5262] <... ioctl resumed>) = 0 [pid 5265] memfd_create("syzkaller", 0 [pid 5262] close(3 [pid 5266] <... setpgid resumed>) = 0 [pid 5265] <... memfd_create resumed>) = 3 [pid 5263] munmap(0x7f7064400000, 138412032 [pid 5262] <... close resumed>) = 0 [pid 5262] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5263] <... munmap resumed>) = 0 [pid 5262] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = 0 [pid 5080] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5262] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5266] write(3, "1000", 4 [pid 5265] <... mmap resumed>) = 0x7f7064400000 [pid 5263] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5262] <... ioctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5266] <... write resumed>) = 4 [pid 5266] close(3) = 0 [pid 5266] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5264] <... ioctl resumed>) = 0 [pid 5266] memfd_create("syzkaller", 0 [ 130.331068][ T5264] loop3: detected capacity change from 0 to 1024 [pid 5265] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5262] exit_group(0 [pid 5080] newfstatat(AT_FDCWD, "./29/file1", [pid 5263] <... openat resumed>) = 4 [pid 5263] ioctl(4, LOOP_SET_FD, 3 [pid 5266] <... memfd_create resumed>) = 3 [pid 5264] close(3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5266] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5264] <... close resumed>) = 0 [pid 5266] <... mmap resumed>) = 0x7f7064400000 [pid 5264] close(4 [pid 5266] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5264] <... close resumed>) = 0 [pid 5264] mkdir("./file1", 0777) = 0 [pid 5264] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5262] <... exit_group resumed>) = ? [pid 5262] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5262, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5075] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5080] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... openat resumed>) = 3 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5075] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] newfstatat(4, "", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] getdents64(4, [pid 5266] <... write resumed>) = 524288 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5263] <... ioctl resumed>) = 0 [pid 5075] unlink("./29/binderfs") = 0 [pid 5075] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./29/file1", [pid 5263] close(3 [pid 5080] getdents64(4, [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5263] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5263] close(4 [pid 5080] close(4 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] <... close resumed>) = 0 [pid 5075] newfstatat(4, "", [pid 5263] <... close resumed>) = 0 [pid 5266] munmap(0x7f7064400000, 138412032 [pid 5263] mkdir("./file1", 0777 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] rmdir("./29/file1" [pid 5266] <... munmap resumed>) = 0 [pid 5264] <... mount resumed>) = 0 [pid 5263] <... mkdir resumed>) = 0 [ 130.377840][ T5263] loop1: detected capacity change from 0 to 1024 [pid 5075] getdents64(4, [pid 5264] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... rmdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5263] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5264] <... openat resumed>) = 3 [pid 5075] getdents64(4, [pid 5264] chdir("./file1" [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5266] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5264] <... chdir resumed>) = 0 [pid 5075] close(4 [pid 5266] <... openat resumed>) = 4 [pid 5264] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5075] <... close resumed>) = 0 [pid 5266] ioctl(4, LOOP_SET_FD, 3 [pid 5265] <... write resumed>) = 524288 [pid 5264] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5075] rmdir("./29/file1" [pid 5264] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] <... rmdir resumed>) = 0 [pid 5265] munmap(0x7f7064400000, 138412032 [pid 5080] getdents64(3, [pid 5265] <... munmap resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3 [pid 5075] getdents64(3, [pid 5080] <... close resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] close(3) = 0 [pid 5264] <... openat resumed>) = 4 [pid 5075] rmdir("./29" [pid 5080] rmdir("./29" [pid 5075] <... rmdir resumed>) = 0 [pid 5264] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5264] exit_group(0) = ? [pid 5075] mkdir("./30", 0777 [pid 5265] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5264] +++ exited with 0 +++ [pid 5080] <... rmdir resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5080] mkdir("./30", 0777 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5264, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5075] close(3) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5265] <... openat resumed>) = 4 [pid 5263] <... mount resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5267 attached [pid 5265] ioctl(4, LOOP_SET_FD, 3 [pid 5263] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5267 [pid 5078] umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5267] set_robust_list(0x555574eaa660, 24 [pid 5263] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 3 [pid 5267] <... set_robust_list resumed>) = 0 [pid 5267] chdir("./30") = 0 [pid 5267] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5266] <... ioctl resumed>) = 0 [pid 5267] <... prctl resumed>) = 0 [pid 5266] close(3 [pid 5267] setpgid(0, 0 [pid 5266] <... close resumed>) = 0 [pid 5267] <... setpgid resumed>) = 0 [pid 5266] close(4 [pid 5267] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5266] <... close resumed>) = 0 [pid 5266] mkdir("./file1", 0777) = 0 [pid 5263] chdir("./file1" [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5267] <... openat resumed>) = 3 [pid 5267] write(3, "1000", 4 [pid 5263] <... chdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5267] <... write resumed>) = 4 [pid 5266] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5263] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] <... openat resumed>) = 3 [pid 5267] close(3) = 0 [pid 5267] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5263] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] newfstatat(3, "", [pid 5267] memfd_create("syzkaller", 0 [pid 5263] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, [pid 5267] <... memfd_create resumed>) = 3 [pid 5263] <... openat resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5263] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5263] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5078] newfstatat(AT_FDCWD, "./28/binderfs", [pid 5267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5263] exit_group(0 [pid 5267] <... mmap resumed>) = 0x7f7064400000 [pid 5263] <... exit_group resumed>) = ? [pid 5267] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5263] +++ exited with 0 +++ [pid 5266] <... mount resumed>) = 0 [pid 5265] <... ioctl resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5266] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5265] close(3 [pid 5078] unlink("./28/binderfs" [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5263, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5266] chdir("./file1") = 0 [pid 5266] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5265] <... close resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5076] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5265] close(4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5265] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5265] mkdir("./file1", 0777 [pid 5076] <... openat resumed>) = 3 [pid 5265] <... mkdir resumed>) = 0 [pid 5078] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] newfstatat(3, "", [pid 5265] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5266] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5266] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5266] exit_group(0 [pid 5076] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5266] <... exit_group resumed>) = ? [ 130.440768][ T5266] loop4: detected capacity change from 0 to 1024 [ 130.468035][ T5265] loop2: detected capacity change from 0 to 1024 [pid 5266] +++ exited with 0 +++ [pid 5076] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5266, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./29/binderfs", [pid 5079] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./29/binderfs" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5079] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] <... unlink resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./30/binderfs") = 0 [pid 5076] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5267] <... write resumed>) = 524288 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5267] munmap(0x7f7064400000, 138412032 [pid 5078] newfstatat(AT_FDCWD, "./28/file1", [pid 5267] <... munmap resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5078] umount2("./28/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./28/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5265] <... mount resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5267] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... umount2 resumed>) = 0 [pid 5078] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./29/file1", [pid 5267] <... openat resumed>) = 4 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] close(4 [pid 5267] ioctl(4, LOOP_SET_FD, 3 [pid 5265] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5078] <... close resumed>) = 0 [pid 5076] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5265] <... openat resumed>) = 3 [pid 5080] close(3 [pid 5078] rmdir("./28/file1" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5265] chdir("./file1" [pid 5080] <... close resumed>) = 0 [pid 5079] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5265] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5268 attached [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... rmdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5265] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5268 [pid 5079] newfstatat(AT_FDCWD, "./30/file1", [pid 5265] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5268] set_robust_list(0x555574eaa660, 24) = 0 [pid 5079] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(3, [pid 5076] newfstatat(4, "", [pid 5268] chdir("./30" [pid 5265] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5268] <... chdir resumed>) = 0 [pid 5265] <... openat resumed>) = 4 [pid 5079] <... openat resumed>) = 4 [pid 5078] close(3 [pid 5076] getdents64(4, [pid 5265] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5268] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5267] <... ioctl resumed>) = 0 [pid 5267] close(3) = 0 [pid 5267] close(4) = 0 [pid 5267] mkdir("./file1", 0777 [pid 5268] <... prctl resumed>) = 0 [pid 5267] <... mkdir resumed>) = 0 [pid 5268] setpgid(0, 0 [pid 5078] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5268] <... setpgid resumed>) = 0 [pid 5079] newfstatat(4, "", [pid 5078] rmdir("./28" [pid 5076] getdents64(4, [pid 5268] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] getdents64(4, [pid 5076] close(4 [pid 5267] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... close resumed>) = 0 [pid 5079] getdents64(4, [pid 5076] rmdir("./29/file1" [pid 5268] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5079] close(4 [ 130.564477][ T5267] loop0: detected capacity change from 0 to 1024 [pid 5078] mkdir("./29", 0777 [pid 5079] <... close resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5079] rmdir("./30/file1" [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5268] write(3, "1000", 4 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5076] getdents64(3, [pid 5268] <... write resumed>) = 4 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5268] close(3 [pid 5076] close(3 [pid 5268] <... close resumed>) = 0 [pid 5078] ioctl(3, LOOP_CLR_FD) = 0 [pid 5076] <... close resumed>) = 0 [pid 5078] close(3 [pid 5076] rmdir("./29" [pid 5078] <... close resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... rmdir resumed>) = 0 [pid 5079] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./30" [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5269 [pid 5268] symlink("/dev/binderfs", "./binderfs" [pid 5079] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5269 attached [pid 5268] <... symlink resumed>) = 0 [pid 5079] mkdir("./31", 0777 [pid 5076] mkdir("./30", 0777 [pid 5269] set_robust_list(0x555574eaa660, 24 [pid 5268] memfd_create("syzkaller", 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5269] <... set_robust_list resumed>) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5269] chdir("./29" [pid 5079] <... openat resumed>) = 3 [pid 5076] <... mkdir resumed>) = 0 [pid 5269] <... chdir resumed>) = 0 [pid 5268] <... memfd_create resumed>) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... ioctl resumed>) = 0 [pid 5269] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] close(3 [pid 5269] <... prctl resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5269] setpgid(0, 0 [pid 5268] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5268] <... mmap resumed>) = 0x7f7064400000 [pid 5269] <... setpgid resumed>) = 0 [pid 5269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5269] write(3, "1000", 4) = 4 [pid 5269] close(3) = 0 [pid 5269] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 5270 attached [pid 5268] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5269] memfd_create("syzkaller", 0 [pid 5265] <... ioctl resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5270 [pid 5270] set_robust_list(0x555574eaa660, 24) = 0 [pid 5269] <... memfd_create resumed>) = 3 [pid 5265] exit_group(0) = ? [pid 5269] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5270] chdir("./31" [pid 5265] +++ exited with 0 +++ [pid 5270] <... chdir resumed>) = 0 [pid 5270] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5270] setpgid(0, 0) = 0 [pid 5270] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5269] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5270] <... openat resumed>) = 3 [pid 5270] write(3, "1000", 4) = 4 [pid 5270] close(3) = 0 [pid 5270] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5268] <... write resumed>) = 524288 [pid 5270] memfd_create("syzkaller", 0) = 3 [pid 5270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5268] munmap(0x7f7064400000, 138412032) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5265, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5077] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5269] <... write resumed>) = 524288 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5270] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5268] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] <... openat resumed>) = 3 [pid 5076] <... ioctl resumed>) = 0 [pid 5077] newfstatat(3, "", [pid 5270] <... write resumed>) = 524288 [pid 5269] munmap(0x7f7064400000, 138412032 [pid 5268] <... openat resumed>) = 4 [pid 5267] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] close(3 [pid 5267] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] getdents64(3, [pid 5076] <... close resumed>) = 0 [pid 5267] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./29/binderfs" [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5271 ./strace-static-x86_64: Process 5271 attached [ 130.672337][ T5267] hfsplus: unable to set blocksize to 1024! [ 130.679021][ T5267] hfsplus: unable to find HFS+ superblock [pid 5268] ioctl(4, LOOP_SET_FD, 3 [pid 5271] set_robust_list(0x555574eaa660, 24 [pid 5269] <... munmap resumed>) = 0 [pid 5267] ioctl(3, LOOP_CLR_FD [pid 5077] <... unlink resumed>) = 0 [pid 5271] <... set_robust_list resumed>) = 0 [pid 5271] chdir("./30") = 0 [pid 5077] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5267] <... ioctl resumed>) = 0 [pid 5269] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5271] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5270] munmap(0x7f7064400000, 138412032) = 0 [pid 5269] <... openat resumed>) = 4 [pid 5269] ioctl(4, LOOP_SET_FD, 3 [pid 5267] close(3) = 0 [pid 5271] <... prctl resumed>) = 0 [pid 5271] setpgid(0, 0 [pid 5270] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5268] <... ioctl resumed>) = 0 [pid 5270] <... openat resumed>) = 4 [pid 5268] close(3 [pid 5267] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5268] <... close resumed>) = 0 [pid 5268] close(4) = 0 [pid 5267] <... openat resumed>) = 3 [pid 5268] mkdir("./file1", 0777) = 0 [pid 5267] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5270] ioctl(4, LOOP_SET_FD, 3 [pid 5267] exit_group(0 [pid 5271] <... setpgid resumed>) = 0 [pid 5268] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5267] <... exit_group resumed>) = ? [pid 5271] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5267] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5267, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5271] write(3, "1000", 4) = 4 [pid 5269] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5271] close(3 [pid 5269] close(3 [pid 5077] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5271] <... close resumed>) = 0 [pid 5269] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5271] symlink("/dev/binderfs", "./binderfs" [pid 5269] close(4 [pid 5271] <... symlink resumed>) = 0 [pid 5269] <... close resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./29/file1", [pid 5075] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5269] mkdir("./file1", 0777) = 0 [pid 5268] <... mount resumed>) = 0 [pid 5077] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5269] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5268] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 3 [pid 5268] <... openat resumed>) = 3 [pid 5077] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] newfstatat(3, "", [pid 5271] memfd_create("syzkaller", 0 [pid 5268] chdir("./file1" [pid 5077] <... openat resumed>) = 4 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5268] <... chdir resumed>) = 0 [pid 5077] newfstatat(4, "", [pid 5075] getdents64(3, [pid 5268] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5268] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] getdents64(4, [pid 5268] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5268] <... openat resumed>) = 4 [pid 5077] getdents64(4, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5268] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] newfstatat(AT_FDCWD, "./30/binderfs", [pid 5268] <... ioctl resumed>) = 0 [pid 5077] close(4 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5271] <... memfd_create resumed>) = 3 [pid 5270] <... ioctl resumed>) = 0 [pid 5268] exit_group(0 [pid 5077] <... close resumed>) = 0 [pid 5075] unlink("./30/binderfs" [pid 5271] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5270] close(3 [pid 5268] <... exit_group resumed>) = ? [ 130.723523][ T5268] loop5: detected capacity change from 0 to 1024 [ 130.748241][ T5269] loop3: detected capacity change from 0 to 1024 [ 130.758525][ T5270] loop4: detected capacity change from 0 to 1024 [pid 5077] rmdir("./29/file1" [pid 5075] <... unlink resumed>) = 0 [pid 5271] <... mmap resumed>) = 0x7f7064400000 [pid 5270] <... close resumed>) = 0 [pid 5268] +++ exited with 0 +++ [pid 5077] <... rmdir resumed>) = 0 [pid 5075] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5271] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5270] close(4 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5268, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5077] getdents64(3, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] newfstatat(AT_FDCWD, "./30/file1", [pid 5270] <... close resumed>) = 0 [pid 5077] close(3 [pid 5270] mkdir("./file1", 0777 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5270] <... mkdir resumed>) = 0 [pid 5080] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] rmdir("./29" [pid 5075] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5270] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... rmdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5269] <... mount resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] <... openat resumed>) = 3 [pid 5075] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5270] <... mount resumed>) = 0 [pid 5077] mkdir("./30", 0777 [pid 5075] getdents64(4, [pid 5270] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5269] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] newfstatat(3, "", [pid 5270] <... openat resumed>) = 3 [pid 5269] <... openat resumed>) = 3 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5270] chdir("./file1" [pid 5269] chdir("./file1" [pid 5080] getdents64(3, [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5270] <... chdir resumed>) = 0 [pid 5269] <... chdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5271] <... write resumed>) = 524288 [pid 5270] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5269] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] getdents64(4, [pid 5271] munmap(0x7f7064400000, 138412032 [pid 5270] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5270] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5269] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5271] <... munmap resumed>) = 0 [pid 5270] <... openat resumed>) = 4 [pid 5075] close(4 [pid 5270] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5269] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... openat resumed>) = 3 [pid 5075] <... close resumed>) = 0 [pid 5270] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5270] exit_group(0 [pid 5269] <... openat resumed>) = 4 [pid 5080] newfstatat(AT_FDCWD, "./30/binderfs", [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5075] rmdir("./30/file1" [pid 5269] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5269] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5080] unlink("./30/binderfs" [pid 5270] <... exit_group resumed>) = ? [pid 5269] exit_group(0 [pid 5080] <... unlink resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, [pid 5269] <... exit_group resumed>) = ? [pid 5080] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5270] +++ exited with 0 +++ [pid 5269] +++ exited with 0 +++ [pid 5075] close(3 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5270, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5269, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5075] <... close