./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2179059388
<...>
forked to background, child pid 4651
[ 29.785837][ T4652] 8021q: adding VLAN 0 to HW filter on device bond0
[ 29.798176][ T4652] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: [ 30.261630][ T4743] sshd (4743) used greatest stack depth: 16320 bytes left
OK
syzkaller
Warning: Permanently added '10.128.0.232' (ECDSA) to the list of known hosts.
execve("./syz-executor2179059388", ["./syz-executor2179059388"], 0x7ffd49bde120 /* 10 vars */) = 0
brk(NULL) = 0x555555b66000
brk(0x555555b66c40) = 0x555555b66c40
arch_prctl(ARCH_SET_FS, 0x555555b66300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
set_tid_address(0x555555b665d0) = 5072
set_robust_list(0x555555b665e0, 24) = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f6f2ec8f5b0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f6f2ec8fc80}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f6f2ec8f650, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f6f2ec8fc80}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2179059388", 4096) = 28
brk(0x555555b87c40) = 0x555555b87c40
brk(0x555555b88000) = 0x555555b88000
mprotect(0x7f6f2ed70000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
getpid() = 5072
mkdir("./syzkaller.706qcI", 0700) = 0
chmod("./syzkaller.706qcI", 0777) = 0
chdir("./syzkaller.706qcI") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5073
./strace-static-x86_64: Process 5073 attached
[pid 5073] set_robust_list(0x555555b665e0, 24) = 0
[pid 5073] chdir("./0") = 0
[pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5073] setpgid(0, 0) = 0
[pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5073] write(3, "1000", 4) = 4
[pid 5073] close(3) = 0
[pid 5073] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5073] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5073] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5073] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5073] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5075], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5075
[pid 5073] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5073] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5075 attached
<unfinished ...>
[pid 5075] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5075] memfd_create("syzkaller", 0) = 3
[pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5075] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5075] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5075] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5075] close(3) = 0
[pid 5075] mkdir("./file0", 0777) = 0
syzkaller login: [ 55.488954][ T5075] loop0: detected capacity change from 0 to 4096
[ 55.499015][ T5075] =======================================================
[ 55.499015][ T5075] WARNING: The mand mount option has been deprecated and
[ 55.499015][ T5075] and is ignored by this kernel. Remove the mand
[ 55.499015][ T5075] option from the mount to silence this warning.
[ 55.499015][ T5075] =======================================================
[pid 5075] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5075] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5075] chdir("./file0") = 0
[pid 5075] ioctl(4, LOOP_CLR_FD) = 0
[pid 5075] close(4) = 0
[pid 5075] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5073] <... futex resumed>) = 0
[pid 5075] mkdir("./bus", 0777 <unfinished ...>
[pid 5073] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5073] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5073] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5073] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5073] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5076], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5076
[pid 5073] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5073] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5075] <... mkdir resumed>) = 0
[pid 5075] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5076 attached
[pid 5073] <... futex resumed>) = ?
[pid 5075] +++ killed by SIGSEGV +++
[pid 5076] +++ killed by SIGSEGV +++
[pid 5073] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5073, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./0/binderfs") = 0
[ 55.535721][ T5075] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5077
./strace-static-x86_64: Process 5077 attached
[pid 5077] set_robust_list(0x555555b665e0, 24) = 0
[pid 5077] chdir("./1") = 0
[pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5077] setpgid(0, 0) = 0
[pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5077] write(3, "1000", 4) = 4
[pid 5077] close(3) = 0
[pid 5077] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5077] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5077] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5077] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5077] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5078 attached
, parent_tid=[5078], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5078
[pid 5078] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5077] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5078] <... set_robust_list resumed>) = 0
[pid 5077] <... futex resumed>) = 0
[pid 5077] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5078] memfd_create("syzkaller", 0) = 3
[pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5078] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5078] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5078] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5078] close(3) = 0
[pid 5078] mkdir("./file0", 0777) = 0
[pid 5078] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5078] chdir("./file0") = 0
[pid 5078] ioctl(4, LOOP_CLR_FD) = 0
[pid 5078] close(4) = 0
[pid 5078] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5077] <... futex resumed>) = 0
[pid 5077] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5077] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5077] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5077] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5077] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5079], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5079
[pid 5077] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5077] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5078] <... futex resumed>) = 1
[pid 5078] mkdir("./bus", 0777./strace-static-x86_64: Process 5079 attached
<unfinished ...>
[pid 5079] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5079] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5079] chdir("./bus" <unfinished ...>
[pid 5078] <... mkdir resumed>) = 0
[pid 5078] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5079] <... chdir resumed>) = ?
[pid 5077] <... futex resumed>) = ?
[pid 5079] +++ killed by SIGSEGV +++
[pid 5078] +++ killed by SIGSEGV +++
[pid 5077] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5077, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 55.689059][ T5078] loop0: detected capacity change from 0 to 4096
[ 55.698998][ T5078] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
lstat("./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./1/binderfs") = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5080
./strace-static-x86_64: Process 5080 attached
[pid 5080] set_robust_list(0x555555b665e0, 24) = 0
[pid 5080] chdir("./2") = 0
[pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5080] setpgid(0, 0) = 0
[pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5080] write(3, "1000", 4) = 4
[pid 5080] close(3) = 0
[pid 5080] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5080] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5080] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5080] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5081 attached
<unfinished ...>
[pid 5081] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5081] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5080] <... clone resumed>, parent_tid=[5081], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5081
[pid 5080] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5081] <... futex resumed>) = 0
[pid 5080] <... futex resumed>) = 1
[pid 5080] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5081] memfd_create("syzkaller", 0) = 3
[pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5081] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5081] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5081] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5081] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5081] close(3) = 0
[pid 5081] mkdir("./file0", 0777) = 0
[pid 5081] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5081] chdir("./file0") = 0
[pid 5081] ioctl(4, LOOP_CLR_FD) = 0
[pid 5081] close(4) = 0
[pid 5081] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5080] <... futex resumed>) = 0
[pid 5080] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5080] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5080] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5080] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5082], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5082
[pid 5080] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5080] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5081] <... futex resumed>) = 1
[pid 5081] mkdir("./bus", 0777) = 0
[pid 5081] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5082 attached
[pid 5082] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5082] chdir("./bus") = 0
[pid 5082] chdir("./bus") = ?
[pid 5082] +++ killed by SIGSEGV +++
[pid 5080] <... futex resumed>) = ?
[pid 5081] +++ killed by SIGSEGV +++
[pid 5080] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5080, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 55.847114][ T5081] loop0: detected capacity change from 0 to 4096
[ 55.857283][ T5081] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./2/binderfs") = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5083
./strace-static-x86_64: Process 5083 attached
[pid 5083] set_robust_list(0x555555b665e0, 24) = 0
[pid 5083] chdir("./3") = 0
[pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5083] setpgid(0, 0) = 0
[pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5083] write(3, "1000", 4) = 4
[pid 5083] close(3) = 0
[pid 5083] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5083] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5083] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5083] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5083] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5084], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5084
[pid 5083] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5083] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5084 attached
<unfinished ...>
[pid 5084] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5084] memfd_create("syzkaller", 0) = 3
[pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5084] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5084] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5084] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5084] close(3) = 0
[pid 5084] mkdir("./file0", 0777) = 0
[pid 5084] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5084] chdir("./file0") = 0
[pid 5084] ioctl(4, LOOP_CLR_FD) = 0
[pid 5084] close(4) = 0
[pid 5084] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5084] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5083] <... futex resumed>) = 0
[pid 5083] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5083] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5083] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5083] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5083] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5085], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5085
[pid 5083] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[ 56.002742][ T5084] loop0: detected capacity change from 0 to 4096
[ 56.011726][ T5084] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5083] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5085 attached
<unfinished ...>
[pid 5085] set_robust_list(0x7f6f26a5d9e0, 24 <unfinished ...>
[pid 5084] <... futex resumed>) = 0
[pid 5085] <... set_robust_list resumed>) = 0
[pid 5084] mkdir("./bus", 0777 <unfinished ...>
[pid 5085] chdir("./bus" <unfinished ...>
[pid 5084] <... mkdir resumed>) = 0
[pid 5085] <... chdir resumed>) = 0
[pid 5085] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5085] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5085] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5085] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5085] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5085] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5085] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5085] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5085] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5085] chdir("./bus" <unfinished ...>
[pid 5084] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5085] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[pid 5083] <... futex resumed>) = ?
[pid 5085] +++ killed by SIGSEGV +++
[pid 5084] +++ killed by SIGSEGV +++
[pid 5083] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5083, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./3/binderfs") = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5086
./strace-static-x86_64: Process 5086 attached
[pid 5086] set_robust_list(0x555555b665e0, 24) = 0
[pid 5086] chdir("./4") = 0
[pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5086] setpgid(0, 0) = 0
[pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5086] write(3, "1000", 4) = 4
[pid 5086] close(3) = 0
[pid 5086] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5086] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5086] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5086] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5086] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5087 attached
, parent_tid=[5087], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5087
[pid 5087] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5087] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5086] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5087] <... futex resumed>) = 0
[pid 5086] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5087] memfd_create("syzkaller", 0) = 3
[pid 5087] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5087] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5087] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5087] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5087] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5087] close(3) = 0
[pid 5087] mkdir("./file0", 0777) = 0
[pid 5087] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5087] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5087] chdir("./file0") = 0
[pid 5087] ioctl(4, LOOP_CLR_FD) = 0
[pid 5087] close(4) = 0
[pid 5087] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5086] <... futex resumed>) = 0
[pid 5087] mkdir("./bus", 0777 <unfinished ...>
[pid 5086] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5086] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5086] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5086] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5086] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID <unfinished ...>
[pid 5087] <... mkdir resumed>) = 0
[pid 5086] <... clone resumed>, parent_tid=[5088], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5088
[pid 5086] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5087] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5086] <... futex resumed>) = 0
./strace-static-x86_64: Process 5088 attached
[pid 5088] +++ killed by SIGSEGV +++
[pid 5087] +++ killed by SIGSEGV +++
[pid 5086] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5086, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./4/binderfs") = 0
[ 56.176442][ T5087] loop0: detected capacity change from 0 to 4096
[ 56.185621][ T5087] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5089
./strace-static-x86_64: Process 5089 attached
[pid 5089] set_robust_list(0x555555b665e0, 24) = 0
[pid 5089] chdir("./5") = 0
[pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5089] setpgid(0, 0) = 0
[pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5089] write(3, "1000", 4) = 4
[pid 5089] close(3) = 0
[pid 5089] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5089] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5089] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5089] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5090 attached
<unfinished ...>
[pid 5090] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5089] <... clone resumed>, parent_tid=[5090], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5090
[pid 5090] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5089] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5090] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5089] <... futex resumed>) = 0
[pid 5089] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5090] memfd_create("syzkaller", 0) = 3
[pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5090] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5090] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5090] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5090] close(3) = 0
[pid 5090] mkdir("./file0", 0777) = 0
[pid 5090] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5090] chdir("./file0") = 0
[pid 5090] ioctl(4, LOOP_CLR_FD) = 0
[pid 5090] close(4) = 0
[pid 5090] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5089] <... futex resumed>) = 0
[pid 5089] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5089] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5089] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5089] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5091], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5091
[pid 5089] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5089] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5090] <... futex resumed>) = 1
[pid 5090] mkdir("./bus", 0777./strace-static-x86_64: Process 5091 attached
) = 0
[pid 5090] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5089] <... futex resumed>) = ?
[pid 5090] +++ killed by SIGSEGV +++
[pid 5091] +++ killed by SIGSEGV +++
[pid 5089] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5089, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
[ 56.313717][ T5090] loop0: detected capacity change from 0 to 4096
[ 56.323145][ T5090] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./5/binderfs") = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5092
./strace-static-x86_64: Process 5092 attached
[pid 5092] set_robust_list(0x555555b665e0, 24) = 0
[pid 5092] chdir("./6") = 0
[pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5092] setpgid(0, 0) = 0
[pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5092] write(3, "1000", 4) = 4
[pid 5092] close(3) = 0
[pid 5092] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5092] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5092] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5092] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5092] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5093 attached
, parent_tid=[5093], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5093
[pid 5092] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5093] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5092] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5093] <... set_robust_list resumed>) = 0
[pid 5093] memfd_create("syzkaller", 0) = 3
[pid 5093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5093] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5093] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5093] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5093] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5093] close(3) = 0
[pid 5093] mkdir("./file0", 0777) = 0
[pid 5093] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5093] chdir("./file0") = 0
[pid 5093] ioctl(4, LOOP_CLR_FD) = 0
[pid 5093] close(4) = 0
[pid 5093] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5092] <... futex resumed>) = 0
[pid 5092] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5092] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5092] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5092] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5092] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5094], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5094
[pid 5092] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5092] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5093] <... futex resumed>) = 1
[pid 5093] mkdir("./bus", 0777./strace-static-x86_64: Process 5094 attached
<unfinished ...>
[pid 5094] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5094] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5093] <... mkdir resumed>) = 0
[pid 5093] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5092] <... futex resumed>) = ?