resumed>) = 0 [pid 5075] rmdir("./30" [pid 5078] umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... rmdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] mkdir("./31", 0777 [pid 5079] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 3 [pid 5075] <... mkdir resumed>) = 0 [pid 5078] newfstatat(3, "", [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5271] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5080] <... umount2 resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5271] ioctl(4, LOOP_SET_FD, 3 [pid 5078] getdents64(3, [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5079] <... openat resumed>) = 3 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5080] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] newfstatat(3, "", [pid 5078] umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(3) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] newfstatat(AT_FDCWD, "./29/binderfs", [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./30/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] getdents64(3, [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] unlink("./29/binderfs"./strace-static-x86_64: Process 5272 attached [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5272 [pid 5080] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... unlink resumed>) = 0 [pid 5272] set_robust_list(0x555574eaa660, 24 [pid 5080] <... openat resumed>) = 4 [pid 5079] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5272] <... set_robust_list resumed>) = 0 [pid 5078] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5272] chdir("./31" [pid 5080] newfstatat(4, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5272] <... chdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] newfstatat(AT_FDCWD, "./31/binderfs", [pid 5272] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] getdents64(4, [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5080] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./30/file1") = 0 [pid 5272] <... prctl resumed>) = 0 [pid 5079] unlink("./31/binderfs" [pid 5077] <... ioctl resumed>) = 0 [ 130.896846][ T5271] loop1: detected capacity change from 0 to 1024 [pid 5272] setpgid(0, 0) = 0 [pid 5271] <... ioctl resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5077] close(3 [pid 5080] getdents64(3, [pid 5271] close(3 [pid 5079] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5271] <... close resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5271] close(4 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] close(3) = 0 [pid 5271] <... close resumed>) = 0 [pid 5080] rmdir("./30") = 0 [pid 5080] mkdir("./31", 0777 [pid 5271] mkdir("./file1", 0777 [pid 5080] <... mkdir resumed>) = 0 [pid 5078] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5273 attached [pid 5272] <... openat resumed>) = 3 [pid 5271] <... mkdir resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5273 [pid 5272] write(3, "1000", 4 [pid 5271] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5078] newfstatat(AT_FDCWD, "./29/file1", [pid 5272] <... write resumed>) = 4 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5272] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5273] set_robust_list(0x555574eaa660, 24 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5274 [pid 5273] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5274 attached [pid 5274] set_robust_list(0x555574eaa660, 24) = 0 [pid 5274] chdir("./31") = 0 [pid 5273] chdir("./30" [pid 5272] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] umount2("./29/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5274] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5273] <... chdir resumed>) = 0 [pid 5272] symlink("/dev/binderfs", "./binderfs" [pid 5271] <... mount resumed>) = 0 [pid 5079] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5273] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] openat(AT_FDCWD, "./29/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5273] <... prctl resumed>) = 0 [pid 5274] <... prctl resumed>) = 0 [pid 5273] setpgid(0, 0 [pid 5272] <... symlink resumed>) = 0 [pid 5271] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 4 [pid 5273] <... setpgid resumed>) = 0 [pid 5274] setpgid(0, 0 [pid 5273] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] newfstatat(AT_FDCWD, "./31/file1", [pid 5078] newfstatat(4, "", [pid 5272] memfd_create("syzkaller", 0 [pid 5271] <... openat resumed>) = 3 [pid 5274] <... setpgid resumed>) = 0 [pid 5273] <... openat resumed>) = 3 [pid 5272] <... memfd_create resumed>) = 3 [pid 5271] chdir("./file1" [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5273] write(3, "1000", 4 [pid 5272] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5271] <... chdir resumed>) = 0 [pid 5078] getdents64(4, [pid 5274] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5273] <... write resumed>) = 4 [pid 5272] <... mmap resumed>) = 0x7f7064400000 [pid 5271] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5274] <... openat resumed>) = 3 [pid 5273] close(3 [pid 5272] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5271] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] getdents64(4, [pid 5274] write(3, "1000", 4 [pid 5273] <... close resumed>) = 0 [pid 5271] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5274] <... write resumed>) = 4 [pid 5079] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5273] symlink("/dev/binderfs", "./binderfs" [pid 5271] <... openat resumed>) = 4 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5274] close(3 [pid 5273] <... symlink resumed>) = 0 [pid 5271] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... openat resumed>) = 4 [pid 5078] close(4 [pid 5274] <... close resumed>) = 0 [pid 5271] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] newfstatat(4, "", [pid 5078] <... close resumed>) = 0 [pid 5274] symlink("/dev/binderfs", "./binderfs" [pid 5271] exit_group(0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] rmdir("./29/file1" [pid 5274] <... symlink resumed>) = 0 [pid 5271] <... exit_group resumed>) = ? [pid 5079] getdents64(4, [pid 5078] <... rmdir resumed>) = 0 [pid 5274] memfd_create("syzkaller", 0 [pid 5271] +++ exited with 0 +++ [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(3, [pid 5273] memfd_create("syzkaller", 0 [pid 5272] <... write resumed>) = 524288 [pid 5079] getdents64(4, [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5274] <... memfd_create resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5271, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5079] close(4 [pid 5273] <... memfd_create resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 5078] close(3 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] rmdir("./31/file1" [pid 5078] <... close resumed>) = 0 [pid 5076] <... restart_syscall resumed>) = 0 [pid 5274] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5273] <... mmap resumed>) = 0x7f7064400000 [pid 5078] rmdir("./29" [pid 5274] <... mmap resumed>) = 0x7f7064400000 [pid 5273] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5272] munmap(0x7f7064400000, 138412032 [pid 5078] mkdir("./30", 0777 [pid 5272] <... munmap resumed>) = 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5272] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] getdents64(3, [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5274] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5272] <... openat resumed>) = 4 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5076] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5273] <... write resumed>) = 524288 [pid 5079] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5272] ioctl(4, LOOP_SET_FD, 3 [pid 5078] ioctl(3, LOOP_CLR_FD) = 0 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... close resumed>) = 0 [pid 5076] newfstatat(3, "", [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5275 [pid 5079] rmdir("./31" [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5275 attached [pid 5275] set_robust_list(0x555574eaa660, 24 [pid 5274] <... write resumed>) = 524288 [pid 5273] munmap(0x7f7064400000, 138412032 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5275] <... set_robust_list resumed>) = 0 [pid 5274] munmap(0x7f7064400000, 138412032 [pid 5273] <... munmap resumed>) = 0 [pid 5079] mkdir("./32", 0777 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5275] chdir("./30" [pid 5273] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] <... mkdir resumed>) = 0 [pid 5076] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5275] <... chdir resumed>) = 0 [pid 5274] <... munmap resumed>) = 0 [pid 5273] <... openat resumed>) = 4 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5275] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5273] ioctl(4, LOOP_SET_FD, 3 [pid 5272] <... ioctl resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./30/binderfs", [pid 5275] setpgid(0, 0 [pid 5274] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5272] close(3 [pid 5079] <... openat resumed>) = 3 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5275] <... setpgid resumed>) = 0 [pid 5274] <... openat resumed>) = 4 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] unlink("./30/binderfs" [pid 5275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... unlink resumed>) = 0 [pid 5275] <... openat resumed>) = 3 [pid 5274] ioctl(4, LOOP_SET_FD, 3 [pid 5076] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5275] write(3, "1000", 4 [pid 5272] <... close resumed>) = 0 [pid 5275] <... write resumed>) = 4 [pid 5272] close(4 [pid 5275] close(3 [pid 5273] <... ioctl resumed>) = 0 [pid 5272] <... close resumed>) = 0 [pid 5273] close(3 [pid 5272] mkdir("./file1", 0777 [pid 5273] <... close resumed>) = 0 [pid 5275] <... close resumed>) = 0 [pid 5273] close(4 [pid 5272] <... mkdir resumed>) = 0 [pid 5275] symlink("/dev/binderfs", "./binderfs" [pid 5273] <... close resumed>) = 0 [pid 5272] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] <... umount2 resumed>) = 0 [pid 5273] mkdir("./file1", 0777 [pid 5275] <... symlink resumed>) = 0 [pid 5273] <... mkdir resumed>) = 0 [pid 5275] memfd_create("syzkaller", 0) = 3 [pid 5076] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5275] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5275] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5274] <... ioctl resumed>) = 0 [pid 5274] close(3 [pid 5273] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] newfstatat(AT_FDCWD, "./30/file1", [pid 5274] <... close resumed>) = 0 [pid 5274] close(4) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5274] mkdir("./file1", 0777 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5274] <... mkdir resumed>) = 0 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [ 131.093168][ T5272] loop0: detected capacity change from 0 to 1024 [ 131.110747][ T5273] loop2: detected capacity change from 0 to 1024 [ 131.117955][ T5274] loop5: detected capacity change from 0 to 1024 [pid 5076] rmdir("./30/file1") = 0 [pid 5274] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./30" [pid 5272] <... mount resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5272] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5076] mkdir("./31", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] close(3 [pid 5273] <... mount resumed>) = 0 [pid 5272] <... openat resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 5272] chdir("./file1") = 0 [pid 5275] <... write resumed>) = 524288 [pid 5273] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5272] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5273] <... openat resumed>) = 3 [pid 5272] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5273] chdir("./file1") = 0 ./strace-static-x86_64: Process 5276 attached [pid 5275] munmap(0x7f7064400000, 138412032 [pid 5272] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5276 [pid 5275] <... munmap resumed>) = 0 [pid 5275] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5272] <... openat resumed>) = 4 [pid 5276] set_robust_list(0x555574eaa660, 24 [pid 5275] <... openat resumed>) = 4 [pid 5272] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5275] ioctl(4, LOOP_SET_FD, 3 [pid 5276] <... set_robust_list resumed>) = 0 [pid 5275] <... ioctl resumed>) = 0 [pid 5274] <... mount resumed>) = 0 [pid 5273] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5276] chdir("./32" [pid 5274] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5273] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5273] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5274] <... openat resumed>) = 3 [pid 5274] chdir("./file1" [pid 5276] <... chdir resumed>) = 0 [pid 5275] close(3 [pid 5274] <... chdir resumed>) = 0 [pid 5273] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5274] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5275] <... close resumed>) = 0 [pid 5274] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5275] close(4) = 0 [pid 5275] mkdir("./file1", 0777 [pid 5276] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5275] <... mkdir resumed>) = 0 [pid 5274] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5276] <... prctl resumed>) = 0 [pid 5275] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5274] <... openat resumed>) = 4 [pid 5276] setpgid(0, 0) = 0 [pid 5276] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5274] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5272] <... ioctl resumed>) = 0 [pid 5272] exit_group(0) = ? [pid 5276] <... openat resumed>) = 3 [pid 5274] <... ioctl resumed>) = 0 [pid 5273] <... ioctl resumed>) = 0 [pid 5272] +++ exited with 0 +++ [pid 5076] <... ioctl resumed>) = 0 [pid 5274] exit_group(0 [pid 5273] exit_group(0 [pid 5276] write(3, "1000", 4 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5272, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5276] <... write resumed>) = 4 [pid 5274] <... exit_group resumed>) = ? [pid 5273] <... exit_group resumed>) = ? [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5276] close(3 [pid 5075] <... restart_syscall resumed>) = 0 [ 131.223845][ T5275] loop3: detected capacity change from 0 to 1024 [pid 5276] <... close resumed>) = 0 [pid 5275] <... mount resumed>) = 0 [pid 5274] +++ exited with 0 +++ [pid 5276] symlink("/dev/binderfs", "./binderfs" [pid 5275] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5274, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5075] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5275] <... openat resumed>) = 3 [pid 5076] close(3 [pid 5276] <... symlink resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5275] chdir("./file1" [pid 5080] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... openat resumed>) = 3 [pid 5275] <... chdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(3, "", ./strace-static-x86_64: Process 5277 attached [pid 5275] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5277 [pid 5277] set_robust_list(0x555574eaa660, 24 [pid 5275] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] <... openat resumed>) = 3 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5277] <... set_robust_list resumed>) = 0 [pid 5276] memfd_create("syzkaller", 0 [pid 5275] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] newfstatat(3, "", [pid 5277] chdir("./31" [pid 5275] <... openat resumed>) = 4 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(3, [pid 5277] <... chdir resumed>) = 0 [pid 5276] <... memfd_create resumed>) = 3 [pid 5275] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] getdents64(3, [pid 5276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5275] <... ioctl resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5277] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5275] exit_group(0 [pid 5080] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5277] <... prctl resumed>) = 0 [pid 5276] <... mmap resumed>) = 0x7f7064400000 [pid 5275] <... exit_group resumed>) = ? [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5277] setpgid(0, 0 [pid 5275] +++ exited with 0 +++ [pid 5080] newfstatat(AT_FDCWD, "./31/binderfs", [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5277] <... setpgid resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] newfstatat(AT_FDCWD, "./31/binderfs", [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5275, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5277] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5273] +++ exited with 0 +++ [pid 5080] unlink("./31/binderfs" [pid 5078] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5273, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5075] unlink("./31/binderfs" [pid 5277] <... openat resumed>) = 3 [pid 5276] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5075] <... unlink resumed>) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5077] <... restart_syscall resumed>) = 0 [pid 5075] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] newfstatat(3, "", [pid 5277] write(3, "1000", 4) = 4 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5277] close(3 [pid 5078] getdents64(3, [pid 5277] <... close resumed>) = 0 [pid 5077] umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5277] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5277] memfd_create("syzkaller", 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] getdents64(3, [pid 5080] <... umount2 resumed>) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5277] <... memfd_create resumed>) = 3 [pid 5276] <... write resumed>) = 524288 [pid 5078] newfstatat(AT_FDCWD, "./30/binderfs", [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5277] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5277] <... mmap resumed>) = 0x7f7064400000 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./31/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] unlink("./30/binderfs" [pid 5077] newfstatat(AT_FDCWD, "./30/binderfs", [pid 5075] newfstatat(AT_FDCWD, "./31/file1", [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", [pid 5078] <... unlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] unlink("./30/binderfs" [pid 5075] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] <... unlink resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./31/file1") = 0 [pid 5277] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5276] munmap(0x7f7064400000, 138412032 [pid 5075] <... openat resumed>) = 4 [pid 5075] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] getdents64(4, [pid 5276] <... munmap resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] rmdir("./31") = 0 [pid 5276] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5276] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] close(4 [pid 5080] mkdir("./32", 0777 [pid 5075] <... close resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5075] rmdir("./31/file1") = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = 0 [pid 5075] getdents64(3, [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5075] close(3 [pid 5078] newfstatat(AT_FDCWD, "./30/file1", [pid 5075] <... close resumed>) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5077] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] rmdir("./31" [pid 5080] <... ioctl resumed>) = 0 [pid 5078] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... rmdir resumed>) = 0 [pid 5080] close(3) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./30/file1", [pid 5075] mkdir("./32", 0777 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5277] <... write resumed>) = 524288 [pid 5078] <... openat resumed>) = 4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5078] newfstatat(4, "", [pid 5077] umount2("./30/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5277] munmap(0x7f7064400000, 138412032) = 0 [pid 5277] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5277] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5278 attached [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5278 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5078] getdents64(4, [pid 5077] openat(AT_FDCWD, "./30/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5278] set_robust_list(0x555574eaa660, 24 [pid 5276] <... ioctl resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] <... openat resumed>) = 4 [pid 5075] <... openat resumed>) = 3 [pid 5077] newfstatat(4, "", [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5278] <... set_robust_list resumed>) = 0 [pid 5276] close(3 [pid 5078] getdents64(4, [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5276] <... close resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] getdents64(4, [pid 5278] chdir("./32" [pid 5276] close(4 [pid 5078] close(4 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5278] <... chdir resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5077] getdents64(4, [pid 5278] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] rmdir("./30/file1" [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5278] <... prctl resumed>) = 0 [pid 5276] <... close resumed>) = 0 [pid 5276] mkdir("./file1", 0777) = 0 [pid 5276] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5077] close(4 [pid 5278] setpgid(0, 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5278] <... setpgid resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] <... close resumed>) = 0 [pid 5278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] rmdir("./30/file1" [pid 5278] <... openat resumed>) = 3 [pid 5078] close(3 [pid 5277] <... ioctl resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5278] write(3, "1000", 4 [pid 5277] close(3 [pid 5078] <... close resumed>) = 0 [pid 5077] getdents64(3, [pid 5278] <... write resumed>) = 4 [pid 5277] <... close resumed>) = 0 [pid 5078] rmdir("./30" [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5278] close(3 [pid 5277] close(4) = 0 [pid 5277] mkdir("./file1", 0777 [pid 5278] <... close resumed>) = 0 [pid 5277] <... mkdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] close(3 [pid 5278] symlink("/dev/binderfs", "./binderfs" [pid 5078] mkdir("./31", 0777 [pid 5077] <... close resumed>) = 0 [pid 5278] <... symlink resumed>) = 0 [ 131.383377][ T5276] loop4: detected capacity change from 0 to 1024 [ 131.419797][ T5277] loop1: detected capacity change from 0 to 1024 [pid 5277] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5075] <... ioctl