[pid 5093] +++ killed by SIGSEGV +++
[pid 5094] +++ killed by SIGSEGV +++
[pid 5092] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5092, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
[ 56.466641][ T5093] loop0: detected capacity change from 0 to 4096
[ 56.477204][ T5093] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./6/binderfs") = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5095
./strace-static-x86_64: Process 5095 attached
[pid 5095] set_robust_list(0x555555b665e0, 24) = 0
[pid 5095] chdir("./7") = 0
[pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5095] setpgid(0, 0) = 0
[pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5095] write(3, "1000", 4) = 4
[pid 5095] close(3) = 0
[pid 5095] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5095] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5095] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5095] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5095] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5096], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5096
[pid 5095] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5095] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5096 attached
<unfinished ...>
[pid 5096] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5096] memfd_create("syzkaller", 0) = 3
[pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5096] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5096] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5096] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5096] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5096] close(3) = 0
[pid 5096] mkdir("./file0", 0777) = 0
[pid 5096] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5096] chdir("./file0") = 0
[pid 5096] ioctl(4, LOOP_CLR_FD) = 0
[pid 5096] close(4) = 0
[pid 5096] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5096] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5095] <... futex resumed>) = 0
[pid 5095] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5096] <... futex resumed>) = 0
[pid 5095] <... futex resumed>) = 1
[pid 5096] mkdir("./bus", 0777 <unfinished ...>
[pid 5095] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5096] <... mkdir resumed>) = 0
[pid 5095] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5096] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5095] <... mmap resumed>) = 0x7f6f26a3d000
[pid 5096] +++ killed by SIGSEGV +++
[pid 5095] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5095, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 56.617380][ T5096] loop0: detected capacity change from 0 to 4096
[ 56.627587][ T5096] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
unlink("./7/binderfs") = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5097
./strace-static-x86_64: Process 5097 attached
[pid 5097] set_robust_list(0x555555b665e0, 24) = 0
[pid 5097] chdir("./8") = 0
[pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5097] setpgid(0, 0) = 0
[pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5097] write(3, "1000", 4) = 4
[pid 5097] close(3) = 0
[pid 5097] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5097] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5097] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5097] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5097] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5098 attached
<unfinished ...>
[pid 5098] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5098] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5097] <... clone resumed>, parent_tid=[5098], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5098
[pid 5097] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5098] <... futex resumed>) = 0
[pid 5097] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5098] memfd_create("syzkaller", 0) = 3
[pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5098] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5098] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5098] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5098] close(3) = 0
[pid 5098] mkdir("./file0", 0777) = 0
[pid 5098] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5098] chdir("./file0") = 0
[pid 5098] ioctl(4, LOOP_CLR_FD) = 0
[pid 5098] close(4) = 0
[pid 5098] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5097] <... futex resumed>) = 0
[pid 5097] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5097] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5097] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5097] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5097] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5099], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5099
[pid 5097] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5097] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5098] <... futex resumed>) = 1
[pid 5098] mkdir("./bus", 0777) = 0
./strace-static-x86_64: Process 5099 attached
[pid 5098] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5097] <... futex resumed>) = ?
[pid 5098] +++ killed by SIGSEGV +++
[ 56.758464][ T5098] loop0: detected capacity change from 0 to 4096
[ 56.768087][ T5098] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5099] +++ killed by SIGSEGV +++
[pid 5097] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5097, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./8/binderfs") = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5100
./strace-static-x86_64: Process 5100 attached
[pid 5100] set_robust_list(0x555555b665e0, 24) = 0
[pid 5100] chdir("./9") = 0
[pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5100] setpgid(0, 0) = 0
[pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5100] write(3, "1000", 4) = 4
[pid 5100] close(3) = 0
[pid 5100] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5100] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5100] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5100] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5100] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5101 attached
<unfinished ...>
[pid 5101] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5101] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5100] <... clone resumed>, parent_tid=[5101], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5101
[pid 5100] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5101] <... futex resumed>) = 0
[pid 5100] <... futex resumed>) = 1
[pid 5100] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5101] memfd_create("syzkaller", 0) = 3
[pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5101] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5101] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5101] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5101] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5101] close(3) = 0
[pid 5101] mkdir("./file0", 0777) = 0
[pid 5101] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5101] chdir("./file0") = 0
[pid 5101] ioctl(4, LOOP_CLR_FD) = 0
[pid 5101] close(4) = 0
[pid 5101] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5100] <... futex resumed>) = 0
[pid 5100] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5100] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5100] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5100] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5100] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5102], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5102
[pid 5100] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5100] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5101] <... futex resumed>) = 1
[pid 5101] mkdir("./bus", 0777./strace-static-x86_64: Process 5102 attached
<unfinished ...>
[pid 5102] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5101] <... mkdir resumed>) = 0
[pid 5101] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5100] <... futex resumed>) = ?
[pid 5101] +++ killed by SIGSEGV +++
[pid 5102] +++ killed by SIGSEGV +++
[pid 5100] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5100, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 56.906532][ T5101] loop0: detected capacity change from 0 to 4096
[ 56.915940][ T5101] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./9/binderfs") = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./9/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./9") = 0
mkdir("./10", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5103 attached
<unfinished ...>
[pid 5103] set_robust_list(0x555555b665e0, 24) = 0
[pid 5103] chdir("./10") = 0
[pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5103] setpgid(0, 0) = 0
[pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid 5072] <... clone resumed>, child_tidptr=0x555555b665d0) = 5103
[pid 5103] <... openat resumed>) = 3
[pid 5103] write(3, "1000", 4) = 4
[pid 5103] close(3) = 0
[pid 5103] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5103] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5103] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5103] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5103] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5104], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5104
[pid 5103] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5103] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5104 attached
<unfinished ...>
[pid 5104] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5104] memfd_create("syzkaller", 0) = 3
[pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5104] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5104] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5104] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5104] close(3) = 0
[pid 5104] mkdir("./file0", 0777) = 0
[pid 5104] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5104] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5104] chdir("./file0") = 0
[pid 5104] ioctl(4, LOOP_CLR_FD) = 0
[pid 5104] close(4) = 0
[pid 5104] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5104] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5103] <... futex resumed>) = 0
[pid 5103] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5104] <... futex resumed>) = 0
[pid 5103] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5104] mkdir("./bus", 0777 <unfinished ...>
[pid 5103] <... futex resumed>) = 0
[pid 5103] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[ 57.045738][ T5104] loop0: detected capacity change from 0 to 4096
[ 57.056407][ T5104] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5103] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5103] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5105 attached
<unfinished ...>
[pid 5105] set_robust_list(0x7f6f26a5d9e0, 24 <unfinished ...>
[pid 5103] <... clone resumed>, parent_tid=[5105], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5105
[pid 5105] <... set_robust_list resumed>) = 0
[pid 5103] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5104] <... mkdir resumed>) = 0
[pid 5103] <... futex resumed>) = 0
[pid 5104] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5105] +++ killed by SIGSEGV +++
[pid 5104] +++ killed by SIGSEGV +++
[pid 5103] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5103, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./10/binderfs") = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./10/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./10") = 0
mkdir("./11", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5106
./strace-static-x86_64: Process 5106 attached
[pid 5106] set_robust_list(0x555555b665e0, 24) = 0
[pid 5106] chdir("./11") = 0
[pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5106] setpgid(0, 0) = 0
[pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5106] write(3, "1000", 4) = 4
[pid 5106] close(3) = 0
[pid 5106] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5106] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5106] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5106] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5106] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5107 attached
, parent_tid=[5107], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5107
[pid 5107] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5107] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5106] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5107] <... futex resumed>) = 0
[pid 5106] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5107] memfd_create("syzkaller", 0) = 3
[pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5107] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5107] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5107] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5107] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5107] close(3) = 0
[pid 5107] mkdir("./file0", 0777) = 0
[pid 5107] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5107] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5107] chdir("./file0") = 0
[pid 5107] ioctl(4, LOOP_CLR_FD) = 0
[pid 5107] close(4) = 0
[pid 5107] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5106] <... futex resumed>) = 0
[pid 5107] <... futex resumed>) = 1
[pid 5106] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5106] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5106] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5106] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5106] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5108 attached
<unfinished ...>
[pid 5107] mkdir("./bus", 0777 <unfinished ...>
[pid 5106] <... clone resumed>, parent_tid=[5108], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5108
[pid 5108] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5108] futex(0x7f6f2ed76798, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5106] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5108] <... futex resumed>) = 0
[pid 5106] <... futex resumed>) = 1
[pid 5108] chdir("./bus" <unfinished ...>
[pid 5106] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5108] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[ 57.208295][ T5107] loop0: detected capacity change from 0 to 4096
[ 57.218969][ T5107] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5108] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5108] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5107] <... mkdir resumed>) = 0
[pid 5108] chdir("./bus" <unfinished ...>
[pid 5107] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5108] <... chdir resumed>) = 0
[pid 5106] <... futex resumed>) = ?
[pid 5108] +++ killed by SIGSEGV +++
[pid 5107] +++ killed by SIGSEGV +++
[pid 5106] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5106, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./11/binderfs") = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./11/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./11") = 0
mkdir("./12", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5109
./strace-static-x86_64: Process 5109 attached
[pid 5109] set_robust_list(0x555555b665e0, 24) = 0
[pid 5109] chdir("./12") = 0
[pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5109] setpgid(0, 0) = 0
[pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5109] write(3, "1000", 4) = 4
[pid 5109] close(3) = 0
[pid 5109] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5109] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5109] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5109] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5110], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5110
[pid 5109] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5109] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5110 attached
<unfinished ...>
[pid 5110] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5110] memfd_create("syzkaller", 0) = 3
[pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5110] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5110] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5110] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5110] close(3) = 0
[pid 5110] mkdir("./file0", 0777) = 0
[pid 5110] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5110] chdir("./file0") = 0
[pid 5110] ioctl(4, LOOP_CLR_FD) = 0
[pid 5110] close(4) = 0
[pid 5110] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5109] <... futex resumed>) = 0
[pid 5110] mkdir("./bus", 0777 <unfinished ...>
[pid 5109] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5109] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5109] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5109] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5109] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5111], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5111
[pid 5109] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5109] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5111 attached
<unfinished ...>
[pid 5111] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5111] chdir("./bus" <unfinished ...>
[pid 5110] <... mkdir resumed>) = 0
[pid 5110] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5109] <... futex resumed>) = ?
[pid 5110] +++ killed by SIGSEGV +++
[pid 5111] <... chdir resumed>) = ?
[pid 5111] +++ killed by SIGSEGV +++
[pid 5109] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5109, si_uid=0, si_status=SIGSEGV, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./12/binderfs") = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
[ 57.352213][ T5110] loop0: detected capacity change from 0 to 4096
[ 57.362726][ T5110] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./12/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./12") = 0
mkdir("./13", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5112
./strace-static-x86_64: Process 5112 attached
[pid 5112] set_robust_list(0x555555b665e0, 24) = 0
[pid 5112] chdir("./13") = 0
[pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5112] setpgid(0, 0) = 0
[pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5112] write(3, "1000", 4) = 4
[pid 5112] close(3) = 0
[pid 5112] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5112] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5112] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5112] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5112] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5113], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5113
[pid 5112] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5112] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5113 attached
<unfinished ...>
[pid 5113] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5113] memfd_create("syzkaller", 0) = 3
[pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5113] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5113] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5113] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5113] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5113] close(3) = 0
[pid 5113] mkdir("./file0", 0777) = 0
[pid 5113] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5113] chdir("./file0") = 0
[pid 5113] ioctl(4, LOOP_CLR_FD) = 0
[pid 5113] close(4) = 0
[pid 5113] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5112] <... futex resumed>) = 0
[pid 5112] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5112] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5112] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5112] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5112] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5114], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5114
[pid 5112] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5112] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5113] <... futex resumed>) = 1
[pid 5113] mkdir("./bus", 0777) = 0
[pid 5113] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5112] <... futex resumed>) = ?
./strace-static-x86_64: Process 5114 attached
[pid 5114] +++ killed by SIGSEGV +++
[pid 5113] +++ killed by SIGSEGV +++
[pid 5112] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5112, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./13/binderfs") = 0
[ 57.479940][ T5113] loop0: detected capacity change from 0 to 4096
[ 57.499976][ T5113] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./13/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./13") = 0
mkdir("./14", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5115
./strace-static-x86_64: Process 5115 attached
[pid 5115] set_robust_list(0x555555b665e0, 24) = 0
[pid 5115] chdir("./14") = 0
[pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5115] setpgid(0, 0) = 0
[pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5115] write(3, "1000", 4) = 4
[pid 5115] close(3) = 0
[pid 5115] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5115] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5115] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5115] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5115] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5116], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5116
[pid 5115] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5115] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5116 attached
<unfinished ...>
[pid 5116] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5116] memfd_create("syzkaller", 0) = 3
[pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5116] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5116] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5116] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5116] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5116] close(3) = 0
[pid 5116] mkdir("./file0", 0777) = 0
[pid 5116] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5116] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5116] chdir("./file0") = 0
[pid 5116] ioctl(4, LOOP_CLR_FD) = 0
[pid 5116] close(4) = 0
[pid 5116] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5115] <... futex resumed>) = 0
[pid 5116] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5115] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5116] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5116] mkdir("./bus", 0777 <unfinished ...>
[pid 5115] <... futex resumed>) = 0
[pid 5115] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5115] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5115] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5115] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5117 attached
<unfinished ...>
[pid 5117] set_robust_list(0x7f6f26a5d9e0, 24 <unfinished ...>
[pid 5115] <... clone resumed>, parent_tid=[5117], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5117
[pid 5117] <... set_robust_list resumed>) = 0
[pid 5115] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5117] chdir("./bus" <unfinished ...>
[pid 5115] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5117] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[pid 5117] chdir("./bus") = 0
[pid 5117] chdir("./bus" <unfinished ...>
[pid 5116] <... mkdir resumed>) = 0
[pid 5116] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5115] <... futex resumed>) = ?
[pid 5116] +++ killed by SIGSEGV +++
[pid 5117] <... chdir resumed>) = ?
[pid 5117] +++ killed by SIGSEGV +++
[pid 5115] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5115, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 57.622318][ T5116] loop0: detected capacity change from 0 to 4096
[ 57.643079][ T5116] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
unlink("./14/binderfs") = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./14/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./14") = 0
mkdir("./15", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5118
./strace-static-x86_64: Process 5118 attached
[pid 5118] set_robust_list(0x555555b665e0, 24) = 0
[pid 5118] chdir("./15") = 0
[pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5118] setpgid(0, 0) = 0
[pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5118] write(3, "1000", 4) = 4
[pid 5118] close(3) = 0
[pid 5118] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5118] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5118] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5118] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5118] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5119 attached
<unfinished ...>
[pid 5119] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5119] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5118] <... clone resumed>, parent_tid=[5119], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5119
[pid 5118] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5119] <... futex resumed>) = 0
[pid 5118] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5119] memfd_create("syzkaller", 0) = 3
[pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5119] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5119] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5119] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5119] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5119] close(3) = 0
[pid 5119] mkdir("./file0", 0777) = 0
[pid 5119] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5119] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5119] chdir("./file0") = 0
[pid 5119] ioctl(4, LOOP_CLR_FD) = 0
[pid 5119] close(4) = 0
[pid 5119] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5118] <... futex resumed>) = 0
[pid 5118] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5118] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5118] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5118] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5118] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5120], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5120
[pid 5118] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5118] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5120 attached
<unfinished ...>
[pid 5119] <... futex resumed>) = 1
[pid 5120] set_robust_list(0x7f6f26a5d9e0, 24 <unfinished ...>
[pid 5119] mkdir("./bus", 0777) = 0
[pid 5119] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5118] <... futex resumed>) = ?
[pid 5120] <... set_robust_list resumed>) = ?
[pid 5120] +++ killed by SIGSEGV +++
[pid 5119] +++ killed by SIGSEGV +++
[pid 5118] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5118, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
[ 57.783296][ T5119] loop0: detected capacity change from 0 to 4096
[ 57.793826][ T5119] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./15/binderfs") = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./15/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./15") = 0
mkdir("./16", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5121
./strace-static-x86_64: Process 5121 attached
[pid 5121] set_robust_list(0x555555b665e0, 24) = 0
[pid 5121] chdir("./16") = 0
[pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5121] setpgid(0, 0) = 0
[pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5121] write(3, "1000", 4) = 4
[pid 5121] close(3) = 0
[pid 5121] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5121] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5121] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5121] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5121] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5122 attached
, parent_tid=[5122], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5122
[pid 5121] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5121] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5122] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5122] memfd_create("syzkaller", 0) = 3
[pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5122] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5122] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5122] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5122] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5122] close(3) = 0
[pid 5122] mkdir("./file0", 0777) = 0
[pid 5122] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5122] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5122] chdir("./file0") = 0
[pid 5122] ioctl(4, LOOP_CLR_FD) = 0
[pid 5122] close(4) = 0
[pid 5122] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5121] <... futex resumed>) = 0
[pid 5122] <... futex resumed>) = 1
[pid 5122] mkdir("./bus", 0777 <unfinished ...>
[pid 5121] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5121] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5121] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5121] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5121] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5123 attached
<unfinished ...>
[pid 5123] set_robust_list(0x7f6f26a5d9e0, 24 <unfinished ...>
[pid 5121] <... clone resumed>, parent_tid=[5123], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5123
[pid 5123] <... set_robust_list resumed>) = 0
[pid 5121] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5123] chdir("./bus" <unfinished ...>
[pid 5121] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5123] <... chdir resumed>) = 0
[pid 5122] <... mkdir resumed>) = 0
[pid 5123] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5123] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5123] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5123] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5123] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5122] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5123] chdir("./bus") = ?
[pid 5121] <... futex resumed>) = ?
[pid 5123] +++ killed by SIGSEGV +++
[ 57.915011][ T5122] loop0: detected capacity change from 0 to 4096
[ 57.925007][ T5122] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5122] +++ killed by SIGSEGV +++
[pid 5121] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5121, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./16/binderfs") = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./16/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./16") = 0
mkdir("./17", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5124
./strace-static-x86_64: Process 5124 attached
[pid 5124] set_robust_list(0x555555b665e0, 24) = 0
[pid 5124] chdir("./17") = 0
[pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5124] setpgid(0, 0) = 0
[pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5124] write(3, "1000", 4) = 4
[pid 5124] close(3) = 0
[pid 5124] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5124] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5124] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5124] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5125], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5125
./strace-static-x86_64: Process 5125 attached
[pid 5125] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5125] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5124] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5125] <... futex resumed>) = 0
[pid 5124] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5125] memfd_create("syzkaller", 0) = 3
[pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5125] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5125] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5125] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5125] close(3) = 0
[pid 5125] mkdir("./file0", 0777) = 0
[pid 5125] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5125] chdir("./file0") = 0
[pid 5125] ioctl(4, LOOP_CLR_FD) = 0
[pid 5125] close(4) = 0
[pid 5125] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5124] <... futex resumed>) = 0
[pid 5125] mkdir("./bus", 0777 <unfinished ...>
[pid 5124] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5125] <... mkdir resumed>) = 0
[pid 5124] <... futex resumed>) = 0
[pid 5124] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5124] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5125] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5124] <... mmap resumed>) = 0x7f6f26a3d000
[pid 5125] +++ killed by SIGSEGV +++
[pid 5124] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5124, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./17/binderfs") = 0
[ 58.069196][ T5125] loop0: detected capacity change from 0 to 4096
[ 58.078646][ T5125] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./17/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./17") = 0
mkdir("./18", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5126
./strace-static-x86_64: Process 5126 attached
[pid 5126] set_robust_list(0x555555b665e0, 24) = 0
[pid 5126] chdir("./18") = 0
[pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5126] setpgid(0, 0) = 0
[pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5126] write(3, "1000", 4) = 4
[pid 5126] close(3) = 0
[pid 5126] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5126] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5126] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5126] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5126] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5127 attached
, parent_tid=[5127], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5127
[pid 5127] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5127] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5126] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5127] <... futex resumed>) = 0
[pid 5126] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5127] memfd_create("syzkaller", 0) = 3
[pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5127] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5127] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5127] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5127] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5127] close(3) = 0
[pid 5127] mkdir("./file0", 0777) = 0
[pid 5127] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5127] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5127] chdir("./file0") = 0
[pid 5127] ioctl(4, LOOP_CLR_FD) = 0
[pid 5127] close(4) = 0
[pid 5127] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5126] <... futex resumed>) = 0
[pid 5127] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5126] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5127] mkdir("./bus", 0777 <unfinished ...>
[pid 5126] <... futex resumed>) = 0
[pid 5126] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5126] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5127] <... mkdir resumed>) = 0
[pid 5126] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid 5127] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5126] <... mprotect resumed>) = 0
[ 58.193648][ T5127] loop0: detected capacity change from 0 to 4096
[ 58.203219][ T5127] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5127] +++ killed by SIGSEGV +++
[pid 5126] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5126, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./18/binderfs") = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./18/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./18") = 0
mkdir("./19", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5128
./strace-static-x86_64: Process 5128 attached
[pid 5128] set_robust_list(0x555555b665e0, 24) = 0
[pid 5128] chdir("./19") = 0
[pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5128] setpgid(0, 0) = 0
[pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5128] write(3, "1000", 4) = 4
[pid 5128] close(3) = 0
[pid 5128] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5128] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5128] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5128] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5128] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5129 attached
, parent_tid=[5129], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5129
[pid 5129] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5128] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5128] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5129] memfd_create("syzkaller", 0) = 3
[pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5129] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5129] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5129] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5129] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5129] close(3) = 0
[pid 5129] mkdir("./file0", 0777) = 0
[pid 5129] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5129] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5129] chdir("./file0") = 0
[pid 5129] ioctl(4, LOOP_CLR_FD) = 0
[pid 5129] close(4) = 0
[pid 5129] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5128] <... futex resumed>) = 0
[pid 5128] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5128] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5129] <... futex resumed>) = 1
[pid 5128] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5129] mkdir("./bus", 0777 <unfinished ...>
[pid 5128] <... mmap resumed>) = 0x7f6f26a3d000
[pid 5128] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5128] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID <unfinished ...>
[pid 5129] <... mkdir resumed>) = 0
[pid 5128] <... clone resumed>, parent_tid=[5130], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5130
[pid 5129] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5128] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = ?
./strace-static-x86_64: Process 5130 attached
[pid 5129] +++ killed by SIGSEGV +++
[pid 5130] +++ killed by SIGSEGV +++
[pid 5128] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5128, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./19/binderfs") = 0
[ 58.331257][ T5129] loop0: detected capacity change from 0 to 4096
[ 58.340963][ T5129] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./19/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./19") = 0
mkdir("./20", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5131
./strace-static-x86_64: Process 5131 attached
[pid 5131] set_robust_list(0x555555b665e0, 24) = 0
[pid 5131] chdir("./20") = 0
[pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5131] setpgid(0, 0) = 0
[pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5131] write(3, "1000", 4) = 4
[pid 5131] close(3) = 0
[pid 5131] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5131] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5131] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5131] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5131] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5132], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5132
./strace-static-x86_64: Process 5132 attached
[pid 5132] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5132] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5131] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5132] <... futex resumed>) = 0
[pid 5131] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5132] memfd_create("syzkaller", 0) = 3
[pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5132] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5132] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5132] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5132] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5132] close(3) = 0
[pid 5132] mkdir("./file0", 0777) = 0
[pid 5132] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5132] chdir("./file0") = 0
[pid 5132] ioctl(4, LOOP_CLR_FD) = 0
[pid 5132] close(4) = 0
[pid 5132] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5131] <... futex resumed>) = 0
[pid 5131] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5131] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5131] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5131] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5131] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5133], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5133
[pid 5131] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5131] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5132] <... futex resumed>) = 1
[pid 5132] mkdir("./bus", 0777) = 0
[pid 5132] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5131] <... futex resumed>) = ?
[pid 5132] +++ killed by SIGSEGV +++
./strace-static-x86_64: Process 5133 attached
[pid 5133] +++ killed by SIGSEGV +++
[pid 5131] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5131, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 58.458004][ T5132] loop0: detected capacity change from 0 to 4096
[ 58.468175][ T5132] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./20/binderfs") = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./20/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./20") = 0
mkdir("./21", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5134
./strace-static-x86_64: Process 5134 attached
[pid 5134] set_robust_list(0x555555b665e0, 24) = 0
[pid 5134] chdir("./21") = 0
[pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5134] setpgid(0, 0) = 0
[pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5134] write(3, "1000", 4) = 4
[pid 5134] close(3) = 0
[pid 5134] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5134] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5134] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5134] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5134] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5135], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5135
[pid 5134] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5134] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5135 attached
<unfinished ...>
[pid 5135] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5135] memfd_create("syzkaller", 0) = 3
[pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5135] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5135] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5135] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5135] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5135] close(3) = 0
[pid 5135] mkdir("./file0", 0777) = 0
[pid 5135] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5135] chdir("./file0") = 0
[pid 5135] ioctl(4, LOOP_CLR_FD) = 0
[pid 5135] close(4) = 0
[pid 5135] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5134] <... futex resumed>) = 0
[pid 5134] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5134] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5134] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5134] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5134] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5136], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5136
[pid 5134] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5134] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5135] <... futex resumed>) = 1
[pid 5135] mkdir("./bus", 0777./strace-static-x86_64: Process 5136 attached
<unfinished ...>
[pid 5136] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5136] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5136] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5136] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5136] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5136] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5136] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5136] chdir("./bus" <unfinished ...>
[pid 5135] <... mkdir resumed>) = 0
[pid 5136] <... chdir resumed>) = 0
[pid 5135] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5136] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5136] chdir("./bus") = ?
[pid 5134] <... futex resumed>) = ?
[pid 5135] +++ killed by SIGSEGV +++
[pid 5136] +++ killed by SIGSEGV +++
[pid 5134] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5134, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
[ 58.661227][ T5135] loop0: detected capacity change from 0 to 4096
[ 58.670907][ T5135] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./21/binderfs") = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./21/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./21") = 0
mkdir("./22", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5137 attached
, child_tidptr=0x555555b665d0) = 5137
[pid 5137] set_robust_list(0x555555b665e0, 24) = 0
[pid 5137] chdir("./22") = 0
[pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5137] setpgid(0, 0) = 0
[pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5137] write(3, "1000", 4) = 4
[pid 5137] close(3) = 0
[pid 5137] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5137] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5137] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5137] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5137] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5138], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5138
[pid 5137] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5137] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5138 attached
<unfinished ...>
[pid 5138] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5138] memfd_create("syzkaller", 0) = 3
[pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5138] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5138] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5138] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5138] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5138] close(3) = 0
[pid 5138] mkdir("./file0", 0777) = 0
[pid 5138] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5138] chdir("./file0") = 0
[pid 5138] ioctl(4, LOOP_CLR_FD) = 0
[pid 5138] close(4) = 0
[pid 5138] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5137] <... futex resumed>) = 0
[pid 5137] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5137] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5137] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5137] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5137] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5139], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5139
[pid 5137] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5137] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5138] <... futex resumed>) = 1
[pid 5138] mkdir("./bus", 0777./strace-static-x86_64: Process 5139 attached
<unfinished ...>
[pid 5139] set_robust_list(0x7f6f26a5d9e0, 24 <unfinished ...>
[pid 5138] <... mkdir resumed>) = 0
[pid 5138] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5137] <... futex resumed>) = ?
[pid 5138] +++ killed by SIGSEGV +++
[pid 5139] <... set_robust_list resumed>) = ?