resumed>) = 0 [pid 5278] memfd_create("syzkaller", 0 [pid 5078] <... mkdir resumed>) = 0 [pid 5077] rmdir("./30") = 0 [pid 5278] <... memfd_create resumed>) = 3 [pid 5077] mkdir("./31", 0777) = 0 [pid 5278] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5276] <... mount resumed>) = 0 [pid 5278] <... mmap resumed>) = 0x7f7064400000 [pid 5276] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5276] <... openat resumed>) = 3 [pid 5077] <... openat resumed>) = 3 [pid 5276] chdir("./file1" [pid 5078] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5276] <... chdir resumed>) = 0 [pid 5276] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5278] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3 [pid 5276] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] <... close resumed>) = 0 [pid 5276] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5277] <... mount resumed>) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5277] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5276] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5277] <... openat resumed>) = 3 [pid 5276] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5277] chdir("./file1") = 0 [pid 5277] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5277] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5276] exit_group(0 [pid 5277] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5276] <... exit_group resumed>) = ? [pid 5277] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5278] <... write resumed>) = 524288 [pid 5277] exit_group(0 [pid 5276] +++ exited with 0 +++ [pid 5075] close(3./strace-static-x86_64: Process 5279 attached [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5279 [pid 5075] <... close resumed>) = 0 [pid 5279] set_robust_list(0x555574eaa660, 24 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5276, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5277] <... exit_group resumed>) = ? [pid 5079] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5277] +++ exited with 0 +++ [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5277, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- ./strace-static-x86_64: Process 5280 attached [pid 5076] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5280 [pid 5280] set_robust_list(0x555574eaa660, 24 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5280] <... set_robust_list resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5280] chdir("./32" [pid 5079] newfstatat(3, "", [pid 5076] <... openat resumed>) = 3 [pid 5280] <... chdir resumed>) = 0 [pid 5279] <... set_robust_list resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] newfstatat(3, "", [pid 5280] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] getdents64(3, [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5280] <... prctl resumed>) = 0 [pid 5279] chdir("./31" [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] getdents64(3, [pid 5280] setpgid(0, 0 [pid 5079] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5280] <... setpgid resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./31/binderfs", [pid 5280] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5280] <... openat resumed>) = 3 [pid 5079] unlink("./32/binderfs" [pid 5077] <... ioctl resumed>) = 0 [pid 5279] <... chdir resumed>) = 0 [pid 5076] unlink("./31/binderfs" [pid 5279] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5278] munmap(0x7f7064400000, 138412032 [pid 5079] <... unlink resumed>) = 0 [pid 5077] close(3 [pid 5279] <... prctl resumed>) = 0 [pid 5278] <... munmap resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5280] write(3, "1000", 4 [pid 5279] setpgid(0, 0 [pid 5079] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5279] <... setpgid resumed>) = 0 [pid 5278] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5280] <... write resumed>) = 4 [pid 5279] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5278] <... openat resumed>) = 4 [pid 5280] close(3 [pid 5278] ioctl(4, LOOP_SET_FD, 3 [pid 5280] <... close resumed>) = 0 [pid 5076] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5280] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5280] memfd_create("syzkaller", 0) = 3 [pid 5280] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5280] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5279] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5281 attached [pid 5279] write(3, "1000", 4 [pid 5278] <... ioctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5279] <... write resumed>) = 4 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5281 [pid 5281] set_robust_list(0x555574eaa660, 24 [pid 5279] close(3 [pid 5278] close(3 [pid 5279] <... close resumed>) = 0 [pid 5281] <... set_robust_list resumed>) = 0 [pid 5279] symlink("/dev/binderfs", "./binderfs" [pid 5278] <... close resumed>) = 0 [pid 5076] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5278] close(4 [pid 5281] chdir("./31" [pid 5279] <... symlink resumed>) = 0 [pid 5278] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./31/file1", [pid 5281] <... chdir resumed>) = 0 [pid 5278] mkdir("./file1", 0777 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5281] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5279] memfd_create("syzkaller", 0 [pid 5278] <... mkdir resumed>) = 0 [pid 5076] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5281] <... prctl resumed>) = 0 [pid 5279] <... memfd_create resumed>) = 3 [pid 5278] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, [pid 5079] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5281] setpgid(0, 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 131.576939][ T5278] loop5: detected capacity change from 0 to 1024 [pid 5281] <... setpgid resumed>) = 0 [pid 5279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] close(4 [pid 5079] newfstatat(AT_FDCWD, "./32/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5280] <... write resumed>) = 524288 [pid 5079] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5280] munmap(0x7f7064400000, 138412032 [pid 5279] <... mmap resumed>) = 0x7f7064400000 [pid 5278] <... mount resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5281] <... openat resumed>) = 3 [pid 5280] <... munmap resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5281] write(3, "1000", 4 [pid 5280] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5076] rmdir("./31/file1" [pid 5281] <... write resumed>) = 4 [pid 5280] <... openat resumed>) = 4 [pid 5278] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5281] close(3 [pid 5280] ioctl(4, LOOP_SET_FD, 3 [pid 5279] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5278] <... openat resumed>) = 3 [pid 5079] <... openat resumed>) = 4 [pid 5076] <... rmdir resumed>) = 0 [pid 5281] <... close resumed>) = 0 [pid 5278] chdir("./file1" [pid 5079] newfstatat(4, "", [pid 5281] symlink("/dev/binderfs", "./binderfs" [pid 5278] <... chdir resumed>) = 0 [pid 5281] <... symlink resumed>) = 0 [pid 5278] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5278] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5281] memfd_create("syzkaller", 0 [pid 5079] getdents64(4, [pid 5281] <... memfd_create resumed>) = 3 [pid 5278] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5281] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5278] <... openat resumed>) = 4 [pid 5079] getdents64(4, [pid 5076] close(3 [pid 5281] <... mmap resumed>) = 0x7f7064400000 [pid 5278] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... close resumed>) = 0 [pid 5079] close(4 [pid 5076] rmdir("./31" [pid 5079] <... close resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5079] rmdir("./32/file1" [pid 5280] <... ioctl resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] mkdir("./32", 0777 [pid 5079] getdents64(3, [pid 5280] close(3 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5280] <... close resumed>) = 0 [pid 5079] close(3 [pid 5280] close(4 [pid 5079] <... close resumed>) = 0 [pid 5280] <... close resumed>) = 0 [pid 5079] rmdir("./32") = 0 [pid 5280] mkdir("./file1", 0777 [pid 5079] mkdir("./33", 0777 [pid 5281] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5280] <... mkdir resumed>) = 0 [pid 5079] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5280] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5279] <... write resumed>) = 524288 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5279] munmap(0x7f7064400000, 138412032) = 0 [ 131.653416][ T5280] loop0: detected capacity change from 0 to 1024 [pid 5279] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 131.718474][ T5279] loop3: detected capacity change from 0 to 1024 [ 131.732025][ T5280] ================================================================== [ 131.740232][ T5280] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0xf86/0x1070 [ 131.748543][ T5280] Read of size 2 at addr ffff888011977800 by task syz-executor204/5280 [ 131.756895][ T5280] [pid 5279] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... ioctl resumed>) = 0 [pid 5278] <... ioctl resumed>) = 0 [ 131.759248][ T5280] CPU: 1 PID: 5280 Comm: syz-executor204 Tainted: G B 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 131.770861][ T5280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 131.780962][ T5280] Call Trace: [ 131.784272][ T5280] [ 131.787230][ T5280] dump_stack_lvl+0x116/0x1f0 [ 131.791973][ T5280] print_report+0xc3/0x620 [ 131.796436][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.801348][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.806272][ T5280] ? __phys_addr+0xc6/0x150 [ 131.810847][ T5280] kasan_report+0xd9/0x110 [pid 5281] <... write resumed>) = 524288 [pid 5279] <... ioctl resumed>) = 0 [pid 5278] exit_group(0 [pid 5079] <... ioctl resumed>) = 0 [ 131.815317][ T5280] ? hfsplus_read_wrapper+0xf86/0x1070 [ 131.820839][ T5280] ? hfsplus_read_wrapper+0xf86/0x1070 [ 131.826365][ T5280] hfsplus_read_wrapper+0xf86/0x1070 [ 131.831713][ T5280] ? lock_release+0x4cc/0x6a0 [ 131.836468][ T5280] ? __pfx_hfsplus_read_wrapper+0x10/0x10 [ 131.842250][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.847163][ T5280] ? do_raw_spin_lock+0x12d/0x2c0 [ 131.852244][ T5280] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 131.857679][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.862591][ T5280] ? do_raw_spin_unlock+0x172/0x230 [pid 5076] close(3 [pid 5278] <... exit_group resumed>) = ? [pid 5079] close(3 [pid 5076] <... close resumed>) = 0 [pid 5278] +++ exited with 0 +++ [pid 5079] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5278, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555574eaa650) = 5283 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5282 [pid 5080] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5279] close(3 [pid 5080] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5279] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5279] close(4 [pid 5080] newfstatat(3, "", [pid 5279] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 131.867877][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.872793][ T5280] ? _raw_spin_unlock+0x28/0x50 [ 131.877694][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.882697][ T5280] ? find_nls+0x125/0x170 [ 131.887090][ T5280] hfsplus_fill_super+0x352/0x1bc0 [ 131.892277][ T5280] ? rcu_is_watching+0x12/0xc0 [ 131.897123][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.902040][ T5280] ? lock_release+0x4cc/0x6a0 [ 131.902170][ T5281] loop2: detected capacity change from 0 to 1024 [ 131.906742][ T5280] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 131.918651][ T5280] ? bdev_name.constprop.0+0xa1/0x330 [ 131.924130][ T5280] ? do_raw_spin_lock+0x12d/0x2c0 [ 131.929216][ T5280] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 131.934641][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.939559][ T5280] ? set_blocksize+0x2b1/0x350 [ 131.944393][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.949309][ T5280] ? sb_set_blocksize+0xf6/0x120 [ 131.954319][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.959230][ T5280] ? setup_bdev_super+0x392/0x720 [ 131.964317][ T5280] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 131.969932][ T5280] mount_bdev+0x1e6/0x2d0 [ 131.974327][ T5280] ? __pfx_mount_bdev+0x10/0x10 [ 131.979242][ T5280] ? srso_return_thunk+0x5/0x5f [ 131.984257][ T5280] ? apparmor_capable+0x126/0x1e0 [ 131.989330][ T5280] ? __pfx_hfsplus_mount+0x10/0x10 [ 131.994504][ T5280] legacy_get_tree+0x10c/0x220 [ 131.999319][ T5280] vfs_get_tree+0x92/0x380 [ 132.003797][ T5280] ? srso_return_thunk+0x5/0x5f [ 132.008713][ T5280] path_mount+0x14e6/0x1f20 [ 132.013280][ T5280] ? srso_return_thunk+0x5/0x5f [ 132.018193][ T5280] ? kmem_cache_free+0x12e/0x360 [ 132.023174][ T5280] ? __pfx_path_mount+0x10/0x10 [ 132.028086][ T5280] ? lock_release+0xa9/0x6a0 [ 132.032731][ T5280] ? srso_return_thunk+0x5/0x5f [ 132.037655][ T5280] ? putname+0x12e/0x170 [ 132.041944][ T5280] __x64_sys_mount+0x297/0x320 [ 132.046782][ T5280] ? __pfx___x64_sys_mount+0x10/0x10 [ 132.052136][ T5280] ? _raw_spin_unlock_irq+0x2e/0x50 [ 132.057648][ T5280] ? srso_return_thunk+0x5/0x5f [ 132.062564][ T5280] ? ptrace_notify+0xf1/0x130 [ 132.067314][ T5280] do_syscall_64+0xd5/0x260 [ 132.071891][ T5280] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 132.077865][ T5280] RIP: 0033:0x7f706ca0c69a [ 132.082318][ T5280] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 132.101993][ T5280] RSP: 002b:00007ffcd3a1c1c8 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 132.110461][ T5280] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f706ca0c69a [ 132.118472][ T5280] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffcd3a1c210 [ 132.126486][ T5280] RBP: 0000000000000004 R08: 00007ffcd3a1c250 R09: 0000000000000632 [ 132.134625][ T5280] R10: 0000000000000050 R11: 0000000000000286 R12: 00007ffcd3a1c210 [ 132.142639][ T5280] R13: 00007ffcd3a1c250 R14: 0000000000080000 R15: 0000000000000003 [ 132.150661][ T5280] [ 132.153710][ T5280] [ 132.156053][ T5280] The buggy address belongs to the object at ffff888011977800 [ 132.156053][ T5280] which belongs to the cache kmalloc-512 of size 512 [ 132.170141][ T5280] The buggy address is located 0 bytes inside of [ 132.170141][ T5280] freed 512-byte region [ffff888011977800, ffff888011977a00) [ 132.183810][ T5280] [ 132.186156][ T5280] The buggy address belongs to the physical page: [ 132.192584][ T5280] page:ffffea0000465d00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888011975c00 pfn:0x11974 [ 132.204862][ T5280] head:ffffea0000465d00 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 132.214085][ T5280] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 132.222084][ T5280] page_type: 0xffffffff() [ 132.226435][ T5280] raw: 00fff00000000840 ffff888015041c80 ffffea0000a7eb00 dead000000000002 [ 132.235049][ T5280] raw: ffff888011975c00 000000008010000d 00000001ffffffff 0000000000000000 [ 132.243680][ T5280] page dumped because: kasan: bad access detected [ 132.250089][ T5280] page_owner tracks the page as allocated [ 132.255809][ T5280] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4523, tgid 4523 (udevadm), ts 44854025529, free_ts 39973255169 [ 132.276822][ T5280] post_alloc_hook+0x2d4/0x350 [ 132.281641][ T5280] get_page_from_freelist+0xa28/0x3780 [ 132.287129][ T5280] __alloc_pages+0x22b/0x2410 [ 132.291836][ T5280] new_slab+0xcc/0x3a0 [ 132.295931][ T5280] ___slab_alloc+0x66d/0x1790 [ 132.300655][ T5280] __slab_alloc.constprop.0+0x56/0xb0 [ 132.306093][ T5280] kmalloc_trace+0x2fb/0x330 [ 132.310721][ T5280] kernfs_fop_open+0x28b/0xd40 [ 132.315503][ T5280] do_dentry_open+0x8dd/0x18c0 [ 132.320291][ T5280] path_openat+0x1dfb/0x2990 [ 132.324903][ T5280] do_filp_open+0x1dc/0x430 [ 132.329432][ T5280] do_sys_openat2+0x17a/0x1e0 [ 132.334139][ T5280] __x64_sys_openat+0x175/0x210 [ 132.339030][ T5280] do_syscall_64+0xd5/0x260 [ 132.343560][ T5280] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 132.349480][ T5280] page last free pid 1 tgid 1 stack trace: [ 132.355291][ T5280] free_unref_page_prepare+0x527/0xb10 [ 132.360786][ T5280] free_unref_page+0x33/0x3c0 [ 132.365485][ T5280] free_reserved_area+0x14b/0x1e0 [ 132.370546][ T5280] free_init_pages+0x96/0xd0 [ 132.375163][ T5280] free_kernel_image_pages+0x24/0x50 [ 132.380479][ T5280] kernel_init+0x30/0x2a0 [ 132.384852][ T5280] ret_from_fork+0x48/0x80 [ 132.389295][ T5280] ret_from_fork_asm+0x1a/0x30 [ 132.394085][ T5280] [ 132.396415][ T5280] Memory state around the buggy address: [ 132.402045][ T5280] ffff888011977700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 132.410123][ T5280] ffff888011977780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [pid 5279] mkdir("./file1", 0777 [pid 5080] getdents64(3, [pid 5279] <... mkdir resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5279] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5281] munmap(0x7f7064400000, 138412032 [pid 5080] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5281] <... munmap resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5281] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] unlink("./32/binderfs" [pid 5281] <... openat resumed>) = 4 [pid 5080] <... unlink resumed>) = 0 [pid 5281] ioctl(4, LOOP_SET_FD, 3 [pid 5080] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5279] <... mount resumed>) = 0 [pid 5279] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5279] chdir("./file1") = 0 [pid 5279] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5279] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5279] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5279] exit_group(0) = ? [pid 5279] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5279, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5078] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5078] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] unlink("./31/binderfs") = 0 [pid 5078] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5281] <... ioctl resumed>) = 0 [pid 5281] close(3) = 0 [pid 5281] close(4) = 0 [pid 5281] mkdir("./file1", 0777) = 0 [pid 5281] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "") = 0 [pid 5281] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5281] chdir("./file1") = 0 [pid 5281] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5281] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5281] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5281] exit_group(0) = ? [pid 5281] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5281, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5077] umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./31/binderfs") = 0 [pid 5077] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5282 attached ./strace-static-x86_64: Process 5283 attached [pid 5282] set_robust_list(0x555574eaa660, 24 [pid 5283] set_robust_list(0x555574eaa660, 24 [pid 5282] <... set_robust_list resumed>) = 0 [pid 5283] <... set_robust_list resumed>) = 0 [pid 5282] chdir("./32" [pid 5283] chdir("./33") = 0 [pid 5282] <... chdir resumed>) = 0 [pid 5282] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5283] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5282] <... prctl resumed>) = 0 [pid 5283] setpgid(0, 0 [pid 5282] setpgid(0, 0 [pid 5283] <... setpgid resumed>) = 0 [pid 5282] <... setpgid resumed>) = 0 [pid 5283] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5282] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5283] <... openat resumed>) = 3 [pid 5282] write(3, "1000", 4) = 4 [pid 5282] close(3 [pid 5283] write(3, "1000", 4 [pid 5282] <... close resumed>) = 0 [pid 5283] <... write resumed>) = 4 [pid 5282] symlink("/dev/binderfs", "./binderfs" [pid 5283] close(3) = 0 [pid 5283] symlink("/dev/binderfs", "./binderfs" [pid 5080] <... umount2 resumed>) = 0 [ 132.418211][ T5280] >ffff888011977800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 132.426283][ T5280] ^ [ 132.430362][ T5280] ffff888011977880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 132.438431][ T5280] ffff888011977900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 132.446498][ T5280] ================================================================== [ 132.465987][ T5280] hfsplus: unable to set blocksize to 1024! [pid 5080] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5283] <... symlink resumed>) = 0 [pid 5282] <... symlink resumed>) = 0 [pid 5280] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = 0 [pid 5078] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5283] memfd_create("syzkaller", 0 [pid 5282] memfd_create("syzkaller", 0 [pid 5280] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5280] <... openat resumed>) = 3 [pid 5080] newfstatat(AT_FDCWD, "./32/file1", [pid 5078] newfstatat(AT_FDCWD, "./31/file1", [pid 5077] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5282] <... memfd_create resumed>) = 3 [pid 5280] ioctl(3, LOOP_CLR_FD [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./31/file1", [pid 5078] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5283] <... memfd_create resumed>) = 3 [pid 5282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... openat resumed>) = 4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5077] umount2("./31/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(4, [pid 5283] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5282] <... mmap resumed>) = 0x7f7064400000 [pid 5080] newfstatat(4, "", [pid 5077] openat(AT_FDCWD, "./31/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5283] <... mmap resumed>) = 0x7f7064400000 [pid 5283] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5282] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] <... openat resumed>) = 4 [pid 5080] getdents64(4, [pid 5077] newfstatat(4, "", [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5282] <... write resumed>) = 524288 [pid 5280] <... ioctl resumed>) = 0 [pid 5080] getdents64(4, [pid 5077] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./31/file1" [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./32/file1") = 0 [ 132.472133][ T5280] hfsplus: unable to find HFS+ superblock [pid 5078] getdents64(4, [pid 5077] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5283] <... write resumed>) = 524288 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] close(3 [pid 5080] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5080] close(3) = 