[pid 5139] +++ killed by SIGSEGV +++
[pid 5137] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5137, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./22/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 58.790480][ T5138] loop0: detected capacity change from 0 to 4096
[ 58.799952][ T5138] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
unlink("./22/binderfs") = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./22/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./22/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./22") = 0
mkdir("./23", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5140
./strace-static-x86_64: Process 5140 attached
[pid 5140] set_robust_list(0x555555b665e0, 24) = 0
[pid 5140] chdir("./23") = 0
[pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5140] setpgid(0, 0) = 0
[pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5140] write(3, "1000", 4) = 4
[pid 5140] close(3) = 0
[pid 5140] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5140] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5140] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5140] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5141 attached
, parent_tid=[5141], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5141
[pid 5141] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5140] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5140] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5141] <... set_robust_list resumed>) = 0
[pid 5141] memfd_create("syzkaller", 0) = 3
[pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5141] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5141] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5141] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5141] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5141] close(3) = 0
[pid 5141] mkdir("./file0", 0777) = 0
[pid 5141] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5141] chdir("./file0") = 0
[pid 5141] ioctl(4, LOOP_CLR_FD) = 0
[pid 5141] close(4) = 0
[pid 5141] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5140] <... futex resumed>) = 0
[pid 5141] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5140] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5140] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5141] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5140] <... futex resumed>) = 0
[pid 5141] mkdir("./bus", 0777 <unfinished ...>
[pid 5140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5140] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5141] <... mkdir resumed>) = 0
[pid 5140] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID <unfinished ...>
[pid 5141] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5142 attached
[ 58.917975][ T5141] loop0: detected capacity change from 0 to 4096
[ 58.928602][ T5141] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5140] <... clone resumed> <unfinished ...>) = ?
[pid 5142] +++ killed by SIGSEGV +++
[pid 5141] +++ killed by SIGSEGV +++
[pid 5140] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5140, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./23", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./23/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./23/binderfs") = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./23/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./23/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./23") = 0
mkdir("./24", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5143
./strace-static-x86_64: Process 5143 attached
[pid 5143] set_robust_list(0x555555b665e0, 24) = 0
[pid 5143] chdir("./24") = 0
[pid 5143] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5143] setpgid(0, 0) = 0
[pid 5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5143] write(3, "1000", 4) = 4
[pid 5143] close(3) = 0
[pid 5143] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5143] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5143] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5143] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5143] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5144 attached
, parent_tid=[5144], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5144
[pid 5143] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5144] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5143] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5144] <... set_robust_list resumed>) = 0
[pid 5144] memfd_create("syzkaller", 0) = 3
[pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5144] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5144] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5144] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5144] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5144] close(3) = 0
[pid 5144] mkdir("./file0", 0777) = 0
[pid 5144] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5144] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5144] chdir("./file0") = 0
[pid 5144] ioctl(4, LOOP_CLR_FD) = 0
[pid 5144] close(4) = 0
[pid 5144] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5143] <... futex resumed>) = 0
[pid 5143] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5144] mkdir("./bus", 0777 <unfinished ...>
[pid 5143] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5144] <... mkdir resumed>) = 0
[pid 5144] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[ 59.062850][ T5144] loop0: detected capacity change from 0 to 4096
[ 59.072277][ T5144] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5144] +++ killed by SIGSEGV +++
[pid 5143] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5143, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./24", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./24/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./24/binderfs") = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./24/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./24/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./24") = 0
mkdir("./25", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5145 attached
<unfinished ...>
[pid 5145] set_robust_list(0x555555b665e0, 24 <unfinished ...>
[pid 5072] <... clone resumed>, child_tidptr=0x555555b665d0) = 5145
[pid 5145] <... set_robust_list resumed>) = 0
[pid 5145] chdir("./25") = 0
[pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5145] setpgid(0, 0) = 0
[pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5145] write(3, "1000", 4) = 4
[pid 5145] close(3) = 0
[pid 5145] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5145] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5145] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5145] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5145] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5146 attached
, parent_tid=[5146], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5146
[pid 5146] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5145] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5146] <... set_robust_list resumed>) = 0
[pid 5145] <... futex resumed>) = 0
[pid 5145] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5146] memfd_create("syzkaller", 0) = 3
[pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5146] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5146] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5146] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5146] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5146] close(3) = 0
[pid 5146] mkdir("./file0", 0777) = 0
[pid 5146] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5146] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5146] chdir("./file0") = 0
[pid 5146] ioctl(4, LOOP_CLR_FD) = 0
[pid 5146] close(4) = 0
[pid 5146] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5146] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5145] <... futex resumed>) = 0
[pid 5145] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5146] <... futex resumed>) = 0
[pid 5145] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5146] mkdir("./bus", 0777 <unfinished ...>
[pid 5145] <... futex resumed>) = 0
[pid 5145] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5145] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5146] <... mkdir resumed>) = 0
[pid 5145] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID <unfinished ...>
[pid 5146] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5145] <... clone resumed> <unfinished ...>) = ?
[pid 5146] +++ killed by SIGSEGV +++
[pid 5145] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5145, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./25", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./25/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./25/binderfs") = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 59.198361][ T5146] loop0: detected capacity change from 0 to 4096
[ 59.209123][ T5146] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
lstat("./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./25/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./25/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./25") = 0
mkdir("./26", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5147
./strace-static-x86_64: Process 5147 attached
[pid 5147] set_robust_list(0x555555b665e0, 24) = 0
[pid 5147] chdir("./26") = 0
[pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5147] setpgid(0, 0) = 0
[pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5147] write(3, "1000", 4) = 4
[pid 5147] close(3) = 0
[pid 5147] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5147] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5147] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5147] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5147] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5148], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5148
[pid 5147] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5147] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5148 attached
<unfinished ...>
[pid 5148] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5148] memfd_create("syzkaller", 0) = 3
[pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5148] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5148] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5148] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5148] close(3) = 0
[pid 5148] mkdir("./file0", 0777) = 0
[pid 5148] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5148] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5148] chdir("./file0") = 0
[pid 5148] ioctl(4, LOOP_CLR_FD) = 0
[pid 5148] close(4) = 0
[pid 5148] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5147] <... futex resumed>) = 0
[pid 5147] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5147] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5147] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5147] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5147] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5149], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5149
[pid 5147] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5147] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5148] <... futex resumed>) = 1
[pid 5148] mkdir("./bus", 0777) = 0
[pid 5148] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5147] <... futex resumed>) = ?
./strace-static-x86_64: Process 5149 attached
[pid 5149] +++ killed by SIGSEGV +++
[pid 5148] +++ killed by SIGSEGV +++
[pid 5147] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5147, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./26", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./26/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 59.337351][ T5148] loop0: detected capacity change from 0 to 4096
[ 59.347634][ T5148] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
lstat("./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./26/binderfs") = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./26/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./26/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./26") = 0
mkdir("./27", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5150
./strace-static-x86_64: Process 5150 attached
[pid 5150] set_robust_list(0x555555b665e0, 24) = 0
[pid 5150] chdir("./27") = 0
[pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5150] setpgid(0, 0) = 0
[pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5150] write(3, "1000", 4) = 4
[pid 5150] close(3) = 0
[pid 5150] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5150] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5150] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5150] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5150] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5151], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5151
./strace-static-x86_64: Process 5151 attached
[pid 5150] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5150] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5151] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5151] memfd_create("syzkaller", 0) = 3
[pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5151] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5151] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5151] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5151] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5151] close(3) = 0
[pid 5151] mkdir("./file0", 0777) = 0
[pid 5151] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5151] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5151] chdir("./file0") = 0
[pid 5151] ioctl(4, LOOP_CLR_FD) = 0
[pid 5151] close(4) = 0
[pid 5151] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5150] <... futex resumed>) = 0
[pid 5150] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5150] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5150] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5151] mkdir("./bus", 0777 <unfinished ...>
[pid 5150] <... mmap resumed>) = 0x7f6f26a3d000
[pid 5150] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5150] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5152], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5152
[pid 5150] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5150] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5151] <... mkdir resumed>) = 0
[pid 5151] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5152 attached
[pid 5150] <... futex resumed>) = ?
[pid 5152] +++ killed by SIGSEGV +++
[ 59.481492][ T5151] loop0: detected capacity change from 0 to 4096
[ 59.491692][ T5151] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5151] +++ killed by SIGSEGV +++
[pid 5150] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5150, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./27", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./27/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./27/binderfs") = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./27/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./27/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./27") = 0
mkdir("./28", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5153
./strace-static-x86_64: Process 5153 attached
[pid 5153] set_robust_list(0x555555b665e0, 24) = 0
[pid 5153] chdir("./28") = 0
[pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5153] setpgid(0, 0) = 0
[pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5153] write(3, "1000", 4) = 4
[pid 5153] close(3) = 0
[pid 5153] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5153] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5153] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5153] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5153] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5154], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5154
[pid 5153] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5153] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5154 attached
<unfinished ...>
[pid 5154] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5154] memfd_create("syzkaller", 0) = 3
[pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5154] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5154] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5154] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5154] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5154] close(3) = 0
[pid 5154] mkdir("./file0", 0777) = 0
[pid 5154] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5154] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5154] chdir("./file0") = 0
[pid 5154] ioctl(4, LOOP_CLR_FD) = 0
[pid 5154] close(4) = 0
[pid 5154] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5154] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5153] <... futex resumed>) = 0
[pid 5153] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5153] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5153] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5153] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5153] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5155], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5155
[pid 5153] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5153] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5154] <... futex resumed>) = 0
[pid 5154] mkdir("./bus", 0777) = 0
[pid 5154] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5153] <... futex resumed>) = ?
[pid 5154] +++ killed by SIGSEGV +++
./strace-static-x86_64: Process 5155 attached
[pid 5155] +++ killed by SIGSEGV +++
[pid 5153] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5153, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./28", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 59.619791][ T5154] loop0: detected capacity change from 0 to 4096
[ 59.629504][ T5154] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./28/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./28/binderfs") = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./28/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./28/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./28") = 0
mkdir("./29", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5156
./strace-static-x86_64: Process 5156 attached
[pid 5156] set_robust_list(0x555555b665e0, 24) = 0
[pid 5156] chdir("./29") = 0
[pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5156] setpgid(0, 0) = 0
[pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5156] write(3, "1000", 4) = 4
[pid 5156] close(3) = 0
[pid 5156] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5156] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5156] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5156] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5156] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5157 attached
, parent_tid=[5157], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5157
[pid 5157] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5157] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5156] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5157] <... futex resumed>) = 0
[pid 5156] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5157] memfd_create("syzkaller", 0) = 3
[pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5157] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5157] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5157] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5157] close(3) = 0
[pid 5157] mkdir("./file0", 0777) = 0
[pid 5157] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5157] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5157] chdir("./file0") = 0
[pid 5157] ioctl(4, LOOP_CLR_FD) = 0
[pid 5157] close(4) = 0
[pid 5157] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5157] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5156] <... futex resumed>) = 0
[pid 5156] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5156] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5157] <... futex resumed>) = 0
[pid 5157] mkdir("./bus", 0777 <unfinished ...>
[pid 5156] <... futex resumed>) = 0
[pid 5156] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5156] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5156] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5158 attached
, parent_tid=[5158], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5158
[pid 5156] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5157] <... mkdir resumed>) = 0
[pid 5156] <... futex resumed>) = 0
[pid 5157] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5156] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = ?
[pid 5157] +++ killed by SIGSEGV +++
[ 59.769646][ T5157] loop0: detected capacity change from 0 to 4096
[ 59.779922][ T5157] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5158] +++ killed by SIGSEGV +++
[pid 5156] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5156, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./29", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./29/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./29/binderfs") = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./29/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./29/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./29") = 0
mkdir("./30", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5159
./strace-static-x86_64: Process 5159 attached
[pid 5159] set_robust_list(0x555555b665e0, 24) = 0
[pid 5159] chdir("./30") = 0
[pid 5159] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5159] setpgid(0, 0) = 0
[pid 5159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5159] write(3, "1000", 4) = 4
[pid 5159] close(3) = 0
[pid 5159] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5159] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5159] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5159] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5159] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5160 attached
, parent_tid=[5160], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5160
[pid 5160] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5159] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5159] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5160] memfd_create("syzkaller", 0) = 3
[pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5160] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5160] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5160] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5160] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5160] close(3) = 0
[pid 5160] mkdir("./file0", 0777) = 0
[pid 5160] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5160] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5160] chdir("./file0") = 0
[pid 5160] ioctl(4, LOOP_CLR_FD) = 0
[pid 5160] close(4) = 0
[pid 5160] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5159] <... futex resumed>) = 0
[pid 5160] <... futex resumed>) = 1
[pid 5160] mkdir("./bus", 0777 <unfinished ...>
[pid 5159] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5159] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5159] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5159] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5159] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5161], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5161
./strace-static-x86_64: Process 5161 attached
[pid 5161] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5161] futex(0x7f6f2ed76798, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5159] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5161] <... futex resumed>) = 0
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[ 59.926551][ T5160] loop0: detected capacity change from 0 to 4096
[ 59.937056][ T5160] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5159] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5161] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5159] <... futex resumed>) = 0
[pid 5161] futex(0x7f6f2ed76798, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5160] <... mkdir resumed>) = 0
[pid 5160] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5161] <... futex resumed>) = ?
[pid 5161] +++ killed by SIGSEGV +++
[pid 5160] +++ killed by SIGSEGV +++
[pid 5159] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5159, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./30", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./30/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./30/binderfs") = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./30/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./30/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./30") = 0
mkdir("./31", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5162
./strace-static-x86_64: Process 5162 attached
[pid 5162] set_robust_list(0x555555b665e0, 24) = 0
[pid 5162] chdir("./31") = 0
[pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5162] setpgid(0, 0) = 0
[pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5162] write(3, "1000", 4) = 4
[pid 5162] close(3) = 0
[pid 5162] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5162] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5162] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5162] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5162] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5163], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5163
[pid 5162] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5162] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5163 attached
<unfinished ...>
[pid 5163] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5163] memfd_create("syzkaller", 0) = 3
[pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5163] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5163] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5163] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5163] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5163] close(3) = 0
[pid 5163] mkdir("./file0", 0777) = 0
[pid 5163] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5163] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5163] chdir("./file0") = 0
[pid 5163] ioctl(4, LOOP_CLR_FD) = 0
[pid 5163] close(4) = 0
[pid 5163] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5162] <... futex resumed>) = 0
[pid 5163] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5162] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5163] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5162] <... futex resumed>) = 0
[pid 5163] mkdir("./bus", 0777 <unfinished ...>
[pid 5162] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5162] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5163] <... mkdir resumed>) = 0
[pid 5162] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid 5163] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5162] <... mprotect resumed>) = 0
[pid 5162] read(648273920, <unfinished ...>
[pid 5163] +++ killed by SIGSEGV +++
[pid 5162] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5162, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=1 /* 0.01 s */} ---
umount2("./31", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[ 60.079381][ T5163] loop0: detected capacity change from 0 to 4096
[ 60.089485][ T5163] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./31/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./31/binderfs") = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./31/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./31/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./31") = 0
mkdir("./32", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5164
./strace-static-x86_64: Process 5164 attached
[pid 5164] set_robust_list(0x555555b665e0, 24) = 0
[pid 5164] chdir("./32") = 0
[pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5164] setpgid(0, 0) = 0
[pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5164] write(3, "1000", 4) = 4
[pid 5164] close(3) = 0
[pid 5164] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5164] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5164] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5164] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5164] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5165 attached
, parent_tid=[5165], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5165
[pid 5165] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5164] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5165] <... set_robust_list resumed>) = 0
[pid 5164] <... futex resumed>) = 0
[pid 5164] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5165] memfd_create("syzkaller", 0) = 3
[pid 5165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5165] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5165] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5165] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5165] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5165] close(3) = 0
[pid 5165] mkdir("./file0", 0777) = 0
[pid 5165] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5165] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5165] chdir("./file0") = 0
[pid 5165] ioctl(4, LOOP_CLR_FD) = 0
[pid 5165] close(4) = 0
[pid 5165] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5165] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5164] <... futex resumed>) = 0
[pid 5164] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5165] <... futex resumed>) = 0
[pid 5165] mkdir("./bus", 0777 <unfinished ...>
[pid 5164] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5164] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5164] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5164] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID <unfinished ...>
[pid 5165] <... mkdir resumed>) = 0
[pid 5165] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5164] <... clone resumed> <unfinished ...>) = ?
./strace-static-x86_64: Process 5166 attached
[pid 5165] +++ killed by SIGSEGV +++
[pid 5166] +++ killed by SIGSEGV +++
[pid 5164] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5164, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
[ 60.205281][ T5165] loop0: detected capacity change from 0 to 4096
[ 60.215471][ T5165] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./32", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./32/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./32/binderfs") = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./32/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./32/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./32") = 0
mkdir("./33", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5167
./strace-static-x86_64: Process 5167 attached
[pid 5167] set_robust_list(0x555555b665e0, 24) = 0
[pid 5167] chdir("./33") = 0
[pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5167] setpgid(0, 0) = 0
[pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5167] write(3, "1000", 4) = 4
[pid 5167] close(3) = 0
[pid 5167] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5167] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5167] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5167] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5167] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5168 attached
, parent_tid=[5168], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5168
[pid 5168] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5167] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5167] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5168] memfd_create("syzkaller", 0) = 3
[pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5168] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5168] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5168] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5168] close(3) = 0
[pid 5168] mkdir("./file0", 0777) = 0
[pid 5168] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5168] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5168] chdir("./file0") = 0
[pid 5168] ioctl(4, LOOP_CLR_FD) = 0
[pid 5168] close(4) = 0
[pid 5168] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5167] <... futex resumed>) = 0
[pid 5167] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5167] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5167] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5167] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5167] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5169], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5169
[pid 5167] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5167] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5168] <... futex resumed>) = 1
[pid 5168] mkdir("./bus", 0777) = 0
[pid 5168] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5167] <... futex resumed>) = ?
[pid 5168] +++ killed by SIGSEGV +++
./strace-static-x86_64: Process 5169 attached
[pid 5169] +++ killed by SIGSEGV +++
[pid 5167] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5167, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./33", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./33/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 60.354150][ T5168] loop0: detected capacity change from 0 to 4096
[ 60.363731][ T5168] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
unlink("./33/binderfs") = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./33/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./33/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./33") = 0
mkdir("./34", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5170
./strace-static-x86_64: Process 5170 attached
[pid 5170] set_robust_list(0x555555b665e0, 24) = 0
[pid 5170] chdir("./34") = 0
[pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5170] setpgid(0, 0) = 0
[pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5170] write(3, "1000", 4) = 4
[pid 5170] close(3) = 0
[pid 5170] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5170] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5170] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5170] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5170] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5171], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5171
./strace-static-x86_64: Process 5171 attached
[pid 5171] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5171] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5170] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5171] <... futex resumed>) = 0
[pid 5170] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5171] memfd_create("syzkaller", 0) = 3
[pid 5171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5171] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5171] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5171] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5171] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5171] close(3) = 0
[pid 5171] mkdir("./file0", 0777) = 0
[pid 5171] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5171] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5171] chdir("./file0") = 0
[pid 5171] ioctl(4, LOOP_CLR_FD) = 0
[pid 5171] close(4) = 0
[pid 5171] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5170] <... futex resumed>) = 0
[pid 5170] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5170] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5170] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5170] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid 5171] <... futex resumed>) = 1
[pid 5170] <... mprotect resumed>) = 0
[pid 5171] mkdir("./bus", 0777 <unfinished ...>
[pid 5170] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5172 attached
<unfinished ...>
[pid 5172] set_robust_list(0x7f6f26a5d9e0, 24 <unfinished ...>
[pid 5171] <... mkdir resumed>) = 0
[pid 5170] <... clone resumed>, parent_tid=[5172], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5172
[pid 5170] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5170] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5172] <... set_robust_list resumed>) = 0
[pid 5171] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5170] <... futex resumed>) = ?
[pid 5172] +++ killed by SIGSEGV +++
[pid 5171] +++ killed by SIGSEGV +++
[pid 5170] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5170, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./34", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./34/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./34/binderfs") = 0
[ 60.512031][ T5171] loop0: detected capacity change from 0 to 4096
[ 60.521449][ T5171] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./34/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./34/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./34") = 0
mkdir("./35", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5173
./strace-static-x86_64: Process 5173 attached
[pid 5173] set_robust_list(0x555555b665e0, 24) = 0
[pid 5173] chdir("./35") = 0
[pid 5173] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5173] setpgid(0, 0) = 0
[pid 5173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5173] write(3, "1000", 4) = 4
[pid 5173] close(3) = 0
[pid 5173] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5173] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5173] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5173] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5173] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5174 attached
, parent_tid=[5174], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5174
[pid 5173] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5174] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5173] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5174] <... set_robust_list resumed>) = 0
[pid 5174] memfd_create("syzkaller", 0) = 3
[pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5174] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5174] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5174] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5174] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5174] close(3) = 0
[pid 5174] mkdir("./file0", 0777) = 0
[pid 5174] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5174] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5174] chdir("./file0") = 0
[pid 5174] ioctl(4, LOOP_CLR_FD) = 0
[pid 5174] close(4) = 0
[pid 5174] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5173] <... futex resumed>) = 0
[pid 5173] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5173] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5173] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5173] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5173] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5175], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5175
[pid 5173] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5173] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5174] <... futex resumed>) = 1
[pid 5174] mkdir("./bus", 0777./strace-static-x86_64: Process 5175 attached
<unfinished ...>
[pid 5175] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5175] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5175] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5175] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5175] chdir("./bus") = 0
[pid 5174] <... mkdir resumed>) = 0
[pid 5175] chdir("./bus" <unfinished ...>
[pid 5174] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5175] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[pid 5175] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5175] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5173] <... futex resumed>) = ?
[pid 5175] +++ killed by SIGSEGV +++
[pid 5174] +++ killed by SIGSEGV +++
[pid 5173] +++ killed by SIGSEGV +++
[ 60.653032][ T5174] loop0: detected capacity change from 0 to 4096
[ 60.662349][ T5174] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5173, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./35", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./35/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./35/binderfs") = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./35/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./35/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./35") = 0
mkdir("./36", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5176 attached
, child_tidptr=0x555555b665d0) = 5176
[pid 5176] set_robust_list(0x555555b665e0, 24) = 0
[pid 5176] chdir("./36") = 0
[pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5176] setpgid(0, 0) = 0
[pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5176] write(3, "1000", 4) = 4
[pid 5176] close(3) = 0
[pid 5176] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5176] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5176] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5176] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5176] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5177], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5177
./strace-static-x86_64: Process 5177 attached
[pid 5177] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5177] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5176] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5177] <... futex resumed>) = 0
[pid 5176] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5177] memfd_create("syzkaller", 0) = 3
[pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5177] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5177] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5177] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5177] close(3) = 0
[pid 5177] mkdir("./file0", 0777) = 0
[pid 5177] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5177] chdir("./file0") = 0
[pid 5177] ioctl(4, LOOP_CLR_FD) = 0
[pid 5177] close(4) = 0
[pid 5177] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5176] <... futex resumed>) = 0
[pid 5176] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5176] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5176] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5176] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5176] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5178 attached
<unfinished ...>
[pid 5178] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5178] futex(0x7f6f2ed76798, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5176] <... clone resumed>, parent_tid=[5178], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5178
[pid 5176] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5178] <... futex resumed>) = 0
[pid 5176] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5178] chdir("./bus" <unfinished ...>
[pid 5177] mkdir("./bus", 0777 <unfinished ...>
[pid 5178] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[ 60.810730][ T5177] loop0: detected capacity change from 0 to 4096
[ 60.820680][ T5177] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = 0
[pid 5177] <... mkdir resumed>) = 0
[pid 5177] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5178] chdir("./bus") = ?
[pid 5176] <... futex resumed>) = ?
[pid 5178] +++ killed by SIGSEGV +++
[pid 5177] +++ killed by SIGSEGV +++
[pid 5176] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5176, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./36", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./36/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./36/binderfs") = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./36/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./36/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./36") = 0
mkdir("./37", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5179
./strace-static-x86_64: Process 5179 attached
[pid 5179] set_robust_list(0x555555b665e0, 24) = 0
[pid 5179] chdir("./37") = 0
[pid 5179] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5179] setpgid(0, 0) = 0
[pid 5179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5179] write(3, "1000", 4) = 4
[pid 5179] close(3) = 0
[pid 5179] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5179] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5179] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5179] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5179] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5180], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5180
[pid 5179] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
./strace-static-x86_64: Process 5180 attached
[pid 5179] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5180] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5180] memfd_create("syzkaller", 0) = 3
[pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5180] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5180] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5180] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5180] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5180] close(3) = 0
[pid 5180] mkdir("./file0", 0777) = 0
[pid 5180] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5180] chdir("./file0") = 0
[pid 5180] ioctl(4, LOOP_CLR_FD) = 0
[pid 5180] close(4) = 0
[pid 5180] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5179] <... futex resumed>) = 0
[pid 5179] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5179] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5179] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5179] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5179] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5181], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5181
[pid 5179] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5179] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5181 attached
<unfinished ...>
[pid 5181] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5181] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5180] mkdir("./bus", 0777 <unfinished ...>
[pid 5181] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5181] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5181] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5181] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5181] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5181] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5181] chdir("./bus" <unfinished ...>
[pid 5180] <... mkdir resumed>) = 0
[pid 5181] <... chdir resumed>) = 0
[pid 5181] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5181] chdir("./bus" <unfinished ...>
[pid 5180] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5181] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[pid 5179] <... futex resumed>) = ?
[pid 5181] +++ killed by SIGSEGV +++
[pid 5180] +++ killed by SIGSEGV +++
[pid 5179] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5179, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[ 60.956669][ T5180] loop0: detected capacity change from 0 to 4096
[ 60.965630][ T5180] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./37", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./37/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./37/binderfs") = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./37/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./37/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./37/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./37") = 0
mkdir("./38", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5182
./strace-static-x86_64: Process 5182 attached
[pid 5182] set_robust_list(0x555555b665e0, 24) = 0
[pid 5182] chdir("./38") = 0
[pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5182] setpgid(0, 0) = 0
[pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5182] write(3, "1000", 4) = 4
[pid 5182] close(3) = 0
[pid 5182] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5182] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5182] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5182] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5182] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5183], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5183
[pid 5182] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5182] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5183 attached
<unfinished ...>
[pid 5183] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5183] memfd_create("syzkaller", 0) = 3
[pid 5183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5183] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5183] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5183] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5183] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5183] close(3) = 0
[pid 5183] mkdir("./file0", 0777) = 0
[pid 5183] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5183] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5183] chdir("./file0") = 0
[pid 5183] ioctl(4, LOOP_CLR_FD) = 0
[pid 5183] close(4) = 0
[pid 5183] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5182] <... futex resumed>) = 0
[pid 5183] mkdir("./bus", 0777 <unfinished ...>
[pid 5182] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5182] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5182] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5182] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5183] <... mkdir resumed>) = 0
[pid 5182] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5184], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5184
[pid 5183] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5182] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5184 attached
) = ?