0 [pid 5078] close(4) = 0 [pid 5077] <... close resumed>) = 0 [pid 5080] rmdir("./32" [pid 5078] rmdir("./31/file1" [pid 5080] <... rmdir resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] rmdir("./31" [pid 5078] getdents64(3, [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./32", 0777 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 5077] <... mkdir resumed>) = 0 [pid 5283] munmap(0x7f7064400000, 138412032 [pid 5282] munmap(0x7f7064400000, 138412032 [pid 5280] close(3 [pid 5080] mkdir("./33", 0777 [pid 5078] <... close resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5080] <... mkdir resumed>) = 0 [pid 5078] rmdir("./31" [pid 5077] <... openat resumed>) = 3 [pid 5078] <... rmdir resumed>) = 0 [pid 5280] <... close resumed>) = 0 [pid 5283] <... munmap resumed>) = 0 [pid 5282] <... munmap resumed>) = 0 [pid 5283] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5280] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] mkdir("./32", 0777 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5080] <... openat resumed>) = 3 [pid 5282] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5283] <... openat resumed>) = 4 [pid 5280] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5078] <... mkdir resumed>) = 0 [pid 5283] ioctl(4, LOOP_SET_FD, 3 [pid 5282] <... openat resumed>) = 4 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5282] ioctl(4, LOOP_SET_FD, 3 [pid 5280] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] <... openat resumed>) = 3 [pid 5283] <... ioctl resumed>) = 0 [pid 5280] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5283] close(3 [pid 5280] exit_group(0) = ? [pid 5280] +++ exited with 0 +++ [pid 5283] <... close resumed>) = 0 [pid 5283] close(4 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5283] <... close resumed>) = 0 [pid 5283] mkdir("./file1", 0777) = 0 [pid 5283] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5282] <... ioctl resumed>) = 0 [pid 5282] close(3) = 0 [pid 5282] close(4) = 0 [pid 5282] mkdir("./file1", 0777) = 0 [pid 5282] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5283] <... mount resumed>) = 0 [pid 5283] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5283] chdir("./file1") = 0 [pid 5283] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5283] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5283] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5080] <... ioctl resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5280, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5282] <... mount resumed>) = 0 [pid 5282] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] close(3 [pid 5282] chdir("./file1" [pid 5080] <... close resumed>) = 0 [pid 5282] <... chdir resumed>) = 0 [pid 5282] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5283] exit_group(0 [pid 5282] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] close(3 [pid 5282] <... openat resumed>) = 4 [pid 5077] <... close resumed>) = 0 [pid 5282] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5282] exit_group(0 [pid 5283] <... exit_group resumed>) = ? [pid 5282] <... exit_group resumed>) = ? [pid 5283] +++ exited with 0 +++ [pid 5282] +++ exited with 0 +++ [pid 5078] <... ioctl resumed>) = 0 [pid 5075] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5283, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5282, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5075] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... restart_syscall resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5075] newfstatat(3, "", [pid 5076] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 132.572841][ T5283] loop4: detected capacity change from 0 to 1024 [ 132.573786][ T5282] loop1: detected capacity change from 0 to 1024 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... openat resumed>) = 3 [pid 5075] getdents64(3, [pid 5079] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5284 [pid 5079] newfstatat(3, "", [pid 5078] close(3 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5285 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5284 attached ./strace-static-x86_64: Process 5285 attached [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5284] set_robust_list(0x555574eaa660, 24 [pid 5285] set_robust_list(0x555574eaa660, 24 [pid 5079] getdents64(3, [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5285] <... set_robust_list resumed>) = 0 [pid 5076] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5284] <... set_robust_list resumed>) = 0 [pid 5285] chdir("./32" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5284] chdir("./33" [pid 5285] <... chdir resumed>) = 0 [pid 5076] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5284] <... chdir resumed>) = 0 [pid 5285] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5284] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5285] <... prctl resumed>) = 0 [pid 5076] unlink("./32/binderfs" [pid 5075] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5284] <... prctl resumed>) = 0 [pid 5285] setpgid(0, 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] <... unlink resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5284] setpgid(0, 0 [pid 5285] <... setpgid resumed>) = 0 [pid 5079] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5286 [pid 5076] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5284] <... setpgid resumed>) = 0 [pid 5285] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5286 attached [pid 5284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] newfstatat(AT_FDCWD, "./33/binderfs", [pid 5075] unlink("./32/binderfs" [pid 5286] set_robust_list(0x555574eaa660, 24 [pid 5284] <... openat resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5079] unlink("./33/binderfs" [pid 5286] <... set_robust_list resumed>) = 0 [pid 5284] write(3, "1000", 4 [pid 5285] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = 0 [pid 5075] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5286] chdir("./32" [pid 5284] <... write resumed>) = 4 [pid 5285] write(3, "1000", 4 [pid 5079] <... unlink resumed>) = 0 [pid 5076] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5284] close(3 [pid 5285] <... write resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./32/file1", [pid 5286] <... chdir resumed>) = 0 [pid 5284] <... close resumed>) = 0 [pid 5285] close(3 [pid 5076] newfstatat(AT_FDCWD, "./32/file1", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5286] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5284] symlink("/dev/binderfs", "./binderfs" [pid 5285] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5286] <... prctl resumed>) = 0 [pid 5284] <... symlink resumed>) = 0 [pid 5285] symlink("/dev/binderfs", "./binderfs" [pid 5286] setpgid(0, 0 [pid 5285] <... symlink resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5286] <... setpgid resumed>) = 0 [pid 5076] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5286] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5284] memfd_create("syzkaller", 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 4 [pid 5286] <... openat resumed>) = 3 [pid 5284] <... memfd_create resumed>) = 3 [pid 5285] memfd_create("syzkaller", 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5286] write(3, "1000", 4 [pid 5284] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5285] <... memfd_create resumed>) = 3 [pid 5079] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 4 [pid 5075] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5284] <... mmap resumed>) = 0x7f7064400000 [pid 5285] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] newfstatat(4, "", [pid 5285] <... mmap resumed>) = 0x7f7064400000 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5284] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] newfstatat(AT_FDCWD, "./33/file1", [pid 5286] <... write resumed>) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] getdents64(4, [pid 5075] getdents64(4, [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5286] close(3) = 0 [pid 5286] symlink("/dev/binderfs", "./binderfs" [pid 5075] getdents64(4, [pid 5286] <... symlink resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] getdents64(4, [pid 5075] close(4 [pid 5079] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(4 [pid 5075] rmdir("./32/file1" [pid 5079] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... close resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5286] memfd_create("syzkaller", 0 [pid 5079] <... openat resumed>) = 4 [pid 5076] rmdir("./32/file1" [pid 5285] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] newfstatat(4, "", [pid 5076] <... rmdir resumed>) = 0 [pid 5286] <... memfd_create resumed>) = 3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] getdents64(3, [pid 5079] getdents64(4, [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] close(3 [pid 5286] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] close(3 [pid 5075] <... close resumed>) = 0 [pid 5286] <... mmap resumed>) = 0x7f7064400000 [pid 5079] getdents64(4, [pid 5076] <... close resumed>) = 0 [pid 5075] rmdir("./32" [pid 5286] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5284] <... write resumed>) = 524288 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] rmdir("./32" [pid 5075] <... rmdir resumed>) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./33/file1") = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] mkdir("./33", 0777 [pid 5079] getdents64(3, [pid 5075] <... mkdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] mkdir("./33", 0777 [pid 5079] close(3 [pid 5076] <... mkdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] <... close resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5079] rmdir("./33" [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5079] <... rmdir resumed>) = 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5075] <... close resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... ioctl resumed>) = 0 [pid 5076] close(3 [pid 5079] mkdir("./34", 0777) = 0 [pid 5286] <... write resumed>) = 524288 [pid 5284] munmap(0x7f7064400000, 138412032 [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5285] <... write resumed>) = 524288 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5287 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5284] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5287 attached [pid 5079] <... ioctl resumed>) = 0 [pid 5285] munmap(0x7f7064400000, 138412032 [pid 5079] close(3 [pid 5287] set_robust_list(0x555574eaa660, 24 [pid 5284] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5285] <... munmap resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5287] <... set_robust_list resumed>) = 0 [pid 5287] chdir("./33" [pid 5284] <... openat resumed>) = 4 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5287] <... chdir resumed>) = 0 [pid 5284] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5288 [pid 5285] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5287] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5285] ioctl(4, LOOP_SET_FD, 3 [pid 5287] <... prctl resumed>) = 0 ./strace-static-x86_64: Process 5288 attached [pid 5287] setpgid(0, 0 [pid 5288] set_robust_list(0x555574eaa660, 24 [pid 5287] <... setpgid resumed>) = 0 [pid 5288] <... set_robust_list resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5289 ./strace-static-x86_64: Process 5289 attached [pid 5288] chdir("./33" [pid 5287] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5286] munmap(0x7f7064400000, 138412032 [pid 5289] set_robust_list(0x555574eaa660, 24) = 0 [pid 5288] <... chdir resumed>) = 0 [pid 5286] <... munmap resumed>) = 0 [pid 5288] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5289] chdir("./34" [pid 5288] <... prctl resumed>) = 0 [pid 5288] setpgid(0, 0 [pid 5287] <... openat resumed>) = 3 [pid 5288] <... setpgid resumed>) = 0 [pid 5286] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5288] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5286] <... openat resumed>) = 4 [pid 5289] <... chdir resumed>) = 0 [pid 5288] <... openat resumed>) = 3 [pid 5287] write(3, "1000", 4 [pid 5286] ioctl(4, LOOP_SET_FD, 3 [pid 5288] write(3, "1000", 4 [pid 5286] <... ioctl resumed>) = 0 [pid 5288] <... write resumed>) = 4 [pid 5289] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5288] close(3 [pid 5287] <... write resumed>) = 4 [pid 5288] <... close resumed>) = 0 [pid 5287] close(3 [pid 5288] symlink("/dev/binderfs", "./binderfs" [pid 5289] <... prctl resumed>) = 0 [pid 5288] <... symlink resumed>) = 0 [pid 5284] <... ioctl resumed>) = 0 [pid 5288] memfd_create("syzkaller", 0 [pid 5284] close(3 [pid 5289] setpgid(0, 0 [pid 5288] <... memfd_create resumed>) = 3 [pid 5284] <... close resumed>) = 0 [pid 5288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5284] close(4 [pid 5289] <... setpgid resumed>) = 0 [pid 5288] <... mmap resumed>) = 0x7f7064400000 [pid 5287] <... close resumed>) = 0 [pid 5289] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5288] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5284] <... close resumed>) = 0 [pid 5288] <... write resumed>) = 524288 [pid 5287] symlink("/dev/binderfs", "./binderfs" [pid 5284] mkdir("./file1", 0777) = 0 [pid 5287] <... symlink resumed>) = 0 [pid 5286] close(3 [pid 5285] <... ioctl resumed>) = 0 [pid 5289] <... openat resumed>) = 3 [pid 5286] <... close resumed>) = 0 [pid 5285] close(3 [pid 5286] close(4 [pid 5285] <... close resumed>) = 0 [pid 5287] memfd_create("syzkaller", 0 [pid 5286] <... close resumed>) = 0 [pid 5285] close(4 [pid 5289] write(3, "1000", 4 [pid 5286] mkdir("./file1", 0777 [pid 5289] <... write resumed>) = 4 [pid 5285] <... close resumed>) = 0 [pid 5289] close(3 [pid 5286] <... mkdir resumed>) = 0 [pid 5284] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5285] mkdir("./file1", 0777 [pid 5289] <... close resumed>) = 0 [pid 5286] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5285] <... mkdir resumed>) = 0 [pid 5285] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5289] symlink("/dev/binderfs", "./binderfs" [pid 5286] <... mount resumed>) = 0 [pid 5286] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5289] <... symlink resumed>) = 0 [pid 5286] <... openat resumed>) = 3 [pid 5286] chdir("./file1" [pid 5287] <... memfd_create resumed>) = 3 [pid 5286] <... chdir resumed>) = 0 [pid 5286] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5289] memfd_create("syzkaller", 0 [pid 5287] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5286] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 132.783203][ T5284] loop5: detected capacity change from 0 to 1024 [ 132.783608][ T5285] loop2: detected capacity change from 0 to 1024 [ 132.804430][ T5286] loop3: detected capacity change from 0 to 1024 [pid 5286] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5288] munmap(0x7f7064400000, 138412032 [pid 5286] <... openat resumed>) = 4 [pid 5288] <... munmap resumed>) = 0 [pid 5286] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5288] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5287] <... mmap resumed>) = 0x7f7064400000 [pid 5286] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5285] <... mount resumed>) = 0 [pid 5286] exit_group(0 [pid 5285] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5288] <... openat resumed>) = 4 [pid 5286] <... exit_group resumed>) = ? [pid 5285] <... openat resumed>) = 3 [pid 5287] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5285] chdir("./file1" [pid 5288] ioctl(4, LOOP_SET_FD, 3 [pid 5285] <... chdir resumed>) = 0 [pid 5289] <... memfd_create resumed>) = 3 [pid 5288] <... ioctl resumed>) = 0 [pid 5289] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5287] <... write resumed>) = 524288 [pid 5289] <... mmap resumed>) = 0x7f7064400000 [pid 5285] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5287] munmap(0x7f7064400000, 138412032 [pid 5285] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5287] <... munmap resumed>) = 0 [pid 5286] +++ exited with 0 +++ [pid 5285] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5286, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5285] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5285] exit_group(0 [pid 5287] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5285] <... exit_group resumed>) = ? [pid 5289] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5287] <... openat resumed>) = 4 [pid 5284] <... mount resumed>) = 0 [pid 5285] +++ exited with 0 +++ [pid 5287] ioctl(4, LOOP_SET_FD, 3 [pid 5284] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5078] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5284] <... openat resumed>) = 3 [pid 5284] chdir("./file1" [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5285, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5288] close(3) = 0 [pid 5288] close(4) = 0 [pid 5288] mkdir("./file1", 0777 [pid 5284] <... chdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] restart_syscall(<... resuming interrupted clone ...> [pid 5284] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5078] <... openat resumed>) = 3 [pid 5077] <... restart_syscall resumed>) = 0 [pid 5284] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] newfstatat(3, "", [pid 5288] <... mkdir resumed>) = 0 [pid 5284] <... openat resumed>) = 4 [pid 5288] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5289] <... write resumed>) = 524288 [pid 5287] <... ioctl resumed>) = 0 [pid 5284] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] getdents64(3, [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5289] munmap(0x7f7064400000, 138412032 [pid 5287] close(3 [pid 5078] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", [pid 5289] <... munmap resumed>) = 0 [pid 5287] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 132.873682][ T5288] loop1: detected capacity change from 0 to 1024 [ 132.910674][ T5287] loop0: detected capacity change from 0 to 1024 [pid 5287] close(4) = 0 [pid 5078] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5077] getdents64(3, [pid 5287] mkdir("./file1", 0777) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] unlink("./32/binderfs" [pid 5077] umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] <... unlink resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./32/binderfs", [pid 5078] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5287] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5289] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] unlink("./32/binderfs" [pid 5289] <... openat resumed>) = 4 [pid 5077] <... unlink resumed>) = 0 [pid 5289] ioctl(4, LOOP_SET_FD, 3 [pid 5077] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5288] <... mount resumed>) = 0 [pid 5288] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5288] chdir("./file1") = 0 [pid 5288] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5288] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5288] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] <... umount2 resumed>) = 0 [pid 5289] <... ioctl resumed>) = 0 [pid 5078] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5289] close(3 [pid 5284] <... ioctl resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5288] <... ioctl resumed>) = 0 [pid 5288] exit_group(0) = ? [pid 5289] <... close resumed>) = 0 [pid 5288] +++ exited with 0 +++ [pid 5284] exit_group(0 [pid 5078] newfstatat(AT_FDCWD, "./32/file1", [pid 5077] <... umount2 resumed>) = 0 [pid 5289] close(4 [pid 5284] <... exit_group resumed>) = ? [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5288, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5076] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5289] <... close resumed>) = 0 [pid 5284] +++ exited with 0 +++ [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5289] mkdir("./file1", 0777 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5284, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5076] newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./33/binderfs" [pid 5289] <... mkdir resumed>) = 0 [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5078] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... unlink resumed>) = 0 [pid 5080] <... restart_syscall resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] newfstatat(AT_FDCWD, "./32/file1", [ 132.967819][ T5289] loop4: detected capacity change from 0 to 1024 [ 132.996944][ T5287] hfsplus: unable to set blocksize to 1024! [pid 5080] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5289] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... openat resumed>) = 4 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] newfstatat(4, "", [pid 5080] <... openat resumed>) = 3 [pid 5080] newfstatat(3, "", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] umount2("./32/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] getdents64(4, [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5287] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5080] getdents64(3, [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = 0 [pid 5287] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] getdents64(4, [pid 5077] openat(AT_FDCWD, "./32/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5289] <... mount resumed>) = 0 [pid 5287] <... openat resumed>) = 3 [pid 5080] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5289] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] close(4 [pid 5077] newfstatat(4, "", [pid 5076] newfstatat(AT_FDCWD, "./33/file1", [pid 5289] <... openat resumed>) = 3 [pid 5287] ioctl(3, LOOP_CLR_FD [pid 5080] newfstatat(AT_FDCWD, "./33/binderfs", [pid 5078] <... close resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5289] chdir("./file1" [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] rmdir("./32/file1" [pid 5077] getdents64(4, [pid 5076] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5289] <... chdir resumed>) = 0 [pid 5080] unlink("./33/binderfs" [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5289] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] <... unlink resumed>) = 0 [pid 5078] getdents64(3, [pid 5077] getdents64(4, [pid 5076] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5289] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5080] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5078] close(3 [pid 5077] close(4 [pid 5076] newfstatat(4, "", [pid 5078] <... close resumed>) = 0 [pid 5077] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] rmdir("./32" [ 133.017382][ T5287] hfsplus: unable to find HFS+ superblock [pid 5077] rmdir("./32/file1" [pid 5076] getdents64(4, [pid 5289] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... umount2 resumed>) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5077] rmdir("./32" [pid 5289] <... openat resumed>) = 4 [pid 5080] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./33", 0777 [pid 5289] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5289] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5078] mkdir("./33", 0777 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5289] exit_group(0 [pid 5080] newfstatat(AT_FDCWD, "./33/file1", [pid 5078] <... mkdir resumed>) = 0 [pid 5076] getdents64(4, [pid 5289] <... exit_group resumed>) = ? [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./33/file1" [pid 5080] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5080] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] getdents64(3, [pid 5078] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./33" [pid 5080] <... openat resumed>) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5289] +++ exited with 0 +++ [pid 5076] <... rmdir resumed>) = 0 [pid 5080] getdents64(4, [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5289, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5076] mkdir("./34", 0777 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] restart_syscall(<... resuming interrupted clone ...> [pid 5080] getdents64(4, [pid 5079] <... restart_syscall resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5079] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] rmdir("./33/file1" [pid 5079] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... openat resumed>) = 3 [pid 5080] <... rmdir resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] newfstatat(3, "", [pid 5287] <... ioctl resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5080] getdents64(3, [pid 5079] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] close(3 [pid 5079] newfstatat(AT_FDCWD, "./34/binderfs", [pid 5080] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] unlink("./34/binderfs" [pid 5080] rmdir("./33") = 0 [pid 5080] mkdir("./34", 0777) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... ioctl resumed>) = 0 [pid 5287] close(3 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... ioctl resumed>) = 0 [pid 5287] <... close resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./34/file1", [pid 5287] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5079] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5287] <... openat resumed>) = 3 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5287] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5287] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5287] exit_group(0) = ? [pid 5079] <... openat resumed>) = 4 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5290 [pid 5287] +++ exited with 0 +++ [pid 5079] newfstatat(4, "", [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5287, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5078] close(3 [pid 5075] <... restart_syscall resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(4, [pid 5078] <... close resumed>) = 0 [pid 5076] close(3 [pid 5075] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 5290 attached [pid 5075] newfstatat(3, "", [pid 5290] set_robust_list(0x555574eaa660, 24) = 0 [pid 5290] chdir("./33" [pid 5079] getdents64(4, [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5290] <... chdir resumed>) = 0 [pid 5290] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5290] setpgid(0, 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5292 ./strace-static-x86_64: Process 5291 attached [pid 5290] <... setpgid resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5291 [pid 5075] getdents64(3, [pid 5290] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] <... ioctl resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5291] set_robust_list(0x555574eaa660, 24 [pid 5290] write(3, "1000", 4 [pid 5075] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5292 attached [pid 5291] <... set_robust_list resumed>) = 0 [pid 5079] close(4 [pid 5290] <... write resumed>) = 4 [pid 5292] set_robust_list(0x555574eaa660, 24 [pid 5291] chdir("./34" [pid 5290] close(3 [pid 5080] close(3 [pid 5079] <... close resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] rmdir("./34/file1" [pid 5075] newfstatat(AT_FDCWD, "./33/binderfs", [pid 5291] <... chdir resumed>) = 0 [pid 5290] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5290] symlink("/dev/binderfs", "./binderfs" [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] <... rmdir resumed>) = 0 [pid 5292] <... set_robust_list resumed>) = 0 [pid 5291] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5290] <... symlink resumed>) = 0 [pid 5079] getdents64(3, [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5292] chdir("./33" [pid 5291] <... prctl resumed>) = 0 [pid 5290] memfd_create("syzkaller", 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5292] <... chdir resumed>) = 0 [pid 5291] setpgid(0, 0 [pid 5079] close(3 [pid 5075] unlink("./33/binderfs" [pid 5292] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5291] <... setpgid resumed>) = 0 [pid 5290] <... memfd_create resumed>) = 3 [pid 5079] <... close resumed>) = 0 [pid 5292] <... prctl resumed>) = 0 [pid 5291] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5290] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5293 [pid 5079] rmdir("./34" [pid 5075] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5293 attached [pid 5290] <... mmap resumed>) = 0x7f7064400000 [pid 5293] set_robust_list(0x555574eaa660, 24 [pid 5292] setpgid(0, 0 [pid 5291] <... openat resumed>) = 3 [pid 5290] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] <... rmdir resumed>) = 0 [pid 5075] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5293] <... set_robust_list resumed>) = 0 [pid 5292] <... setpgid resumed>) = 0 [pid 5291] write(3, "1000", 4 [pid 5079] mkdir("./35", 0777 [pid 5293] chdir("./34" [pid 5292] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5292] <... openat resumed>) = 3 [pid 5291] <... write resumed>) = 4 [pid 5079] <... mkdir resumed>) = 0 [pid 5075] newfstatat(AT_FDCWD, "./33/file1", [pid 5292] write(3, "1000", 4 [pid 5291] close(3) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5292] <... write resumed>) = 4 [pid 5293] <... chdir resumed>) = 0 [pid 5293] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5292] close(3 [pid 5291] symlink("/dev/binderfs", "./binderfs" [pid 5075] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5293] <... prctl resumed>) = 0 [pid 5293] setpgid(0, 0 [pid 5292] <... close resumed>) = 0 [pid 5291] <... symlink resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5292] symlink("/dev/binderfs", "./binderfs" [pid 5291] memfd_create("syzkaller", 0 [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5075] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5293] <... setpgid resumed>) = 0 [pid 5293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5291] <... memfd_create resumed>) = 3 [pid 5079] <... ioctl resumed>) = 0 [pid 5075] <... openat resumed>) = 4 [ 133.152346][ T5070] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5293] <... openat resumed>) = 3 [pid 5292] <... symlink resumed>) = 0 [pid 5291] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] close(3 [pid 5075] newfstatat(4, "", [pid 5293] write(3, "1000", 4 [pid 5292] memfd_create("syzkaller", 0 [pid 5291] <... mmap resumed>) = 0x7f7064400000 [pid 5079] <... close resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5293] <... write resumed>) = 4 [pid 5293] close(3) = 0 [pid 5293] symlink("/dev/binderfs", "./binderfs" [pid 5292] <... memfd_create resumed>) = 3 [pid 5291] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] getdents64(4, [pid 5293] <... symlink resumed>) = 0 [pid 5292] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5293] memfd_create("syzkaller", 0) = 3 [pid 5292] <... mmap resumed>) = 0x7f7064400000 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5293] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5075] getdents64(4, [pid 5293] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] close(4) = 0 [pid 5075] rmdir("./33/file1" [pid 5292] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5290] <... write resumed>) = 524288 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5294 [pid 5075] <... rmdir resumed>) = 0 [pid 5290] munmap(0x7f7064400000, 138412032 [pid 5075] getdents64(3, ./strace-static-x86_64: Process 5294 attached [pid 5290] <... munmap resumed>) = 0 [pid 5290] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5294] set_robust_list(0x555574eaa660, 24 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5294] <... set_robust_list resumed>) = 0 [pid 5293] <... write resumed>) = 524288 [pid 5290] <... openat resumed>) = 4 [pid 5290] ioctl(4, LOOP_SET_FD, 3 [pid 5291] <... write resumed>) = 524288 [pid 5294] chdir("./35" [pid 5292] <... write resumed>) = 524288 [pid 5291] munmap(0x7f7064400000, 138412032 [pid 5075] close(3 [pid 5294] <... chdir resumed>) = 0 [pid 5290] <... ioctl resumed>) = 0 [pid 5294] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5293] munmap(0x7f7064400000, 138412032 [pid 5291] <... munmap resumed>) = 0 [pid 5290] close(3 [pid 5075] <... close resumed>) = 0 [pid 5294] <... prctl resumed>) = 0 [pid 5293] <... munmap resumed>) = 0 [pid 5292] munmap(0x7f7064400000, 138412032 [pid 5291] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5290] <... close resumed>) = 0 [pid 5075] rmdir("./33" [pid 5294] setpgid(0, 0 [pid 5293] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5291] <... openat resumed>) = 4 [pid 5290] close(4 [pid 5294] <... setpgid resumed>) = 0 [pid 5293] <... openat resumed>) = 4 [pid 5292] <... munmap resumed>) = 0 [pid 5291] ioctl(4, LOOP_SET_FD, 3 [pid 5290] <... close resumed>) = 0 [pid 5293] ioctl(4, LOOP_SET_FD, 3 [pid 5290] mkdir("./file1", 0777 [pid 5075] <... rmdir resumed>) = 0 [pid 5290] <... mkdir resumed>) = 0 [pid 5290] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5292] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5075] mkdir("./34", 0777 [pid 5292] <... openat resumed>) = 4 [pid 5075] <... mkdir resumed>) = 0 [pid 5294] <... openat resumed>) = 3 [pid 5292] ioctl(4, LOOP_SET_FD, 3 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5293] <... ioctl resumed>) = 0 [pid 5293] close(3 [pid 5294] write(3, "1000", 4 [pid 5293] <... close resumed>) = 0 [pid 5291] <... ioctl resumed>) = 0 [pid 5290] <... mount resumed>) = 0 [pid 5075] close(3 [pid 5294] <... write resumed>) = 4 [pid 5290] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5075] <... close resumed>) = 0 [pid 5294] close(3 [pid 5290] <... openat resumed>) = 3 [pid 5294] <... close resumed>) = 0 [pid 5290] chdir("./file1" [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5294] symlink("/dev/binderfs", "./binderfs" [pid 5293] close(4 [pid 5291] close(3 [pid 5290] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5295 attached [pid 5294] <... symlink resumed>) = 0 [ 133.253850][ T5290] loop2: detected capacity change from 0 to 1024 [ 133.272516][ T5293] loop5: detected capacity change from 0 to 1024 [ 133.272743][ T5291] loop1: detected capacity change from 0 to 1024 [ 133.290660][ T5292] loop3: detected capacity change from 0 to 1024 [pid 5293] <... close resumed>) = 0 [pid 5292] <... ioctl resumed>) = 0 [pid 5291] <... close resumed>) = 0 [pid 5290] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5295] set_robust_list(0x555574eaa660, 24 [pid 5294] memfd_create("syzkaller", 0 [pid 5291] close(4 [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5295 [pid 5293] mkdir("./file1", 0777 [pid 5291] <... close resumed>) = 0 [pid 5294] <... memfd_create resumed>) = 3 [pid 5290] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5294] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5290] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5294] <... mmap resumed>) = 0x7f7064400000 [pid 5292] close(3 [pid 5291] mkdir("./file1", 0777 [pid 5290] <... openat resumed>) = 4 [pid 5295] <... set_robust_list resumed>) = 0 [pid 5294] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5293] <... mkdir resumed>) = 0 [pid 5292] <... close resumed>) = 0 [pid 5290] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5295] chdir("./34" [pid 5292] close(4 [pid 5290] exit_group(0) = ? [pid 5295] <... chdir resumed>) = 0 [pid 5293] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5292] <... close resumed>) = 0 [pid 5290] +++ exited with 0 +++ [pid 5295] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5292] mkdir("./file1", 0777 [pid 5291] <... mkdir resumed>) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5290, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5295] <... prctl resumed>) = 0 [pid 5291] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5295] setpgid(0, 0 [pid 5077] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5295] <... setpgid resumed>) = 0 [pid 5292] <... mkdir resumed>) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5292] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5291] <... mount resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5291] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5291] <... openat resumed>) = 3 [pid 5291] chdir("./file1" [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5291] <... chdir resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./33/binderfs", [pid 5291] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5295] <... openat resumed>) = 3 [pid 5294] <... write resumed>) = 524288 [pid 5291] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5291] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5294] munmap(0x7f7064400000, 138412032 [pid 5293] <... mount resumed>) = 0 [pid 5294] <... munmap resumed>) = 0 [pid 5293] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5294] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5293] <... openat resumed>) = 3 [pid 5294] <... openat resumed>) = 4 [pid 5293] chdir("./file1" [pid 5294] ioctl(4, LOOP_SET_FD, 3 [pid 5293] <... chdir resumed>) = 0 [pid 5295] write(3, "1000", 4 [pid 5291] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] unlink("./33/binderfs" [pid 5293] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] <... unlink resumed>) = 0 [pid 5293] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5293] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5295] <... write resumed>) = 4 [pid 5291] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5295] close(3) = 0 [pid 5291] exit_group(0 [pid 5077] <... umount2 resumed>) = 0 [pid 5295] symlink("/dev/binderfs", "./binderfs" [pid 5291] <... exit_group resumed>) = ? [pid 5295] <... symlink resumed>) = 0 [pid 5293] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5295] memfd_create("syzkaller", 0 [pid 5293] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5292] <... mount resumed>) = 0 [pid 5077] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./33/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5293] exit_group(0 [pid 5077] <... openat resumed>) = 4 [pid 5293] <... exit_group resumed>) = ? [pid 5077] newfstatat(4, "", [pid 5295] <... memfd_create resumed>) = 3 [pid 5294] <... ioctl resumed>) = 0 [pid 5293] +++ exited with 0 +++ [pid 5292] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5291] +++ exited with 0 +++ [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5294] close(3 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5293, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5291, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5294] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5294] close(4 [pid 5076] <... openat resumed>) = 3 [pid 5076] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5295] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5292] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5292] chdir("./file1" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5295] <... mmap resumed>) = 0x7f7064400000 [pid 5294] <... close resumed>) = 0 [pid 5292] <... chdir resumed>) = 0 [pid 5077] getdents64(4, [pid 5076] newfstatat(AT_FDCWD, "./34/binderfs", [pid 5294] mkdir("./file1", 0777) = 0 [pid 5292] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] unlink("./34/binderfs" [pid 5292] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] getdents64(4, [pid 5076] <... unlink resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 133.391195][ T5294] loop4: detected capacity change from 0 to 1024 [pid 5294] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5292] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] close(4 [pid 5295] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5292] <... openat resumed>) = 4 [pid 5080] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... close resumed>) = 0 [pid 5292] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] rmdir("./33/file1" [pid 5292] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5080] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... rmdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5292] exit_group(0 [pid 5077] getdents64(3, [pid 5292] <... exit_group resumed>) = ? [pid 5080] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5292] +++ exited with 0 +++ [pid 5080] newfstatat(3, "", [pid 5077] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 5077] rmdir("./33") = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5292, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5077] mkdir("./34", 0777 [pid 5076] newfstatat(AT_FDCWD, "./34/file1", [pid 5077] <... mkdir resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] getdents64(3, [pid 5076] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5295] <... write resumed>) = 524288 [pid 5294] <... mount resumed>) = 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5294] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 4 [pid 5076] newfstatat(4, "", [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(3, "", [pid 5294] chdir("./file1" [pid 5080] newfstatat(AT_FDCWD, "./34/binderfs", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5295] munmap(0x7f7064400000, 138412032 [pid 5294] <... chdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] getdents64(3, [pid 5077] <... ioctl resumed>) = 0 [pid 5076] getdents64(4, [pid 5294] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5294] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5295] <... munmap resumed>) = 0 [pid 5294] <... openat resumed>) = 4 [pid 5080] unlink("./34/binderfs" [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5294] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5294] exit_group(0) = ? [pid 5076] getdents64(4, [pid 5078] umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5295] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... unlink resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] close(3 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] newfstatat(AT_FDCWD, "./33/binderfs", [pid 5077] <... close resumed>) = 0 [pid 5295] <... openat resumed>) = 4 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5295] ioctl(4, LOOP_SET_FD, 3 [pid 5080] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] close(4 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5296 [pid 5078] unlink("./33/binderfs" [pid 5076] <... close resumed>) = 0 [pid 5078] <... unlink resumed>) = 0 [pid 5076] rmdir("./34/file1"./strace-static-x86_64: Process 5296 attached [pid 5294] +++ exited with 0 +++ [pid 5078] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 5296] set_robust_list(0x555574eaa660, 24 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5294, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5296] <... set_robust_list resumed>) = 0 [pid 5296] chdir("./34") = 0 [pid 5079] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5296] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5296] <... prctl resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5296] setpgid(0, 0 [pid 5079] <... openat resumed>) = 3 [pid 5296] <... setpgid resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(3, [pid 5296] <... openat resumed>) = 3 [pid 5079] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5296] write(3, "1000", 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5296] <... write resumed>) = 4 [pid 5079] newfstatat(AT_FDCWD, "./35/binderfs", [pid 5296] close(3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5296] <... close resumed>) = 0 [pid 5079] unlink("./35/binderfs") = 0 [pid 5296] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5079] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5296] memfd_create("syzkaller", 0) = 3 [pid 5296] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5296] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5295] <... ioctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5079] <... umount2 resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [ 133.535864][ T5295] loop0: detected capacity change from 0 to 1024 [pid 5076] close(3 [pid 5295] close(3 [pid 5080] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5295] <... close resumed>) = 0 [pid 5076] rmdir("./34" [pid 5295] close(4 [pid 5076] <... rmdir resumed>) = 0 [pid 5078] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./33/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./33/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./33/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] newfstatat(4, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./35/file1", [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] getdents64(4, [pid 5079] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] <... openat resumed>) = 4 [pid 5078] getdents64(4, [pid 5079] newfstatat(4, "", [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5295] <... close resumed>) = 0 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] close(4 [pid 5076] mkdir("./35", 0777 [pid 5079] getdents64(4, [pid 5078] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] rmdir("./33/file1" [pid 5079] getdents64(4, [pid 5078] <... rmdir resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] close(4) = 0 [pid 