[pid 5183] +++ killed by SIGSEGV +++
[pid 5184] +++ killed by SIGSEGV +++
[pid 5182] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5182, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
[ 61.095903][ T5183] loop0: detected capacity change from 0 to 4096
[ 61.106968][ T5183] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./38", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./38/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./38/binderfs") = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./38/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./38/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./38") = 0
mkdir("./39", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5185
./strace-static-x86_64: Process 5185 attached
[pid 5185] set_robust_list(0x555555b665e0, 24) = 0
[pid 5185] chdir("./39") = 0
[pid 5185] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5185] setpgid(0, 0) = 0
[pid 5185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5185] write(3, "1000", 4) = 4
[pid 5185] close(3) = 0
[pid 5185] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5185] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5185] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5185] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5185] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5186 attached
, parent_tid=[5186], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5186
[pid 5186] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5186] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5185] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5186] <... futex resumed>) = 0
[pid 5185] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5186] memfd_create("syzkaller", 0) = 3
[pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5186] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5186] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5186] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5186] close(3) = 0
[pid 5186] mkdir("./file0", 0777) = 0
[pid 5186] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5186] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5186] chdir("./file0") = 0
[pid 5186] ioctl(4, LOOP_CLR_FD) = 0
[pid 5186] close(4) = 0
[pid 5186] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5185] <... futex resumed>) = 0
[pid 5185] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5185] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5185] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5185] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5185] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5187], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5187
[pid 5185] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5185] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5186] <... futex resumed>) = 1
[pid 5186] mkdir("./bus", 0777) = 0
[pid 5186] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[ 61.302797][ T5186] loop0: detected capacity change from 0 to 4096
[ 61.317893][ T5186] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5185] <... futex resumed>) = ?
[pid 5186] +++ killed by SIGSEGV +++
./strace-static-x86_64: Process 5187 attached
[pid 5187] +++ killed by SIGSEGV +++
[pid 5185] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5185, si_uid=0, si_status=SIGSEGV, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} ---
umount2("./39", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./39/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./39/binderfs") = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./39/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./39/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./39") = 0
mkdir("./40", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5188
./strace-static-x86_64: Process 5188 attached
[pid 5188] set_robust_list(0x555555b665e0, 24) = 0
[pid 5188] chdir("./40") = 0
[pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5188] setpgid(0, 0) = 0
[pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5188] write(3, "1000", 4) = 4
[pid 5188] close(3) = 0
[pid 5188] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5188] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5188] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5188] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5188] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5189], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5189
[pid 5188] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5188] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5189 attached
<unfinished ...>
[pid 5189] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5189] memfd_create("syzkaller", 0) = 3
[pid 5189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5189] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5189] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5189] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5189] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5189] close(3) = 0
[pid 5189] mkdir("./file0", 0777) = 0
[pid 5189] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5189] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5189] chdir("./file0") = 0
[pid 5189] ioctl(4, LOOP_CLR_FD) = 0
[pid 5189] close(4) = 0
[pid 5189] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5188] <... futex resumed>) = 0
[pid 5189] mkdir("./bus", 0777 <unfinished ...>
[pid 5188] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5188] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5188] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5188] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5188] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID <unfinished ...>
[pid 5189] <... mkdir resumed>) = 0
[pid 5189] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5188] <... clone resumed>, parent_tid=[5190], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5190
[pid 5189] +++ killed by SIGSEGV +++
./strace-static-x86_64: Process 5190 attached
[pid 5190] +++ killed by SIGSEGV +++
[pid 5188] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5188, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./40", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./40/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./40/binderfs") = 0
[ 61.476648][ T5189] loop0: detected capacity change from 0 to 4096
[ 61.487448][ T5189] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./40/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./40/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./40") = 0
mkdir("./41", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5191
./strace-static-x86_64: Process 5191 attached
[pid 5191] set_robust_list(0x555555b665e0, 24) = 0
[pid 5191] chdir("./41") = 0
[pid 5191] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5191] setpgid(0, 0) = 0
[pid 5191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5191] write(3, "1000", 4) = 4
[pid 5191] close(3) = 0
[pid 5191] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5191] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5191] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5191] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5191] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5192 attached
<unfinished ...>
[pid 5192] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5192] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5191] <... clone resumed>, parent_tid=[5192], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5192
[pid 5191] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5192] <... futex resumed>) = 0
[pid 5191] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5192] memfd_create("syzkaller", 0) = 3
[pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5192] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5192] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5192] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5192] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5192] close(3) = 0
[pid 5192] mkdir("./file0", 0777) = 0
[pid 5192] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5192] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5192] chdir("./file0") = 0
[pid 5192] ioctl(4, LOOP_CLR_FD) = 0
[pid 5192] close(4) = 0
[pid 5192] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5191] <... futex resumed>) = 0
[pid 5192] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5191] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5192] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[ 61.620837][ T5192] loop0: detected capacity change from 0 to 4096
[ 61.630462][ T5192] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5191] <... futex resumed>) = 0
[pid 5192] mkdir("./bus", 0777 <unfinished ...>
[pid 5191] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5192] <... mkdir resumed>) = 0
[pid 5191] <... futex resumed>) = 0
[pid 5192] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5192] +++ killed by SIGSEGV +++
[pid 5191] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5191, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./41", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./41/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./41/binderfs") = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./41/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./41/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./41") = 0
mkdir("./42", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5193
./strace-static-x86_64: Process 5193 attached
[pid 5193] set_robust_list(0x555555b665e0, 24) = 0
[pid 5193] chdir("./42") = 0
[pid 5193] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5193] setpgid(0, 0) = 0
[pid 5193] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5193] write(3, "1000", 4) = 4
[pid 5193] close(3) = 0
[pid 5193] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5193] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5193] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5193] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5193] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5194], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5194
[pid 5193] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5193] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5194 attached
<unfinished ...>
[pid 5194] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5194] memfd_create("syzkaller", 0) = 3
[pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5194] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5194] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5194] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5194] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5194] close(3) = 0
[pid 5194] mkdir("./file0", 0777) = 0
[pid 5194] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5194] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5194] chdir("./file0") = 0
[pid 5194] ioctl(4, LOOP_CLR_FD) = 0
[pid 5194] close(4) = 0
[pid 5194] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5194] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5193] <... futex resumed>) = 0
[pid 5193] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5193] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5193] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5193] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5193] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5195], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5195
[pid 5193] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5193] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5194] <... futex resumed>) = 0
[pid 5194] mkdir("./bus", 0777./strace-static-x86_64: Process 5195 attached
<unfinished ...>
[pid 5195] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5195] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5194] <... mkdir resumed>) = 0
[pid 5194] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5193] <... futex resumed>) = ?
[pid 5194] +++ killed by SIGSEGV +++
[pid 5195] +++ killed by SIGSEGV +++
[pid 5193] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5193, si_uid=0, si_status=SIGSEGV, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./42", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 61.774268][ T5194] loop0: detected capacity change from 0 to 4096
[ 61.783399][ T5194] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./42/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./42/binderfs") = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./42/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./42/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./42/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./42") = 0
mkdir("./43", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5196
./strace-static-x86_64: Process 5196 attached
[pid 5196] set_robust_list(0x555555b665e0, 24) = 0
[pid 5196] chdir("./43") = 0
[pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5196] setpgid(0, 0) = 0
[pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5196] write(3, "1000", 4) = 4
[pid 5196] close(3) = 0
[pid 5196] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5196] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5196] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5196] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5196] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5197], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5197
[pid 5196] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000./strace-static-x86_64: Process 5197 attached
<unfinished ...>
[pid 5197] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5196] <... futex resumed>) = 0
[pid 5196] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5197] memfd_create("syzkaller", 0) = 3
[pid 5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5197] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5197] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5197] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5197] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5197] close(3) = 0
[pid 5197] mkdir("./file0", 0777) = 0
[pid 5197] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5197] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5197] chdir("./file0") = 0
[pid 5197] ioctl(4, LOOP_CLR_FD) = 0
[pid 5197] close(4) = 0
[pid 5197] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5196] <... futex resumed>) = 0
[pid 5196] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5196] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5196] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5196] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5196] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5198], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5198
[pid 5196] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5196] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5197] <... futex resumed>) = 1
[pid 5197] mkdir("./bus", 0777) = 0
[pid 5197] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5196] <... futex resumed>) = ?
./strace-static-x86_64: Process 5198 attached
[pid 5198] +++ killed by SIGSEGV +++
[pid 5197] +++ killed by SIGSEGV +++
[pid 5196] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5196, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./43", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
[ 61.908810][ T5197] loop0: detected capacity change from 0 to 4096
[ 61.918643][ T5197] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./43/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./43/binderfs") = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./43/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./43/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./43") = 0
mkdir("./44", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5199
./strace-static-x86_64: Process 5199 attached
[pid 5199] set_robust_list(0x555555b665e0, 24) = 0
[pid 5199] chdir("./44") = 0
[pid 5199] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5199] setpgid(0, 0) = 0
[pid 5199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5199] write(3, "1000", 4) = 4
[pid 5199] close(3) = 0
[pid 5199] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5199] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5199] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5199] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5199] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5200 attached
, parent_tid=[5200], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5200
[pid 5200] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5199] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5199] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5200] memfd_create("syzkaller", 0) = 3
[pid 5200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5200] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5200] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5200] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5200] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5200] close(3) = 0
[pid 5200] mkdir("./file0", 0777) = 0
[pid 5200] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5200] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5200] chdir("./file0") = 0
[pid 5200] ioctl(4, LOOP_CLR_FD) = 0
[pid 5200] close(4) = 0
[pid 5200] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5200] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5199] <... futex resumed>) = 0
[pid 5199] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5200] <... futex resumed>) = 0
[pid 5199] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5200] mkdir("./bus", 0777 <unfinished ...>
[pid 5199] <... futex resumed>) = 0
[ 62.051717][ T5200] loop0: detected capacity change from 0 to 4096
[ 62.061792][ T5200] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5199] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5199] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid 5200] <... mkdir resumed>) = 0
[pid 5199] <... mprotect resumed>) = 0
[pid 5199] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5201 attached
<unfinished ...>
[pid 5201] set_robust_list(0x7f6f26a5d9e0, 24 <unfinished ...>
[pid 5200] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5199] <... clone resumed>, parent_tid=[5201], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5201
[pid 5201] <... set_robust_list resumed>) = ?
[pid 5201] +++ killed by SIGSEGV +++
[pid 5200] +++ killed by SIGSEGV +++
[pid 5199] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5199, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./44", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./44/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./44/binderfs") = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./44/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./44/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./44") = 0
mkdir("./45", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5202
./strace-static-x86_64: Process 5202 attached
[pid 5202] set_robust_list(0x555555b665e0, 24) = 0
[pid 5202] chdir("./45") = 0
[pid 5202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5202] setpgid(0, 0) = 0
[pid 5202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5202] write(3, "1000", 4) = 4
[pid 5202] close(3) = 0
[pid 5202] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5202] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5202] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5202] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5202] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5203 attached
, parent_tid=[5203], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5203
[pid 5202] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5202] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5203] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5203] memfd_create("syzkaller", 0) = 3
[pid 5203] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5203] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5203] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5203] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5203] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5203] close(3) = 0
[pid 5203] mkdir("./file0", 0777) = 0
[pid 5203] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5203] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5203] chdir("./file0") = 0
[pid 5203] ioctl(4, LOOP_CLR_FD) = 0
[pid 5203] close(4) = 0
[pid 5203] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5202] <... futex resumed>) = 0
[pid 5202] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5202] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5202] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5202] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5202] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5204], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5204
[pid 5202] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5202] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5203] <... futex resumed>) = 1
[pid 5203] mkdir("./bus", 0777) = 0
[pid 5203] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5202] <... futex resumed>) = ?
[pid 5203] +++ killed by SIGSEGV +++
./strace-static-x86_64: Process 5204 attached
[pid 5204] +++ killed by SIGSEGV +++
[pid 5202] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5202, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./45", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./45/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./45/binderfs") = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./45/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 62.204807][ T5203] loop0: detected capacity change from 0 to 4096
[ 62.214977][ T5203] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./45/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./45") = 0
mkdir("./46", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5205 attached
<unfinished ...>
[pid 5205] set_robust_list(0x555555b665e0, 24) = 0
[pid 5205] chdir("./46") = 0
[pid 5205] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5205] setpgid(0, 0) = 0
[pid 5205] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5205] write(3, "1000", 4) = 4
[pid 5205] close(3) = 0
[pid 5205] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid 5072] <... clone resumed>, child_tidptr=0x555555b665d0) = 5205
[pid 5205] <... symlink resumed>) = 0
[pid 5205] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5205] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5205] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5205] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5206], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5206
[pid 5205] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5205] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5206 attached
<unfinished ...>
[pid 5206] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5206] memfd_create("syzkaller", 0) = 3
[pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5206] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5206] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5206] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5206] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5206] close(3) = 0
[pid 5206] mkdir("./file0", 0777) = 0
[pid 5206] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5206] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5206] chdir("./file0") = 0
[pid 5206] ioctl(4, LOOP_CLR_FD) = 0
[pid 5206] close(4) = 0
[pid 5206] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5205] <... futex resumed>) = 0
[pid 5206] mkdir("./bus", 0777 <unfinished ...>
[pid 5205] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5205] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5206] <... mkdir resumed>) = 0
[pid 5205] <... futex resumed>) = 0
[pid 5206] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5205] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = ?
[pid 5206] +++ killed by SIGSEGV +++
[pid 5205] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5205, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./46", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./46/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./46/binderfs") = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 62.332925][ T5206] loop0: detected capacity change from 0 to 4096
[ 62.343597][ T5206] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
lstat("./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./46/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./46/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./46") = 0
mkdir("./47", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5207
./strace-static-x86_64: Process 5207 attached
[pid 5207] set_robust_list(0x555555b665e0, 24) = 0
[pid 5207] chdir("./47") = 0
[pid 5207] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5207] setpgid(0, 0) = 0
[pid 5207] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5207] write(3, "1000", 4) = 4
[pid 5207] close(3) = 0
[pid 5207] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5207] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5207] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5207] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5207] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5208], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5208
./strace-static-x86_64: Process 5208 attached
[pid 5207] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5208] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5207] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5208] <... set_robust_list resumed>) = 0
[pid 5208] memfd_create("syzkaller", 0) = 3
[pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5208] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5208] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5208] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5208] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5208] close(3) = 0
[pid 5208] mkdir("./file0", 0777) = 0
[pid 5208] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5208] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5208] chdir("./file0") = 0
[pid 5208] ioctl(4, LOOP_CLR_FD) = 0
[pid 5208] close(4) = 0
[pid 5208] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5207] <... futex resumed>) = 0
[pid 5208] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5207] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5208] <... futex resumed>) = 0
[pid 5207] <... futex resumed>) = 1
[pid 5208] mkdir("./bus", 0777 <unfinished ...>
[pid 5207] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5208] <... mkdir resumed>) = 0
[pid 5207] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5208] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5207] <... mmap resumed>) = ?