5079] rmdir("./35/file1") = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] getdents64(3, [pid 5078] close(3) = 0 [pid 5078] rmdir("./33" [pid 5296] <... write resumed>) = 524288 [pid 5295] mkdir("./file1", 0777 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5079] close(3) = 0 [pid 5079] rmdir("./35" [pid 5295] <... mkdir resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5295] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5078] mkdir("./34", 0777 [pid 5080] newfstatat(AT_FDCWD, "./34/file1", [pid 5079] mkdir("./36", 0777 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5079] <... mkdir resumed>) = 0 [pid 5296] munmap(0x7f7064400000, 138412032 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5296] <... munmap resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... ioctl resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5078] close(3) = 0 [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5296] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5079] <... ioctl resumed>) = 0 [pid 5296] <... openat resumed>) = 4 [pid 5079] close(3) = 0 [pid 5080] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] close(3) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5296] ioctl(4, LOOP_SET_FD, 3 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5296] <... ioctl resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5297 ./strace-static-x86_64: Process 5297 attached [pid 5080] newfstatat(4, "", [pid 5297] set_robust_list(0x555574eaa660, 24 [pid 5296] close(3 [pid 5297] <... set_robust_list resumed>) = 0 [pid 5296] <... close resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5297] chdir("./35" [pid 5296] close(4 [pid 5080] getdents64(4, [pid 5297] <... chdir resumed>) = 0 [pid 5296] <... close resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5299 ./strace-static-x86_64: Process 5299 attached [pid 5297] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5296] mkdir("./file1", 0777 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5298 [pid 5299] set_robust_list(0x555574eaa660, 24 [pid 5297] <... prctl resumed>) = 0 [pid 5296] <... mkdir resumed>) = 0 [pid 5080] getdents64(4, [pid 5297] setpgid(0, 0 [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5297] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5298 attached [pid 5297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5296] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5298] set_robust_list(0x555574eaa660, 24 [pid 5299] <... set_robust_list resumed>) = 0 [pid 5297] <... openat resumed>) = 3 [pid 5080] close(4 [pid 5298] <... set_robust_list resumed>) = 0 [pid 5297] write(3, "1000", 4 [pid 5298] chdir("./36" [pid 5297] <... write resumed>) = 4 [pid 5298] <... chdir resumed>) = 0 [pid 5297] close(3 [pid 5080] <... close resumed>) = 0 [pid 5299] chdir("./34" [pid 5297] <... close resumed>) = 0 [pid 5298] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5299] <... chdir resumed>) = 0 [pid 5297] symlink("/dev/binderfs", "./binderfs" [pid 5295] <... mount resumed>) = 0 [pid 5080] rmdir("./34/file1" [pid 5298] <... prctl resumed>) = 0 [pid 5299] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5297] <... symlink resumed>) = 0 [pid 5295] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... rmdir resumed>) = 0 [pid 5298] setpgid(0, 0 [pid 5299] <... prctl resumed>) = 0 [pid 5297] memfd_create("syzkaller", 0 [pid 5080] getdents64(3, [pid 5298] <... setpgid resumed>) = 0 [pid 5297] <... memfd_create resumed>) = 3 [pid 5295] <... openat resumed>) = 3 [pid 5298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5299] setpgid(0, 0 [pid 5297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5295] chdir("./file1" [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5299] <... setpgid resumed>) = 0 [pid 5297] <... mmap resumed>) = 0x7f7064400000 [pid 5295] <... chdir resumed>) = 0 [pid 5080] close(3 [pid 5299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5297] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5295] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] <... close resumed>) = 0 [pid 5298] <... openat resumed>) = 3 [pid 5299] <... openat resumed>) = 3 [pid 5296] <... mount resumed>) = 0 [pid 5295] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 133.625657][ T5296] loop2: detected capacity change from 0 to 1024 [pid 5080] rmdir("./34" [pid 5298] write(3, "1000", 4 [pid 5299] write(3, "1000", 4 [pid 5296] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5295] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... rmdir resumed>) = 0 [pid 5299] <... write resumed>) = 4 [pid 5299] close(3 [pid 5295] <... openat resumed>) = 4 [pid 5080] mkdir("./35", 0777 [pid 5299] <... close resumed>) = 0 [pid 5295] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5298] <... write resumed>) = 4 [pid 5299] symlink("/dev/binderfs", "./binderfs" [pid 5297] <... write resumed>) = 524288 [pid 5296] <... openat resumed>) = 3 [pid 5080] <... mkdir resumed>) = 0 [pid 5298] close(3) = 0 [pid 5296] chdir("./file1" [pid 5298] symlink("/dev/binderfs", "./binderfs" [pid 5299] <... symlink resumed>) = 0 [pid 5296] <... chdir resumed>) = 0 [pid 5298] <... symlink resumed>) = 0 [pid 5296] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5298] memfd_create("syzkaller", 0 [pid 5296] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5299] memfd_create("syzkaller", 0 [pid 5298] <... memfd_create resumed>) = 3 [pid 5296] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5298] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5296] <... openat resumed>) = 4 [pid 5298] <... mmap resumed>) = 0x7f7064400000 [pid 5296] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5298] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5299] <... memfd_create resumed>) = 3 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5299] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... openat resumed>) = 3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5298] <... write resumed>) = 524288 [pid 5299] <... mmap resumed>) = 0x7f7064400000 [pid 5080] <... ioctl resumed>) = 0 [pid 5080] close(3 [pid 5295] <... ioctl resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5296] <... ioctl resumed>) = 0 [pid 5296] exit_group(0 [pid 5295] exit_group(0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5299] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5296] <... exit_group resumed>) = ? [pid 5295] <... exit_group resumed>) = ? [pid 5297] munmap(0x7f7064400000, 138412032) = 0 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5300 [pid 5295] +++ exited with 0 +++ [pid 5297] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5295, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5297] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5300 attached [pid 5075] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5300] set_robust_list(0x555574eaa660, 24 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5297] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... openat resumed>) = 3 [pid 5297] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5075] newfstatat(3, "", [pid 5297] ioctl(4, LOOP_CLR_FD [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5296] +++ exited with 0 +++ [pid 5075] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5296, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5077] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] unlink("./34/binderfs") = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5300] <... set_robust_list resumed>) = 0 [pid 5298] munmap(0x7f7064400000, 138412032 [pid 5077] <... openat resumed>) = 3 [pid 5075] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5300] chdir("./35" [pid 5298] <... munmap resumed>) = 0 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5298] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5299] <... write resumed>) = 524288 [pid 5077] getdents64(3, [pid 5300] <... chdir resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5298] <... openat resumed>) = 4 [pid 5077] newfstatat(AT_FDCWD, "./34/binderfs", [pid 5075] <... umount2 resumed>) = 0 [pid 5298] ioctl(4, LOOP_SET_FD, 3 [pid 5300] setpgid(0, 0 [pid 5299] munmap(0x7f7064400000, 138412032 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5300] <... setpgid resumed>) = 0 [pid 5299] <... munmap resumed>) = 0 [pid 5077] unlink("./34/binderfs" [pid 5300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5299] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5077] <... unlink resumed>) = 0 [pid 5297] <... ioctl resumed>) = 0 [ 133.787701][ T5298] loop4: detected capacity change from 0 to 1024 [pid 5077] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5300] <... openat resumed>) = 3 [pid 5298] <... ioctl resumed>) = 0 [pid 5299] <... openat resumed>) = 4 [pid 5077] <... umount2 resumed>) = 0 [pid 5075] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5299] ioctl(4, LOOP_SET_FD, 3 [pid 5077] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5297] ioctl(4, LOOP_SET_FD, 3 [pid 5077] newfstatat(AT_FDCWD, "./34/file1", [pid 5075] newfstatat(AT_FDCWD, "./34/file1", [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./34/file1") = 0 [pid 5077] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5300] write(3, "1000", 4 [pid 5298] close(3 [pid 5299] <... ioctl resumed>) = 0 [pid 5297] <... ioctl resumed>) = 0 [pid 5077] close(3 [pid 5075] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5300] <... write resumed>) = 4 [pid 5298] <... close resumed>) = 0 [pid 5300] close(3 [pid 5298] close(4 [pid 5077] <... close resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5298] <... close resumed>) = 0 [pid 5300] <... close resumed>) = 0 [pid 5077] rmdir("./34" [pid 5075] <... openat resumed>) = 4 [pid 5300] symlink("/dev/binderfs", "./binderfs" [pid 5298] mkdir("./file1", 0777 [pid 5075] newfstatat(4, "", [pid 5077] <... rmdir resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5300] <... symlink resumed>) = 0 [pid 5298] <... mkdir resumed>) = 0 [pid 5299] close(3 [pid 5297] close(3 [pid 5077] mkdir("./35", 0777 [pid 5075] getdents64(4, [pid 5300] memfd_create("syzkaller", 0 [pid 5299] <... close resumed>) = 0 [pid 5297] <... close resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5299] close(4 [pid 5297] close(4 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5299] <... close resumed>) = 0 [pid 5075] getdents64(4, [pid 5297] <... close resumed>) = 0 [pid 5299] mkdir("./file1", 0777 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5297] mkdir("./file1", 0777 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] close(4 [pid 5077] <... openat resumed>) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5300] <... memfd_create resumed>) = 3 [pid 5298] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5299] <... mkdir resumed>) = 0 [pid 5297] <... mkdir resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5299] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5297] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5075] rmdir("./34/file1") = 0 [pid 5300] <... mmap resumed>) = 0x7f7064400000 [pid 5075] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] close(3) = 0 [pid 5075] rmdir("./34") = 0 [pid 5075] mkdir("./35", 0777) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [ 133.841878][ T5299] loop3: detected capacity change from 0 to 1024 [ 133.849793][ T5297] loop1: detected capacity change from 0 to 1024 [pid 5300] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5077] <... ioctl resumed>) = 0 [pid 5298] <... mount resumed>) = 0 [pid 5298] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5297] <... mount resumed>) = 0 [pid 5077] close(3) = 0 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5298] <... openat resumed>) = 3 [pid 5297] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5301 [pid 5300] <... write resumed>) = 524288 [pid 5297] <... openat resumed>) = 3 [pid 5298] chdir("./file1" [pid 5297] chdir("./file1" [pid 5298] <... chdir resumed>) = 0 [pid 5298] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5297] <... chdir resumed>) = 0 [pid 5297] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5301 attached [pid 5298] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5297] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5301] set_robust_list(0x555574eaa660, 24) = 0 [pid 5301] chdir("./35") = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5301] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5300] munmap(0x7f7064400000, 138412032 [pid 5298] <... openat resumed>) = 4 [pid 5299] <... mount resumed>) = 0 [pid 5297] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] close(3 [pid 5301] <... prctl resumed>) = 0 [pid 5301] setpgid(0, 0 [pid 5297] <... openat resumed>) = 4 [pid 5075] <... close resumed>) = 0 [pid 5301] <... setpgid resumed>) = 0 [pid 5298] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5299] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5300] <... munmap resumed>) = 0 [pid 5298] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5299] <... openat resumed>) = 3 [pid 5299] chdir("./file1" [pid 5301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5300] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5298] exit_group(0 [pid 5299] <... chdir resumed>) = 0 [pid 5297] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5299] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5300] <... openat resumed>) = 4 [pid 5298] <... exit_group resumed>) = ? [pid 5299] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5297] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5302 ./strace-static-x86_64: Process 5302 attached [pid 5299] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5302] set_robust_list(0x555574eaa660, 24 [pid 5301] <... openat resumed>) = 3 [pid 5299] <... openat resumed>) = 4 [pid 5302] <... set_robust_list resumed>) = 0 [pid 5301] write(3, "1000", 4 [pid 5299] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5301] <... write resumed>) = 4 [pid 5299] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5302] chdir("./35" [pid 5301] close(3 [pid 5300] ioctl(4, LOOP_SET_FD, 3 [pid 5299] exit_group(0 [pid 5301] <... close resumed>) = 0 [pid 5302] <... chdir resumed>) = 0 [pid 5301] symlink("/dev/binderfs", "./binderfs" [pid 5302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5301] <... symlink resumed>) = 0 [pid 5302] <... prctl resumed>) = 0 [pid 5301] memfd_create("syzkaller", 0 [pid 5302] setpgid(0, 0 [pid 5301] <... memfd_create resumed>) = 3 [pid 5302] <... setpgid resumed>) = 0 [pid 5301] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5301] <... mmap resumed>) = 0x7f7064400000 [pid 5298] +++ exited with 0 +++ [pid 5299] <... exit_group resumed>) = ? [pid 5297] exit_group(0 [pid 5302] <... openat resumed>) = 3 [pid 5301] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5298, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5297] <... exit_group resumed>) = ? [pid 5302] write(3, "1000", 4) = 4 [pid 5302] close(3 [pid 5079] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5302] <... close resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5302] symlink("/dev/binderfs", "./binderfs" [pid 5079] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5302] <... symlink resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5302] memfd_create("syzkaller", 0 [pid 5079] newfstatat(3, "", [pid 5299] +++ exited with 0 +++ [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] getdents64(3, [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5299, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5297] +++ exited with 0 +++ [pid 5079] unlink("./36/binderfs" [pid 5302] <... memfd_create resumed>) = 3 [pid 5300] <... ioctl resumed>) = 0 [pid 5079] <... unlink resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5297, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5302] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5300] close(3 [pid 5079] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5302] <... mmap resumed>) = 0x7f7064400000 [pid 5300] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5300] close(4) = 0 [pid 5078] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(3, "", [pid 5300] mkdir("./file1", 0777 [pid 5076] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5300] <... mkdir resumed>) = 0 [pid 5078] umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5079] <... umount2 resumed>) = 0 [pid 5079] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5300] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] newfstatat(3, "", [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] newfstatat(AT_FDCWD, "./36/file1", [pid 5078] newfstatat(AT_FDCWD, "./34/binderfs", [pid 5076] getdents64(3, [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [ 134.011176][ T5300] loop5: detected capacity change from 0 to 1024 [pid 5076] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5300] <... mount resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] unlink("./34/binderfs" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] newfstatat(AT_FDCWD, "./35/binderfs", [pid 5302] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] <... openat resumed>) = 4 [pid 5078] <... unlink resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] newfstatat(4, "", [pid 5301] <... write resumed>) = 524288 [pid 5300] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] unlink("./35/binderfs" [pid 5079] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] getdents64(4, [pid 5076] <... unlink resumed>) = 0 [pid 5301] munmap(0x7f7064400000, 138412032 [pid 5300] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] close(4 [pid 5301] <... munmap resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./36/file1" [pid 5300] chdir("./file1" [pid 5301] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5300] <... chdir resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5301] <... openat resumed>) = 4 [pid 5300] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5079] getdents64(3, [pid 5078] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5302] <... write resumed>) = 524288 [pid 5301] ioctl(4, LOOP_SET_FD, 3 [pid 5300] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5300] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5079] close(3 [pid 5078] newfstatat(AT_FDCWD, "./34/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5078] umount2("./34/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5300] <... openat resumed>) = 4 [pid 5079] <... close resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = 0 [pid 5079] rmdir("./36" [pid 5300] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] openat(AT_FDCWD, "./34/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... rmdir resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5300] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./35/file1", [pid 5300] exit_group(0 [pid 5078] newfstatat(4, "", [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5300] <... exit_group resumed>) = ? [pid 5079] mkdir("./37", 0777 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5302] munmap(0x7f7064400000, 138412032) = 0 [pid 5302] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5300] +++ exited with 0 +++ [pid 5078] getdents64(4, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5302] <... openat resumed>) = 4 [pid 5302] ioctl(4, LOOP_SET_FD, 3 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5300, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5079] <... mkdir resumed>) = 0 [pid 5078] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5078] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5078] close(4 [pid 5076] newfstatat(4, "", [pid 5079] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5078] rmdir("./34/file1" [pid 5301] <... ioctl resumed>) = 0 [pid 5301] close(3) = 0 [pid 5301] close(4) = 0 [pid 5301] mkdir("./file1", 0777) = 0 [pid 5080] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, [pid 5078] getdents64(3, [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5080] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5078] close(3 [pid 5076] <... close resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5302] <... ioctl resumed>) = 0 [pid 5076] rmdir("./35/file1" [ 134.108975][ T5301] loop2: detected capacity change from 0 to 1024 [ 134.127612][ T5302] loop0: detected capacity change from 0 to 1024 [pid 5301] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5302] close(3 [pid 5080] newfstatat(3, "", [pid 5079] close(3 [pid 5078] rmdir("./34" [pid 5076] <... rmdir resumed>) = 0 [pid 5302] <... close resumed>) = 0 [pid 5302] close(4 [pid 5078] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5302] <... close resumed>) = 0 [pid 5302] mkdir("./file1", 0777 [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] <... close resumed>) = 0 [pid 5302] <... mkdir resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] mkdir("./35", 0777 [pid 5076] close(3) = 0 [pid 5076] rmdir("./35" [pid 5078] <... mkdir resumed>) = 0 [pid 5080] getdents64(3, [pid 5076] <... rmdir resumed>) = 0 [pid 5301] <... mount resumed>) = 0 [pid 5301] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5301] <... openat resumed>) = 3 [pid 5301] chdir("./file1"./strace-static-x86_64: Process 5303 attached [pid 5302] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5301] <... chdir resumed>) = 0 [pid 5080] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] mkdir("./36", 0777 [pid 5301] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5078] <... openat resumed>) = 3 [pid 5301] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5303] set_robust_list(0x555574eaa660, 24 [pid 5301] <... openat resumed>) = 4 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5303 [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5076] <... mkdir resumed>) = 0 [pid 5301] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] newfstatat(AT_FDCWD, "./35/binderfs", [pid 5303] <... set_robust_list resumed>) = 0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5303] chdir("./37" [pid 5080] unlink("./35/binderfs" [pid 5076] <... openat resumed>) = 3 [pid 5303] <... chdir resumed>) = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5303] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5303] <... prctl resumed>) = 0 [pid 5303] setpgid(0, 0) = 0 [pid 