[pid 5208] +++ killed by SIGSEGV +++
[pid 5207] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5207, si_uid=0, si_status=SIGSEGV, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} ---
umount2("./47", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./47/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./47/binderfs") = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./47/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./47/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 62.470444][ T5208] loop0: detected capacity change from 0 to 4096
[ 62.481053][ T5208] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./47/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./47") = 0
mkdir("./48", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5209
./strace-static-x86_64: Process 5209 attached
[pid 5209] set_robust_list(0x555555b665e0, 24) = 0
[pid 5209] chdir("./48") = 0
[pid 5209] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5209] setpgid(0, 0) = 0
[pid 5209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5209] write(3, "1000", 4) = 4
[pid 5209] close(3) = 0
[pid 5209] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5209] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5209] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5209] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5210], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5210
[pid 5209] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5210 attached
<unfinished ...>
[pid 5210] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5210] memfd_create("syzkaller", 0) = 3
[pid 5210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5210] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5210] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5210] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5210] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5210] close(3) = 0
[pid 5210] mkdir("./file0", 0777) = 0
[pid 5210] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5210] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5210] chdir("./file0") = 0
[pid 5210] ioctl(4, LOOP_CLR_FD) = 0
[pid 5210] close(4) = 0
[pid 5210] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5209] <... futex resumed>) = 0
[pid 5210] <... futex resumed>) = 1
[pid 5209] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5210] mkdir("./bus", 0777 <unfinished ...>
[pid 5209] <... futex resumed>) = 0
[pid 5209] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5209] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5209] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5211], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5211
[pid 5209] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5209] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5210] <... mkdir resumed>) = 0
./strace-static-x86_64: Process 5211 attached
[pid 5210] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5209] <... futex resumed>) = ?
[pid 5210] +++ killed by SIGSEGV +++
[pid 5211] +++ killed by SIGSEGV +++
[pid 5209] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5209, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./48", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
[ 62.606519][ T5210] loop0: detected capacity change from 0 to 4096
[ 62.615723][ T5210] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./48/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./48/binderfs") = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./48/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./48/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./48/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./48") = 0
mkdir("./49", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5212 attached
, child_tidptr=0x555555b665d0) = 5212
[pid 5212] set_robust_list(0x555555b665e0, 24) = 0
[pid 5212] chdir("./49") = 0
[pid 5212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5212] setpgid(0, 0) = 0
[pid 5212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5212] write(3, "1000", 4) = 4
[pid 5212] close(3) = 0
[pid 5212] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5212] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5212] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5212] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5212] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5213], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5213
[pid 5212] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5212] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5213 attached
<unfinished ...>
[pid 5213] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5213] memfd_create("syzkaller", 0) = 3
[pid 5213] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5213] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5213] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5213] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5213] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5213] close(3) = 0
[pid 5213] mkdir("./file0", 0777) = 0
[pid 5213] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5213] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5213] chdir("./file0") = 0
[pid 5213] ioctl(4, LOOP_CLR_FD) = 0
[pid 5213] close(4) = 0
[pid 5213] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5212] <... futex resumed>) = 0
[pid 5213] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5212] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5212] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5212] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5212] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5213] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5212] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5214], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5214
[pid 5212] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5212] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5214 attached
<unfinished ...>
[pid 5214] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5214] chdir("./bus" <unfinished ...>
[pid 5213] mkdir("./bus", 0777 <unfinished ...>
[pid 5214] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[pid 5214] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5214] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5214] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5214] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5214] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5214] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5214] chdir("./bus") = 0
[pid 5213] <... mkdir resumed>) = 0
[pid 5214] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5214] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5214] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5213] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5214] ???( <unfinished ...>
[pid 5212] <... futex resumed>) = ?
[pid 5214] <... ??? resumed>) = ?
[pid 5214] +++ killed by SIGSEGV +++
[ 62.735257][ T5213] loop0: detected capacity change from 0 to 4096
[ 62.744860][ T5213] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5213] +++ killed by SIGSEGV +++
[pid 5212] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5212, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=8 /* 0.08 s */} ---
umount2("./49", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./49/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./49/binderfs") = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./49/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./49/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./49") = 0
mkdir("./50", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5215
./strace-static-x86_64: Process 5215 attached
[pid 5215] set_robust_list(0x555555b665e0, 24) = 0
[pid 5215] chdir("./50") = 0
[pid 5215] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5215] setpgid(0, 0) = 0
[pid 5215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5215] write(3, "1000", 4) = 4
[pid 5215] close(3) = 0
[pid 5215] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5215] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5215] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5215] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5215] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5216 attached
<unfinished ...>
[pid 5216] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5215] <... clone resumed>, parent_tid=[5216], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5216
[pid 5216] <... set_robust_list resumed>) = 0
[pid 5215] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5215] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5216] memfd_create("syzkaller", 0) = 3
[pid 5216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5216] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5216] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5216] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5216] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5216] close(3) = 0
[pid 5216] mkdir("./file0", 0777) = 0
[pid 5216] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5216] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5216] chdir("./file0") = 0
[pid 5216] ioctl(4, LOOP_CLR_FD) = 0
[pid 5216] close(4) = 0
[pid 5216] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5215] <... futex resumed>) = 0
[pid 5216] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5215] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5216] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5215] <... futex resumed>) = 0
[pid 5216] mkdir("./bus", 0777 <unfinished ...>
[pid 5215] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5216] <... mkdir resumed>) = 0
[pid 5215] <... futex resumed>) = 0
[pid 5216] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5215] ???() = ?
[pid 5216] +++ killed by SIGSEGV +++
[pid 5215] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5215, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[ 62.875837][ T5216] loop0: detected capacity change from 0 to 4096
[ 62.886112][ T5216] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./50", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./50/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./50/binderfs") = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./50/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./50/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./50") = 0
mkdir("./51", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5217
./strace-static-x86_64: Process 5217 attached
[pid 5217] set_robust_list(0x555555b665e0, 24) = 0
[pid 5217] chdir("./51") = 0
[pid 5217] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5217] setpgid(0, 0) = 0
[pid 5217] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5217] write(3, "1000", 4) = 4
[pid 5217] close(3) = 0
[pid 5217] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5217] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5217] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5217] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5217] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5218 attached
, parent_tid=[5218], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5218
[pid 5217] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5217] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5218] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5218] memfd_create("syzkaller", 0) = 3
[pid 5218] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5218] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5218] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5218] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5218] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5218] close(3) = 0
[pid 5218] mkdir("./file0", 0777) = 0
[pid 5218] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5218] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5218] chdir("./file0") = 0
[pid 5218] ioctl(4, LOOP_CLR_FD) = 0
[pid 5218] close(4) = 0
[pid 5218] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5217] <... futex resumed>) = 0
[pid 5217] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5217] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5217] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5217] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5217] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5219], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5219
[pid 5217] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5217] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5218] <... futex resumed>) = 1
[pid 5218] mkdir("./bus", 0777) = 0
[pid 5218] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5219 attached
[pid 5219] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[ 63.017660][ T5218] loop0: detected capacity change from 0 to 4096
[ 63.027809][ T5218] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5219] chdir("./bus") = 0
[pid 5219] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5217] <... futex resumed>) = ?
[pid 5218] +++ killed by SIGSEGV +++
[pid 5219] +++ killed by SIGSEGV +++
[pid 5217] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5217, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./51", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./51/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./51/binderfs") = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./51/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./51/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./51") = 0
mkdir("./52", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5220 attached
<unfinished ...>
[pid 5220] set_robust_list(0x555555b665e0, 24) = 0
[pid 5220] chdir("./52") = 0
[pid 5220] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5220] setpgid(0, 0) = 0
[pid 5220] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5220] write(3, "1000", 4) = 4
[pid 5220] close(3) = 0
[pid 5220] symlink("/dev/binderfs", "./binderfs" <unfinished ...>
[pid 5072] <... clone resumed>, child_tidptr=0x555555b665d0) = 5220
[pid 5220] <... symlink resumed>) = 0
[pid 5220] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5220] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5220] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5220] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5221], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5221
./strace-static-x86_64: Process 5221 attached
[pid 5220] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5220] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5221] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5221] memfd_create("syzkaller", 0) = 3
[pid 5221] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5221] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5221] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5221] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5221] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5221] close(3) = 0
[pid 5221] mkdir("./file0", 0777) = 0
[pid 5221] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5221] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5221] chdir("./file0") = 0
[pid 5221] ioctl(4, LOOP_CLR_FD) = 0
[pid 5221] close(4) = 0
[pid 5221] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5221] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5220] <... futex resumed>) = 0
[pid 5220] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5221] <... futex resumed>) = 0
[pid 5220] <... futex resumed>) = 1
[pid 5221] mkdir("./bus", 0777 <unfinished ...>
[pid 5220] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5220] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5220] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5220] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5222], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5222
[pid 5220] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5220] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5221] <... mkdir resumed>) = 0
./strace-static-x86_64: Process 5222 attached
[pid 5221] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5222] set_robust_list(0x7f6f26a5d9e0, 24) = ?
[pid 5220] <... futex resumed>) = ?
[pid 5222] +++ killed by SIGSEGV +++
[pid 5221] +++ killed by SIGSEGV +++
[pid 5220] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5220, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./52", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./52/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./52/binderfs") = 0
[ 63.170560][ T5221] loop0: detected capacity change from 0 to 4096
[ 63.180630][ T5221] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./52/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./52/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./52/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./52") = 0
mkdir("./53", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5223
./strace-static-x86_64: Process 5223 attached
[pid 5223] set_robust_list(0x555555b665e0, 24) = 0
[pid 5223] chdir("./53") = 0
[pid 5223] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5223] setpgid(0, 0) = 0
[pid 5223] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5223] write(3, "1000", 4) = 4
[pid 5223] close(3) = 0
[pid 5223] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5223] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5223] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5223] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5223] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5224 attached
<unfinished ...>
[pid 5224] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5223] <... clone resumed>, parent_tid=[5224], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5224
[pid 5223] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5223] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5224] <... set_robust_list resumed>) = 0
[pid 5224] memfd_create("syzkaller", 0) = 3
[pid 5224] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5224] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5224] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5224] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5224] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5224] close(3) = 0
[pid 5224] mkdir("./file0", 0777) = 0
[pid 5224] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5224] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5224] chdir("./file0") = 0
[pid 5224] ioctl(4, LOOP_CLR_FD) = 0
[pid 5224] close(4) = 0
[pid 5224] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5223] <... futex resumed>) = 0
[pid 5223] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5223] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5223] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5223] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5223] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5225], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5225
[pid 5223] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5223] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5224] <... futex resumed>) = 1
[pid 5224] mkdir("./bus", 0777) = 0
[pid 5224] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5223] <... futex resumed>) = ?
[pid 5224] +++ killed by SIGSEGV +++
./strace-static-x86_64: Process 5225 attached
[pid 5225] +++ killed by SIGSEGV +++
[pid 5223] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5223, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
umount2("./53", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./53/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./53/binderfs") = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./53/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./53/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./53") = 0
mkdir("./54", 0777) = 0
[ 63.326628][ T5224] loop0: detected capacity change from 0 to 4096
[ 63.335561][ T5224] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = 0
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5226
./strace-static-x86_64: Process 5226 attached
[pid 5226] set_robust_list(0x555555b665e0, 24) = 0
[pid 5226] chdir("./54") = 0
[pid 5226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5226] setpgid(0, 0) = 0
[pid 5226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5226] write(3, "1000", 4) = 4
[pid 5226] close(3) = 0
[pid 5226] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5226] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5226] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5226] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5226] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5227], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5227
[pid 5226] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5226] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5227 attached
<unfinished ...>
[pid 5227] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5227] memfd_create("syzkaller", 0) = 3
[pid 5227] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5227] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5227] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5227] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5227] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5227] close(3) = 0
[pid 5227] mkdir("./file0", 0777) = 0
[pid 5227] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5227] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5227] chdir("./file0") = 0
[pid 5227] ioctl(4, LOOP_CLR_FD) = 0
[pid 5227] close(4) = 0
[pid 5227] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5226] <... futex resumed>) = 0
[pid 5227] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5226] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5227] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5226] <... futex resumed>) = 0
[pid 5227] mkdir("./bus", 0777 <unfinished ...>
[pid 5226] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5227] <... mkdir resumed>) = 0
[pid 5226] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5227] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5226] <... mmap resumed>) = ? <unavailable>
[pid 5227] +++ killed by SIGSEGV +++
[pid 5226] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5226, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
umount2("./54", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[ 63.455000][ T5227] loop0: detected capacity change from 0 to 4096
[ 63.464799][ T5227] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./54/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./54/binderfs") = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./54/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./54/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./54") = 0
mkdir("./55", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5228 attached
, child_tidptr=0x555555b665d0) = 5228
[pid 5228] set_robust_list(0x555555b665e0, 24) = 0
[pid 5228] chdir("./55") = 0
[pid 5228] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5228] setpgid(0, 0) = 0
[pid 5228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5228] write(3, "1000", 4) = 4
[pid 5228] close(3) = 0
[pid 5228] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5228] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5228] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5228] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5228] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5229 attached
<unfinished ...>
[pid 5229] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5229] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5228] <... clone resumed>, parent_tid=[5229], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5229
[pid 5228] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5229] <... futex resumed>) = 0
[pid 5228] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5229] memfd_create("syzkaller", 0) = 3
[pid 5229] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5229] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5229] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5229] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5229] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5229] close(3) = 0
[pid 5229] mkdir("./file0", 0777) = 0
[pid 5229] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5229] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5229] chdir("./file0") = 0
[pid 5229] ioctl(4, LOOP_CLR_FD) = 0
[pid 5229] close(4) = 0
[pid 5229] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5228] <... futex resumed>) = 0
[pid 5229] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5228] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5228] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5228] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5229] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5228] <... mmap resumed>) = 0x7f6f26a3d000
[pid 5228] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid 5229] mkdir("./bus", 0777 <unfinished ...>
[pid 5228] <... mprotect resumed>) = 0
[pid 5228] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5230], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5230
[pid 5228] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
./strace-static-x86_64: Process 5230 attached
[pid 5229] <... mkdir resumed>) = 0
[pid 5228] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5229] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5228] <... futex resumed>) = ?