5303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5303] write(3, "1000", 4 [pid 5301] <... ioctl resumed>) = 0 [pid 5301] exit_group(0) = ? [pid 5301] +++ exited with 0 +++ [pid 5303] <... write resumed>) = 4 [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5301, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5303] close(3 [pid 5077] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, [pid 5303] <... close resumed>) = 0 [pid 5080] <... umount2 resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5303] symlink("/dev/binderfs", "./binderfs" [pid 5080] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./35/binderfs", [pid 5303] <... symlink resumed>) = 0 [pid 5077] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] unlink("./35/binderfs" [pid 5080] newfstatat(AT_FDCWD, "./35/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] <... unlink resumed>) = 0 [pid 5080] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5303] memfd_create("syzkaller", 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5303] <... memfd_create resumed>) = 3 [pid 5080] <... openat resumed>) = 4 [pid 5303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] newfstatat(4, "", [pid 5303] <... mmap resumed>) = 0x7f7064400000 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5303] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] getdents64(4, [pid 5078] <... ioctl resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5302] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] close(3 [pid 5080] close(4 [pid 5078] <... close resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5077] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./35/file1", [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] <... close resumed>) = 0 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5304 [pid 5077] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 ./strace-static-x86_64: Process 5304 attached [ 134.232603][ T5302] hfsplus: unable to set blocksize to 1024! [ 134.238626][ T5302] hfsplus: unable to find HFS+ superblock [pid 5304] set_robust_list(0x555574eaa660, 24 [pid 5302] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] rmdir("./35/file1" [pid 5304] <... set_robust_list resumed>) = 0 [pid 5077] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5304] chdir("./35" [pid 5077] getdents64(4, [pid 5302] <... openat resumed>) = 3 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5077] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5077] close(4) = 0 [pid 5077] rmdir("./35/file1" [pid 5304] <... chdir resumed>) = 0 [pid 5302] ioctl(3, LOOP_CLR_FD [pid 5080] <... rmdir resumed>) = 0 [pid 5077] <... rmdir resumed>) = 0 [pid 5303] <... write resumed>) = 524288 [pid 5077] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5304] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5303] munmap(0x7f7064400000, 138412032 [pid 5080] getdents64(3, [pid 5304] <... prctl resumed>) = 0 [pid 5304] setpgid(0, 0 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5077] close(3) = 0 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] rmdir("./35" [pid 5304] <... setpgid resumed>) = 0 [pid 5080] close(3 [pid 5077] <... rmdir resumed>) = 0 [pid 5077] mkdir("./36", 0777 [pid 5080] <... close resumed>) = 0 [pid 5303] <... munmap resumed>) = 0 [pid 5304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5303] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] rmdir("./35" [pid 5077] <... mkdir resumed>) = 0 [pid 5304] <... openat resumed>) = 3 [pid 5303] <... openat resumed>) = 4 [pid 5080] <... rmdir resumed>) = 0 [pid 5304] write(3, "1000", 4 [pid 5303] ioctl(4, LOOP_SET_FD, 3 [pid 5304] <... write resumed>) = 4 [pid 5080] mkdir("./36", 0777 [pid 5304] close(3 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5304] <... close resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5305 [pid 5080] <... mkdir resumed>) = 0 [pid 5304] symlink("/dev/binderfs", "./binderfs" [pid 5303] <... ioctl resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR./strace-static-x86_64: Process 5305 attached [pid 5305] set_robust_list(0x555574eaa660, 24) = 0 [pid 5305] chdir("./36" [pid 5304] <... symlink resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5305] <... chdir resumed>) = 0 [pid 5305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5305] setpgid(0, 0 [pid 5304] memfd_create("syzkaller", 0 [pid 5303] close(3 [pid 5080] ioctl(3, LOOP_CLR_FD [pid 5305] <... setpgid resumed>) = 0 [pid 5305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5303] <... close resumed>) = 0 [pid 5305] <... openat resumed>) = 3 [pid 5304] <... memfd_create resumed>) = 3 [pid 5303] close(4) = 0 [pid 5303] mkdir("./file1", 0777 [pid 5305] write(3, "1000", 4) = 4 [pid 5305] close(3) = 0 [pid 5305] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5305] memfd_create("syzkaller", 0) = 3 [pid 5305] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [ 134.323882][ T5303] loop4: detected capacity change from 0 to 1024 [pid 5305] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5304] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5303] <... mkdir resumed>) = 0 [pid 5304] <... mmap resumed>) = 0x7f7064400000 [pid 5303] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5304] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5302] <... ioctl resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5304] <... write resumed>) = 524288 [pid 5303] <... mount resumed>) = 0 [pid 5080] close(3 [pid 5302] close(3) = 0 [pid 5302] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5077] <... ioctl resumed>) = 0 [pid 5302] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [ 134.368358][ T5097] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5302] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5302] exit_group(0) = ? [pid 5303] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5305] <... write resumed>) = 524288 [pid 5303] <... openat resumed>) = 3 [pid 5302] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5302, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5305] munmap(0x7f7064400000, 138412032 [pid 5303] chdir("./file1" [pid 5075] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5303] <... chdir resumed>) = 0 [pid 5305] <... munmap resumed>) = 0 [pid 5303] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5305] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5305] ioctl(4, LOOP_SET_FD, 3 [pid 5304] munmap(0x7f7064400000, 138412032 [pid 5303] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5077] close(3 [pid 5075] newfstatat(3, "", [pid 5304] <... munmap resumed>) = 0 [pid 5303] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5306 [pid 5077] <... close resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5304] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5303] <... openat resumed>) = 4 [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] getdents64(3, ./strace-static-x86_64: Process 5306 attached [pid 5304] <... openat resumed>) = 4 [pid 5303] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5307 attached [pid 5304] ioctl(4, LOOP_SET_FD, 3 [pid 5303] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5306] set_robust_list(0x555574eaa660, 24 [pid 5075] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5306] <... set_robust_list resumed>) = 0 [pid 5303] exit_group(0 [pid 5307] set_robust_list(0x555574eaa660, 24 [pid 5306] chdir("./36" [pid 5303] <... exit_group resumed>) = ? [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5306] <... chdir resumed>) = 0 [pid 5305] <... ioctl resumed>) = 0 [pid 5303] +++ exited with 0 +++ [pid 5075] newfstatat(AT_FDCWD, "./35/binderfs", [pid 5306] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5305] close(3 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5306] <... prctl resumed>) = 0 [pid 5305] <... close resumed>) = 0 [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5303, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5075] unlink("./35/binderfs" [pid 5306] setpgid(0, 0 [pid 5305] close(4 [pid 5079] umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... unlink resumed>) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5307] <... set_robust_list resumed>) = 0 [pid 5306] <... setpgid resumed>) = 0 [pid 5305] <... close resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5307 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5307] chdir("./36" [pid 5306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5305] mkdir("./file1", 0777 [pid 5079] <... openat resumed>) = 3 [pid 5075] newfstatat(AT_FDCWD, "./35/file1", [pid 5307] <... chdir resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5307] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5307] <... prctl resumed>) = 0 [pid 5305] <... mkdir resumed>) = 0 [pid 5079] getdents64(3, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5307] setpgid(0, 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5307] <... setpgid resumed>) = 0 [pid 5306] <... openat resumed>) = 3 [pid 5305] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... openat resumed>) = 4 [pid 5307] <... openat resumed>) = 3 [pid 5307] write(3, "1000", 4 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] newfstatat(4, "", [pid 5307] <... write resumed>) = 4 [pid 5079] newfstatat(AT_FDCWD, "./37/binderfs", [pid 5307] close(3 [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5307] <... close resumed>) = 0 [pid 5079] unlink("./37/binderfs" [pid 5075] getdents64(4, [pid 5307] symlink("/dev/binderfs", "./binderfs" [pid 5306] write(3, "1000", 4 [pid 5079] <... unlink resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5307] <... symlink resumed>) = 0 [pid 5306] <... write resumed>) = 4 [pid 5079] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5307] memfd_create("syzkaller", 0 [pid 5306] close(3 [pid 5075] getdents64(4, [pid 5306] <... close resumed>) = 0 [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5306] symlink("/dev/binderfs", "./binderfs" [pid 5075] close(4 [pid 5307] <... memfd_create resumed>) = 3 [pid 5075] <... close resumed>) = 0 [pid 5307] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5304] <... ioctl resumed>) = 0 [pid 5075] rmdir("./35/file1" [pid 5307] <... mmap resumed>) = 0x7f7064400000 [pid 5306] <... symlink resumed>) = 0 [ 134.445273][ T5305] loop1: detected capacity change from 0 to 1024 [ 134.461350][ T5304] loop3: detected capacity change from 0 to 1024 [pid 5075] <... rmdir resumed>) = 0 [pid 5307] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5306] memfd_create("syzkaller", 0 [pid 5304] close(3 [pid 5079] <... umount2 resumed>) = 0 [pid 5306] <... memfd_create resumed>) = 3 [pid 5306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5075] getdents64(3, [pid 5306] <... mmap resumed>) = 0x7f7064400000 [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5305] <... mount resumed>) = 0 [pid 5304] <... close resumed>) = 0 [pid 5075] close(3 [pid 5304] close(4 [pid 5075] <... close resumed>) = 0 [pid 5305] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5304] <... close resumed>) = 0 [pid 5304] mkdir("./file1", 0777 [pid 5075] rmdir("./35" [pid 5305] <... openat resumed>) = 3 [pid 5304] <... mkdir resumed>) = 0 [pid 5079] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5305] chdir("./file1" [pid 5075] <... rmdir resumed>) = 0 [pid 5305] <... chdir resumed>) = 0 [pid 5304] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5305] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5307] <... write resumed>) = 524288 [pid 5306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5305] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] newfstatat(AT_FDCWD, "./37/file1", [pid 5075] mkdir("./36", 0777 [pid 5305] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5305] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5079] umount2("./37/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5305] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5079] openat(AT_FDCWD, "./37/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5305] exit_group(0 [pid 5079] <... openat resumed>) = 4 [pid 5075] <... openat resumed>) = 3 [pid 5305] <... exit_group resumed>) = ? [pid 5079] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5079] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5079] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5075] close(3 [pid 5079] close(4) = 0 [pid 5075] <... close resumed>) = 0 [pid 5079] rmdir("./37/file1") = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555574eaa650) = 5308 ./strace-static-x86_64: Process 5308 attached [pid 5308] set_robust_list(0x555574eaa660, 24 [pid 5307] munmap(0x7f7064400000, 138412032 [pid 5308] <... set_robust_list resumed>) = 0 [pid 5306] <... write resumed>) = 524288 [pid 5305] +++ exited with 0 +++ [pid 5304] <... mount resumed>) = 0 [pid 5079] getdents64(3, [pid 5308] chdir("./36" [pid 5304] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5305, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5308] <... chdir resumed>) = 0 [pid 5304] <... openat resumed>) = 3 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5308] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5307] <... munmap resumed>) = 0 [pid 5304] chdir("./file1" [pid 5079] close(3 [pid 5308] <... prctl resumed>) = 0 [pid 5304] <... chdir resumed>) = 0 [pid 5308] setpgid(0, 0 [pid 5307] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5304] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5308] <... setpgid resumed>) = 0 [pid 5307] <... openat resumed>) = 4 [pid 5306] munmap(0x7f7064400000, 138412032 [pid 5304] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5079] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] rmdir("./37" [pid 5307] ioctl(4, LOOP_SET_FD, 3 [pid 5306] <... munmap resumed>) = 0 [pid 5304] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] <... openat resumed>) = 3 [pid 5308] <... openat resumed>) = 3 [pid 5306] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5304] <... openat resumed>) = 4 [pid 5079] <... rmdir resumed>) = 0 [pid 5076] newfstatat(3, "", [pid 5306] <... openat resumed>) = 4 [pid 5308] write(3, "1000", 4 [pid 5079] mkdir("./38", 0777 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5308] <... write resumed>) = 4 [pid 5304] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5308] close(3 [pid 5079] <... mkdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5308] <... close resumed>) = 0 [pid 5304] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5308] symlink("/dev/binderfs", "./binderfs" [pid 5306] ioctl(4, LOOP_SET_FD, 3 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5308] <... symlink resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5304] exit_group(0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5308] memfd_create("syzkaller", 0 [pid 5304] <... exit_group resumed>) = ? [pid 5079] ioctl(3, LOOP_CLR_FD [pid 5076] newfstatat(AT_FDCWD, "./36/binderfs", [pid 5308] <... memfd_create resumed>) = 3 [pid 5304] +++ exited with 0 +++ [pid 5079] <... ioctl resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] close(3 [pid 5076] unlink("./36/binderfs" [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5304, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5078] umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5078] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5079] <... close resumed>) = 0 [pid 5078] umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... unlink resumed>) = 0 [pid 5308] <... mmap resumed>) = 0x7f7064400000 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5307] <... ioctl resumed>) = 0 [pid 5078] unlink("./35/binderfs" [pid 5307] close(3 [pid 5078] <... unlink resumed>) = 0 [pid 5307] <... close resumed>) = 0 [pid 5078] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5307] close(4) = 0 [pid 5307] mkdir("./file1", 0777 [pid 5308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5307] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5309 attached [pid 5309] set_robust_list(0x555574eaa660, 24 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5309 [pid 5307] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5309] <... set_robust_list resumed>) = 0 [pid 5309] chdir("./38") = 0 [pid 5309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 134.576043][ T5307] loop2: detected capacity change from 0 to 1024 [ 134.590061][ T5306] loop5: detected capacity change from 0 to 1024 [pid 5309] setpgid(0, 0) = 0 [pid 5309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5306] <... ioctl resumed>) = 0 [pid 5309] <... openat resumed>) = 3 [pid 5309] write(3, "1000", 4) = 4 [pid 5309] close(3) = 0 [pid 5309] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5306] close(3 [pid 5076] <... umount2 resumed>) = 0 [pid 5306] <... close resumed>) = 0 [pid 5076] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5306] close(4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] newfstatat(AT_FDCWD, "./36/file1", [pid 5306] <... close resumed>) = 0 [pid 5306] mkdir("./file1", 0777 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5076] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5308] <... write resumed>) = 524288 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] newfstatat(4, "", [pid 5306] <... mkdir resumed>) = 0 [pid 5076] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5076] getdents64(4, [pid 5306] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5309] memfd_create("syzkaller", 0 [pid 5076] getdents64(4, [pid 5309] <... memfd_create resumed>) = 3 [pid 5076] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5308] munmap(0x7f7064400000, 138412032 [pid 5076] close(4 [pid 5309] <... mmap resumed>) = 0x7f7064400000 [pid 5307] <... mount resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./36/file1" [pid 5308] <... munmap resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5309] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5308] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5306] <... mount resumed>) = 0 [pid 5078] <... umount2 resumed>) = 0 [pid 5308] <... openat resumed>) = 4 [pid 5307] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5306] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5076] getdents64(3, [pid 5308] ioctl(4, LOOP_SET_FD, 3 [pid 5307] <... openat resumed>) = 3 [pid 5307] chdir("./file1") = 0 [pid 5307] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5307] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5306] <... openat resumed>) = 3 [pid 5078] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5306] chdir("./file1" [pid 5076] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5306] <... chdir resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5306] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5078] newfstatat(AT_FDCWD, "./35/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5309] <... write resumed>) = 524288 [pid 5307] <... openat resumed>) = 4 [pid 5306] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] umount2("./35/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5306] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5078] openat(AT_FDCWD, "./35/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5078] newfstatat(4, "", [pid 5307] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5078] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5078] close(4) = 0 [pid 5078] rmdir("./35/file1") = 0 [pid 5078] getdents64(3, 0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5308] <... ioctl resumed>) = 0 [pid 5306] <... openat resumed>) = 4 [pid 5078] close(3 [pid 5076] close(3 [pid 5308] close(3 [pid 5306] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5309] munmap(0x7f7064400000, 138412032 [pid 5078] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5309] <... munmap resumed>) = 0 [pid 5308] <... close resumed>) = 0 [pid 5078] rmdir("./35" [pid 5076] rmdir("./36" [pid 5309] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5308] close(4 [pid 5078] <... rmdir resumed>) = 0 [pid 5309] <... openat resumed>) = 4 [pid 5308] <... close resumed>) = 0 [ 134.685812][ T5308] loop0: detected capacity change from 0 to 1024 [pid 5078] mkdir("./36", 0777 [pid 5076] <... rmdir resumed>) = 0 [pid 5309] ioctl(4, LOOP_SET_FD, 3 [pid 5308] mkdir("./file1", 0777 [pid 5078] <... mkdir resumed>) = 0 [pid 5076] mkdir("./37", 0777 [pid 5308] <... mkdir resumed>) = 0 [pid 5307] <... ioctl resumed>) = 0 [pid 5306] <... ioctl resumed>) = 0 [pid 5078] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... mkdir resumed>) = 0 [pid 5308] mount("/dev/loop0", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5306] exit_group(0 [pid 5076] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5307] exit_group(0 [pid 5078] <... openat resumed>) = 3 [pid 5307] <... exit_group resumed>) = ? [pid 5078] ioctl(3, LOOP_CLR_FD [pid 5306] <... exit_group resumed>) = ? [pid 5076] <... openat resumed>) = 3 [pid 5307] +++ exited with 0 +++ [pid 5077] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5307, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5077] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5077] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] getdents64(3, 0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] unlink("./36/binderfs") = 0 [pid 5077] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5306] +++ exited with 0 +++ [pid 5308] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5308] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5309] <... ioctl resumed>) = 0 [pid 5077] <... umount2 resumed>) = 0 [pid 5309] close(3 [pid 5080] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5306, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5308] <... openat resumed>) = 3 [pid 5309] <... close resumed>) = 0 [pid 5080] restart_syscall(<... resuming interrupted clone ...> [pid 5077] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5309] close(4 [pid 5308] ioctl(3, LOOP_CLR_FD [pid 5080] <... restart_syscall resumed>) = 0 [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5308] <... ioctl resumed>) = 0 [pid 5308] close(3 [pid 5309] <... close resumed>) = 0 [pid 5308] <... close resumed>) = 0 [pid 5077] newfstatat(AT_FDCWD, "./36/file1", [pid 5309] mkdir("./file1", 0777 [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5309] <... mkdir resumed>) = 0 [pid 5308] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5077] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5309] mount("/dev/loop4", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5308] <... openat resumed>) = 3 [pid 5080] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5308] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5080] <... openat resumed>) = 3 [pid 5077] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5308] <... ioctl resumed>) = 0 [pid 5080] newfstatat(3, "", [pid 5077] <... openat resumed>) = 4 [pid 5308] exit_group(0 [pid 5080] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] newfstatat(4, "", [pid 5309] <... mount resumed>) = 0 [pid 5308] <... exit_group resumed>) = ? [pid 5080] getdents64(3, [pid 5077] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 134.741101][ T5309] loop4: detected capacity change from 0 to 1024 [ 134.754363][ T5308] hfsplus: unable to set blocksize to 1024! [ 134.772305][ T5308] hfsplus: unable to find HFS+ superblock [pid 5309] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5077] getdents64(4, [pid 5309] <... openat resumed>) = 3 [pid 5080] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5078] <... ioctl resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5076] <... ioctl resumed>) = 0 [pid 5080] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5309] chdir("./file1") = 0 [pid 5309] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] getdents64(4, [pid 5309] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5308] +++ exited with 0 +++ [pid 5080] newfstatat(AT_FDCWD, "./36/binderfs", [pid 5077] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5309] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5080] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5077] close(4 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5308, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5309] <... openat resumed>) = 4 [pid 5080] unlink("./36/binderfs" [pid 5077] <... close resumed>) = 0 [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5077] rmdir("./36/file1") = 0 [pid 5080] <... unlink resumed>) = 0 [pid 5080] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5309] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] getdents64(3, [pid 5309] <... ioctl resumed>) = 0 [pid 5077] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5309] exit_group(0 [pid 5077] close(3) = 0 [pid 5309] <... exit_group resumed>) = ? [pid 5077] rmdir("./36") = 0 [pid 5075] <... restart_syscall resumed>) = 0 [pid 5077] mkdir("./37", 0777) = 0 [pid 5077] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] close(3) = 0 [pid 5077] <... openat resumed>) = 3 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5309] +++ exited with 0 +++ [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5080] <... umount2 resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5309, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5078] close(3 [pid 5077] ioctl(3, LOOP_CLR_FD [pid 5075] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5075] newfstatat(3, "", [pid 5078] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... clone resumed>, child_tidptr=0x555574eaa650) = 5310 [pid 5080] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] newfstatat(AT_FDCWD, "./36/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5080] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5080] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5080] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5080] getdents64(4, 0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5078] <... clone resumed>, child_tidptr=0x555574eaa650) = 5311 [pid 5080] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5080] close(4) = 0 [pid 5080] rmdir("./36/file1") = 0 [pid 5075] getdents64(3, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5311 attached [pid 5080] getdents64(3, ./strace-static-x86_64: Process 5310 attached [pid 5311] set_robust_list(0x555574eaa660, 24 [pid 5080] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5079] openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5311] <... set_robust_list resumed>) = 0 [pid 5080] close(3 [pid 5311] chdir("./36" [pid 5080] <... close resumed>) = 0 [pid 5311] <... chdir resumed>) = 0 [pid 5080] rmdir("./36" [pid 5311] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] <... rmdir resumed>) = 0 [pid 5311] <... prctl resumed>) = 0 [pid 5311] setpgid(0, 0) = 0 [pid 5311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] mkdir("./37", 0777 [pid 5079] <... openat resumed>) = 3 [pid 5075] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5310] set_robust_list(0x555574eaa660, 24 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] newfstatat(3, "", [pid 5310] <... set_robust_list resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5311] <... openat resumed>) = 3 [pid 5310] chdir("./37" [pid 5079] getdents64(3, [pid 5075] newfstatat(AT_FDCWD, "./36/binderfs", [pid 5310] <... chdir resumed>) = 0 [ 134.828125][ T5149] ------------[ cut here ]------------ [ 134.833987][ T5149] kernel BUG at arch/x86/mm/physaddr.c:28! [pid 5311] write(3, "1000", 4) = 4 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5077] <... ioctl resumed>) = 0 [pid 5311] close(3 [pid 5080] <... openat resumed>) = 3 [pid 5311] <... close resumed>) = 0 [pid 5311] symlink("/dev/binderfs", "./binderfs" [pid 5080] ioctl(3, LOOP_CLR_FD) = 0 [pid 5311] <... symlink resumed>) = 0 [pid 5080] close(3) = 0 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5311] memfd_create("syzkaller", 0) = 3 [pid 5311] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5080] <... clone resumed>, child_tidptr=0x555574eaa650) = 5312 ./strace-static-x86_64: Process 5312 attached [pid 5312] set_robust_list(0x555574eaa660, 24 [pid 5077] close(3) = 0 [pid 5312] <... set_robust_list resumed>) = 0 [pid 5312] chdir("./37" [pid 5077] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5312] <... chdir resumed>) = 0 [pid 5312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5312] setpgid(0, 0) = 0 [pid 5312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5311] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5312] <... openat resumed>) = 3 [pid 5311] <... write resumed>) = 524288 [pid 5312] write(3, "1000", 4) = 4 [pid 5312] close(3) = 0 [pid 5077] <... clone resumed>, child_tidptr=0x555574eaa650) = 5313 [ 134.883545][ T5149] invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 134.890208][ T5149] CPU: 0 PID: 5149 Comm: udevd Tainted: G B 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 134.900921][ T5149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 134.911063][ T5149] RIP: 0010:__phys_addr+0xd8/0x150 [ 134.916314][ T5149] Code: 48 d3 e8 48 89 c5 48 89 c6 e8 74 3b 50 00 48 85 ed 75 11 e8 5a 40 50 00 48 89 d8 5b 5d 41 5c e9 fe 2b 99 09 e8 49 40 50 00 90 <0f> 0b e8 41 40 50 00 48 c7 c0 10 40 5a 8d 48 ba 00 00 00 00 00 fc [ 134.935978][ T5149] RSP: 0018:ffffc900047c7dc0 EFLAGS: 00010293 [ 134.942074][ T5149] RAX: 0000000000000000 RBX: 0000778000072b48 RCX: ffffffff813dfb60 [ 134.950073][ T5149] RDX: ffff88801f181e00 RSI: ffffffff813dfbe7 RDI: 0000000000000006 [ 134.958098][ T5149] RBP: 0000000080072b48 R08: 0000000000000006 R09: 0000000080072b48 [ 134.966115][ T5149] R10: 0000778000072b48 R11: 0000000000000000 R12: 0000000000000000 [ 134.974111][ T5149] R13: 0000000000000000 R14: ffffc900047c7e18 R15: ffff8880229e0800 [ 134.982110][ T5149] FS: 00007f4484a98c80(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 134.991079][ T5149] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.997695][ T5149] CR2: 0000555574eb36f8 CR3: 000000001cbfa000 CR4: 0000000000350ef0 [ 135.005698][ T5149] Call Trace: [ 135.008992][ T5149] [ 135.011961][ T5149] ? show_regs+0x8c/0xa0 [ 135.016236][ T5149] ? die+0x36/0xa0 [ 135.019988][ T5149] ? do_trap+0x232/0x430 [ 135.024278][ T5149] ? __phys_addr+0xd8/0x150 [ 135.028815][ T5149] ? rcu_is_watching+0x12/0xc0 [ 135.033622][ T5149] ? __phys_addr+0xd8/0x150 [ 135.038179][ T5149] ? do_error_trap+0xf4/0x230 [ 135.042903][ T5149] ? __phys_addr+0xd8/0x150 [ 135.047450][ T5149] ? handle_invalid_op+0x34/0x40 [ 135.052522][ T5149] ? __phys_addr+0xd8/0x150 [ 135.057062][ T5149] ? exc_invalid_op+0x2e/0x50 [ 135.061767][ T5149] ? asm_exc_invalid_op+0x1a/0x20 [ 135.066868][ T5149] ? __phys_addr+0x50/0x150 [ 135.071405][ T5149] ? __phys_addr+0xd7/0x150 [ 135.075941][ T5149] ? __phys_addr+0xd8/0x150 [ 135.080481][ T5149] qlist_free_all+0x6a/0x140 [ 135.085125][ T5149] kasan_quarantine_reduce+0x192/0x1e0 [ 135.090724][ T5149] __kasan_slab_alloc+0x69/0x90 [ 135.095611][ T5149] kmem_cache_alloc+0x136/0x320 [ 135.100499][ T5149] getname_flags.part.0+0x50/0x4f0 [ 135.105652][ T5149] __x64_sys_unlink+0xb2/0x110 [ 135.110466][ T5149] do_syscall_64+0xd5/0x260 [ 135.115022][ T5149] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 135.120974][ T5149] RIP: 0033:0x7f4484b6fda7 [ 135.125409][ T5149] Code: f0 ff ff 73 01 c3 48 8b 0d 7e 90 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 51 90 0d 00 f7 d8 64 89 01 48 [ 135.145056][ T5149] RSP: 002b:00007ffc8cbb49a8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 [ 135.153499][ T5149] RAX: ffffffffffffffda RBX: 00007ffc8cbb4a48 RCX: 00007f4484b6fda7 [ 135.161506][ T5149] RDX: 0000000000000000 RSI: 000055bc78bfbce4 RDI: 00007ffc8cbb4e48 [ 135.169502][ T5149] RBP: 000055bc78c04480 R08: 000055bc78bfbce0 R09: 0000000000000000 [pid 5312] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5312] memfd_create("syzkaller", 0 [pid 5310] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5075] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5313 attached [pid 5313] set_robust_list(0x555574eaa660, 24) = 0 [pid 5313] chdir("./37") = 0 [pid 5313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5313] setpgid(0, 0) = 0 [pid 5313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5313] write(3, "1000", 4 [pid 5311] munmap(0x7f7064400000, 138412032) = 0 [pid 5079] umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5310] <... prctl resumed>) = 0 [pid 5075] unlink("./36/binderfs" [pid 5313] <... write resumed>) = 4 [pid 5313] close(3) = 0 [pid 5313] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5310] setpgid(0, 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... unlink resumed>) = 0 [pid 5310] <... setpgid resumed>) = 0 [pid 5079] newfstatat(AT_FDCWD, "./38/binderfs", [pid 5075] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5313] memfd_create("syzkaller", 0 [pid 5310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5313] <... memfd_create resumed>) = 3 [pid 5079] unlink("./38/binderfs" [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5313] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7064400000 [pid 5310] <... openat resumed>) = 3 [pid 5313] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5311] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5310] write(3, "1000", 4 [pid 5079] <... unlink resumed>) = 0 [pid 5075] newfstatat(AT_FDCWD, "./36/file1", [pid 5310] <... write resumed>) = 4 [pid 5079] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5312] <... memfd_create resumed>) = 3 [pid 5311] <... openat resumed>) = 4 [pid 5310] close(3 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5310] <... close resumed>) = 0 [pid 5310] symlink("/dev/binderfs", "./binderfs" [ 135.177589][ T5149] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffc8cbb4e48 [ 135.185589][ T5149] R13: 00007ffc8cbb5ad8 R14: 000055bc78c19f10 R15: 000055bc78c0449b [ 135.193598][ T5149] [ 135.196631][ T5149] Modules linked in: [pid 5075] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5312] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5311] ioctl(4, LOOP_SET_FD, 3 [pid 5310] <... symlink resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5312] <... mmap resumed>) = 0x7f7064400000 [pid 5310] memfd_create("syzkaller", 0 [pid 5075] openat(AT_FDCWD, "./36/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5312] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5310] <... memfd_create resumed>) = 3 [pid 5075] <... openat resumed>) = 4 [pid 5310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5075] newfstatat(4, "", [pid 5310] <... mmap resumed>) = 0x7f7064400000 [pid 5079] <... umount2 resumed>) = 0 [pid 5075] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5310] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(4, [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] newfstatat(AT_FDCWD, "./38/file1", [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5075] getdents64(4, [pid 5079] umount2("./38/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... getdents64 resumed>0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "./38/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5079] newfstatat(4, "", [pid 5075] close(4 [pid 5312] <... write resumed>) = 524288 [pid 5310] <... write resumed>) = 524288 [pid 5079] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5075] <... close resumed>) = 0 [pid 5079] getdents64(4, [pid 5310] munmap(0x7f7064400000, 138412032 [pid 5079] <... getdents64 resumed>0x555574eb3730 /* 2 entries */, 32768) = 48 [pid 5075] rmdir("./36/file1" [pid 5079] getdents64(4, 0x555574eb3730 /* 0 entries */, 32768) = 0 [pid 5079] close(4 [pid 5311] <... ioctl resumed>) = 0 [pid 5079] <... close resumed>) = 0 [pid 5311] close(3 [pid 5079] rmdir("./38/file1" [pid 5311] <... close resumed>) = 0 [pid 5079] <... rmdir resumed>) = 0 [pid 5311] close(4 [pid 5079] getdents64(3, [pid 5311] <... close resumed>) = 0 [pid 5079] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5075] <... rmdir resumed>) = 0 [ 135.238540][ T5311] loop3: detected capacity change from 0 to 1024 [ 135.273558][ T5149] ---[ end trace 0000000000000000 ]--- [ 135.279151][ T5149] RIP: 0010:__phys_addr+0xd8/0x150 [pid 5310] <... munmap resumed>) = 0 [pid 5079] close(3 [pid 5075] getdents64(3, [pid 5079] <... close resumed>) = 0 [pid 5079] rmdir("./38") = 0 [pid 5079] mkdir("./39", 0777) = 0 [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5079] ioctl(3, LOOP_CLR_FD) = 0 [pid 5079] close(3) = 0 [pid 5079] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5311] mkdir("./file1", 0777 [pid 5310] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] <... getdents64 resumed>0x555574eab6f0 /* 0 entries */, 32768) = 0 [pid 5311] <... mkdir resumed>) = 0 [pid 5079] <... clone resumed>, child_tidptr=0x555574eaa650) = 5314 ./strace-static-x86_64: Process 5314 attached [pid 5313] <... write resumed>) = 524288 [pid 5311] mount("/dev/loop3", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5310] <... openat resumed>) = 4 [ 135.286311][ T5149] Code: 48 d3 e8 48 89 c5 48 89 c6 e8 74 3b 50 00 48 85 ed 75 11 e8 5a 40 50 00 48 89 d8 5b 5d 41 5c e9 fe 2b 99 09 e8 49 40 50 00 90 <0f> 0b e8 41 40 50 00 48 c7 c0 10 40 5a 8d 48 ba 00 00 00 00 00 fc [ 135.306504][ T5149] RSP: 0018:ffffc900047c7dc0 EFLAGS: 00010293 [ 135.313574][ T5149] RAX: 0000000000000000 RBX: 0000778000072b48 RCX: ffffffff813dfb60 [ 135.321694][ T5149] RDX: ffff88801f181e00 RSI: ffffffff813dfbe7 RDI: 0000000000000006 [ 135.330688][ T5149] RBP: 0000000080072b48 R08: 0000000000000006 R09: 0000000080072b48 [pid 5075] close(3 [pid 5314] set_robust_list(0x555574eaa660, 24 [pid 5312] munmap(0x7f7064400000, 138412032 [pid 5310] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... close resumed>) = 0 [pid 5314] <... set_robust_list resumed>) = 0 [pid 5312] <... munmap resumed>) = 0 [pid 5314] chdir("./39" [pid 5312] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5314] <... chdir resumed>) = 0 [pid 5312] <... openat resumed>) = 4 [pid 5314] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5312] ioctl(4, LOOP_SET_FD, 3 [pid 5314] <... prctl resumed>) = 0 [pid 5075] rmdir("./36" [pid 5314] setpgid(0, 0) = 0 [pid 5313] munmap(0x7f7064400000, 138412032 [pid 5075] <... rmdir resumed>) = 0 [pid 5314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5313] <... munmap resumed>) = 0 [pid 5310] <... ioctl resumed>) = 0 [pid 5075] mkdir("./37", 0777 [pid 5314] <... openat resumed>) = 3 [pid 5310] close(3 [pid 5075] <... mkdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5314] write(3, "1000", 4 [pid 5313] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5310] <... close resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5310] close(4 [pid 5314] <... write resumed>) = 4 [pid 5313] <... openat resumed>) = 4 [pid 5310] <... close resumed>) = 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5310] mkdir("./file1", 0777 [pid 5075] close(3 [pid 5314] close(3 [pid 5313] ioctl(4, LOOP_SET_FD, 3 [pid 5314] <... close resumed>) = 0 [pid 5310] <... mkdir resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5314] symlink("/dev/binderfs", "./binderfs" [pid 5311] <... mount resumed>) = 0 [pid 5314] <... symlink resumed>) = 0 [pid 5311] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5075] <... clone resumed>, child_tidptr=0x555574eaa650) = 5315 [pid 5311] <... openat resumed>) = 3 [pid 5314] memfd_create("syzkaller", 0 [pid 5311] chdir("./file1" [pid 5314] <... memfd_create resumed>) = 3 [pid 5311] <... chdir resumed>) = 0 [pid 5314] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5311] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5314] <... mmap resumed>) = 0x7f7064400000 [pid 5311] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 5315 attached [pid 5314] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5311] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5310] mount("/dev/loop1", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5315] set_robust_list(0x555574eaa660, 24 [pid 5311] <... openat resumed>) = 4 [pid 5311] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5315] <... set_robust_list resumed>) = 0 [pid 5311] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5311] exit_group(0) = ? [pid 5315] chdir("./37" [pid 5311] +++ exited with 0 +++ [pid 5078] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5311, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5078] umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5315] <... chdir resumed>) = 0 [pid 5314] <... write resumed>) = 524288 [pid 5312] <... ioctl resumed>) = 0 [pid 5310] <... mount resumed>) = 0 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 135.339206][ T5149] R10: 0000778000072b48 R11: 0000000000000000 R12: 0000000000000000 [ 135.345232][ T5312] loop5: detected capacity change from 0 to 1024 [ 135.348408][ T5310] loop1: detected capacity change from 0 to 1024 [ 135.375763][ T5313] loop2: detected capacity change from 0 to 1024 [pid 5310] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5078] openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5315] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] newfstatat(3, "", [pid 5315] <... prctl resumed>) = 0 [pid 5315] setpgid(0, 0 [pid 5312] close(3 [pid 5078] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5315] <... setpgid resumed>) = 0 [pid 5312] <... close resumed>) = 0 [pid 5078] getdents64(3, [pid 5312] close(4) = 0 [pid 5312] mkdir("./file1", 0777 [pid 5078] <... getdents64 resumed>0x555574eab6f0 /* 4 entries */, 32768) = 112 [pid 5315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5313] <... ioctl resumed>) = 0 [pid 5312] <... mkdir resumed>) = 0 [pid 5313] close(3) = 0 [pid 5313] close(4) = 0 [pid 5315] <... openat resumed>) = 3 [pid 5313] mkdir("./file1", 0777 [pid 5312] mount("/dev/loop5", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5310] chdir("./file1" [pid 5313] <... mkdir resumed>) = 0 [pid 5310] <... chdir resumed>) = 0 [pid 5310] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5315] write(3, "1000", 4 [pid 5078] umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5315] <... write resumed>) = 4 [pid 5078] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5315] close(3 [pid 5078] newfstatat(AT_FDCWD, "./36/binderfs", [pid 5315] <... close resumed>) = 0 [pid 5315] symlink("/dev/binderfs", "./binderfs" [pid 5078] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5315] <... symlink resumed>) = 0 [pid 5313] mount("/dev/loop2", "./file1", "hfsplus", MS_SYNCHRONOUS|MS_MANDLOCK, "" [pid 5315] memfd_create("syzkaller", 0 [pid 5310] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5078] unlink("./36/binderfs" [pid 5314] munmap(0x7f7064400000, 138412032) = 0 [pid 5315] <... memfd_create resumed>) = 3 [pid 5310] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5078] <... unlink resumed>) = 0 [pid 5315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5313] <... mount resumed>) = 0 [pid 5312] <... mount resumed>) = 0 [pid 5310] <... openat resumed>) = 4 [pid 5078] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5313] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5312] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5315] <... mmap resumed>) = 0x7f7064400000 [pid 5313] <... openat resumed>) = 3 [pid 5312] <... openat resumed>) = 3 [pid 5310] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5312] chdir("./file1" [pid 5313] chdir("./file1" [pid 5312] <... chdir resumed>) = 0 [pid 5310] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5313] <... chdir resumed>) = 0 [pid 5312] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5310] exit_group(0 [pid 5078] <... umount2 resumed>) = 0 [ 135.437440][ T5149] R13: 0000000000000000 R14: ffffc900047c7e18 R15: ffff8880229e0800 [pid 5315] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5314] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5312] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5310] <... exit_group resumed>) = ? [pid 5078] umount2("./36/file1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5313] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5313] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5314] <... openat resumed>) = 4 [pid 5313] <... openat resumed>) = 4 [pid 5313] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5314] ioctl(4, LOOP_SET_FD, 3 [pid 5313] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5312] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5314] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5312] <... openat resumed>) = 4 [pid 5314] ioctl(4, LOOP_CLR_FD [pid 5313] exit_group(0 [pid 5312] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5314] <... ioctl resumed>) = 0 [pid 5313] <... exit_group resumed>) = ? [pid 5312] <... ioctl resumed>) = -1 ENXIO (No such device or address)