[pid 5230] +++ killed by SIGSEGV +++
[pid 5229] +++ killed by SIGSEGV +++
[pid 5228] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5228, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./55", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./55/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./55/binderfs") = 0
[ 63.602133][ T5229] loop0: detected capacity change from 0 to 4096
[ 63.610721][ T5229] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./55/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./55/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./55") = 0
mkdir("./56", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5231
./strace-static-x86_64: Process 5231 attached
[pid 5231] set_robust_list(0x555555b665e0, 24) = 0
[pid 5231] chdir("./56") = 0
[pid 5231] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5231] setpgid(0, 0) = 0
[pid 5231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5231] write(3, "1000", 4) = 4
[pid 5231] close(3) = 0
[pid 5231] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5231] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5231] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5231] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5231] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5232 attached
, parent_tid=[5232], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5232
[pid 5232] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5232] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5231] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5232] <... futex resumed>) = 0
[pid 5231] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5232] memfd_create("syzkaller", 0) = 3
[pid 5232] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5232] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5232] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5232] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5232] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5232] close(3) = 0
[pid 5232] mkdir("./file0", 0777) = 0
[pid 5232] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5232] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5232] chdir("./file0") = 0
[pid 5232] ioctl(4, LOOP_CLR_FD) = 0
[pid 5232] close(4) = 0
[pid 5232] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5231] <... futex resumed>) = 0
[pid 5231] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5231] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5231] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5231] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5231] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5233], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5233
[pid 5231] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5231] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5232] <... futex resumed>) = 1
[pid 5232] mkdir("./bus", 0777) = 0
[pid 5232] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5233 attached
[pid 5231] <... futex resumed>) = ?
[pid 5233] +++ killed by SIGSEGV +++
[pid 5232] +++ killed by SIGSEGV +++
[pid 5231] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5231, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=6 /* 0.06 s */} ---
umount2("./56", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./56/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 63.743688][ T5232] loop0: detected capacity change from 0 to 4096
[ 63.753098][ T5232] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
unlink("./56/binderfs") = 0
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./56/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./56/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./56/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./56") = 0
mkdir("./57", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5234
./strace-static-x86_64: Process 5234 attached
[pid 5234] set_robust_list(0x555555b665e0, 24) = 0
[pid 5234] chdir("./57") = 0
[pid 5234] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5234] setpgid(0, 0) = 0
[pid 5234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5234] write(3, "1000", 4) = 4
[pid 5234] close(3) = 0
[pid 5234] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5234] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5234] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5234] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5234] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5235 attached
, parent_tid=[5235], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5235
[pid 5235] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5235] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5234] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5235] <... futex resumed>) = 0
[pid 5234] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5235] memfd_create("syzkaller", 0) = 3
[pid 5235] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5235] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5235] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5235] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5235] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5235] close(3) = 0
[pid 5235] mkdir("./file0", 0777) = 0
[pid 5235] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5235] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5235] chdir("./file0") = 0
[pid 5235] ioctl(4, LOOP_CLR_FD) = 0
[pid 5235] close(4) = 0
[pid 5235] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5234] <... futex resumed>) = 0
[pid 5234] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5234] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5235] mkdir("./bus", 0777 <unfinished ...>
[pid 5234] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5234] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5234] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5236], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5236
[pid 5234] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
./strace-static-x86_64: Process 5236 attached
[pid 5236] set_robust_list(0x7f6f26a5d9e0, 24 <unfinished ...>
[pid 5234] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5235] <... mkdir resumed>) = 0
[pid 5235] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5236] <... set_robust_list resumed>) = ?
[pid 5234] <... futex resumed>) = ?
[pid 5236] +++ killed by SIGSEGV +++
[pid 5235] +++ killed by SIGSEGV +++
[pid 5234] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5234, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[ 63.880347][ T5235] loop0: detected capacity change from 0 to 4096
[ 63.889329][ T5235] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./57", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./57/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./57/binderfs") = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./57/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./57/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./57/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./57") = 0
mkdir("./58", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5237
./strace-static-x86_64: Process 5237 attached
[pid 5237] set_robust_list(0x555555b665e0, 24) = 0
[pid 5237] chdir("./58") = 0
[pid 5237] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5237] setpgid(0, 0) = 0
[pid 5237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5237] write(3, "1000", 4) = 4
[pid 5237] close(3) = 0
[pid 5237] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5237] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5237] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5237] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5237] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5238], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5238
[pid 5237] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5237] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5238 attached
<unfinished ...>
[pid 5238] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5238] memfd_create("syzkaller", 0) = 3
[pid 5238] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5238] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5238] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5238] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5238] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5238] close(3) = 0
[pid 5238] mkdir("./file0", 0777) = 0
[pid 5238] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5238] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5238] chdir("./file0") = 0
[pid 5238] ioctl(4, LOOP_CLR_FD) = 0
[pid 5238] close(4) = 0
[pid 5238] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5237] <... futex resumed>) = 0
[pid 5238] <... futex resumed>) = 1
[pid 5237] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5237] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5238] mkdir("./bus", 0777 <unfinished ...>
[pid 5237] <... futex resumed>) = 0
[pid 5237] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5237] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5237] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5239], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5239
[pid 5237] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5237] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5238] <... mkdir resumed>) = 0
./strace-static-x86_64: Process 5239 attached
[pid 5239] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5239] chdir("./bus") = 0
[pid 5239] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5239] chdir("./bus" <unfinished ...>
[pid 5238] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5239] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[pid 5239] chdir("./bus") = -1 ENOENT (No such file or directory)
[ 64.035692][ T5238] loop0: detected capacity change from 0 to 4096
[ 64.046299][ T5238] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5239] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5239] ???() = ?
[pid 5237] <... futex resumed>) = ?
[pid 5239] +++ killed by SIGSEGV +++
[pid 5238] +++ killed by SIGSEGV +++
[pid 5237] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5237, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./58", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./58/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./58/binderfs") = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./58/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./58/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./58") = 0
mkdir("./59", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5240
./strace-static-x86_64: Process 5240 attached
[pid 5240] set_robust_list(0x555555b665e0, 24) = 0
[pid 5240] chdir("./59") = 0
[pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5240] setpgid(0, 0) = 0
[pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5240] write(3, "1000", 4) = 4
[pid 5240] close(3) = 0
[pid 5240] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5240] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5240] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5240] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5240] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5241 attached
, parent_tid=[5241], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5241
[pid 5241] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5240] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5241] <... set_robust_list resumed>) = 0
[pid 5240] <... futex resumed>) = 0
[pid 5240] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5241] memfd_create("syzkaller", 0) = 3
[pid 5241] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5241] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5241] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5241] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5241] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5241] close(3) = 0
[pid 5241] mkdir("./file0", 0777) = 0
[pid 5241] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5241] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5241] chdir("./file0") = 0
[pid 5241] ioctl(4, LOOP_CLR_FD) = 0
[pid 5241] close(4) = 0
[pid 5241] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5240] <... futex resumed>) = 0
[pid 5240] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5240] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5240] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5240] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5240] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5242 attached
<unfinished ...>
[pid 5242] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5242] futex(0x7f6f2ed76798, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5240] <... clone resumed>, parent_tid=[5242], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5242
[pid 5240] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5240] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5242] <... futex resumed>) = 0
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus" <unfinished ...>
[pid 5241] mkdir("./bus", 0777 <unfinished ...>
[pid 5242] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[ 64.180622][ T5241] loop0: detected capacity change from 0 to 4096
[ 64.190548][ T5241] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5242] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5241] <... mkdir resumed>) = 0
[pid 5242] chdir("./bus" <unfinished ...>
[pid 5241] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5242] <... chdir resumed>) = 0
[pid 5240] <... futex resumed>) = ?
[pid 5242] +++ killed by SIGSEGV +++
[pid 5241] +++ killed by SIGSEGV +++
[pid 5240] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5240, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./59", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./59/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./59/binderfs") = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./59/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./59/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./59") = 0
mkdir("./60", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5243
./strace-static-x86_64: Process 5243 attached
[pid 5243] set_robust_list(0x555555b665e0, 24) = 0
[pid 5243] chdir("./60") = 0
[pid 5243] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5243] setpgid(0, 0) = 0
[pid 5243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5243] write(3, "1000", 4) = 4
[pid 5243] close(3) = 0
[pid 5243] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5243] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5243] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5243] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5243] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5244], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5244
[pid 5243] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5243] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5244 attached
<unfinished ...>
[pid 5244] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5244] memfd_create("syzkaller", 0) = 3
[pid 5244] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5244] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5244] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5244] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5244] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5244] close(3) = 0
[pid 5244] mkdir("./file0", 0777) = 0
[pid 5244] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5244] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5244] chdir("./file0") = 0
[pid 5244] ioctl(4, LOOP_CLR_FD) = 0
[pid 5244] close(4) = 0
[pid 5244] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5243] <... futex resumed>) = 0
[pid 5244] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5243] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5244] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5243] <... futex resumed>) = 0
[pid 5244] mkdir("./bus", 0777 <unfinished ...>
[pid 5243] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5243] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5243] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5244] <... mkdir resumed>) = 0
[pid 5244] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5243] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID <unfinished ...>
[pid 5244] +++ killed by SIGSEGV +++
[pid 5243] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5243, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./60", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./60/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./60/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./60/binderfs") = 0
[ 64.310718][ T5244] loop0: detected capacity change from 0 to 4096
[ 64.320361][ T5244] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./60/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./60/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./60/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./60/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./60") = 0
mkdir("./61", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5245
./strace-static-x86_64: Process 5245 attached
[pid 5245] set_robust_list(0x555555b665e0, 24) = 0
[pid 5245] chdir("./61") = 0
[pid 5245] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5245] setpgid(0, 0) = 0
[pid 5245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5245] write(3, "1000", 4) = 4
[pid 5245] close(3) = 0
[pid 5245] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5245] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5245] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5245] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5245] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5246], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5246
[pid 5245] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5245] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5246 attached
<unfinished ...>
[pid 5246] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5246] memfd_create("syzkaller", 0) = 3
[pid 5246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5246] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5246] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5246] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5246] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5246] close(3) = 0
[pid 5246] mkdir("./file0", 0777) = 0
[pid 5246] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5246] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5246] chdir("./file0") = 0
[pid 5246] ioctl(4, LOOP_CLR_FD) = 0
[pid 5246] close(4) = 0
[pid 5246] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5246] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5245] <... futex resumed>) = 0
[pid 5245] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5245] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5245] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5245] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5245] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5247], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5247
[pid 5245] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5245] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5246] <... futex resumed>) = 0
./strace-static-x86_64: Process 5247 attached
[pid 5247] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus" <unfinished ...>
[pid 5246] mkdir("./bus", 0777 <unfinished ...>
[pid 5247] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[pid 5247] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5246] <... mkdir resumed>) = 0
[pid 5247] chdir("./bus" <unfinished ...>
[pid 5246] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5247] <... chdir resumed>) = 0
[ 64.428765][ T5246] loop0: detected capacity change from 0 to 4096
[ 64.439053][ T5246] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5245] <... futex resumed>) = ?
[pid 5247] +++ killed by SIGSEGV +++
[pid 5246] +++ killed by SIGSEGV +++
[pid 5245] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5245, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=2 /* 0.02 s */} ---
umount2("./61", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./61/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./61/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./61/binderfs") = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./61/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./61/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./61/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./61/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./61") = 0
mkdir("./62", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5248
./strace-static-x86_64: Process 5248 attached
[pid 5248] set_robust_list(0x555555b665e0, 24) = 0
[pid 5248] chdir("./62") = 0
[pid 5248] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5248] setpgid(0, 0) = 0
[pid 5248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5248] write(3, "1000", 4) = 4
[pid 5248] close(3) = 0
[pid 5248] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5248] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5248] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5248] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5248] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5249 attached
, parent_tid=[5249], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5249
[pid 5249] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5249] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5248] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5249] <... futex resumed>) = 0
[pid 5248] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5249] memfd_create("syzkaller", 0) = 3
[pid 5249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5249] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5249] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5249] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5249] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5249] close(3) = 0
[pid 5249] mkdir("./file0", 0777) = 0
[pid 5249] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5249] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5249] chdir("./file0") = 0
[pid 5249] ioctl(4, LOOP_CLR_FD) = 0
[pid 5249] close(4) = 0
[pid 5249] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5248] <... futex resumed>) = 0
[pid 5249] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5248] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5249] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5248] <... futex resumed>) = 0
[pid 5249] mkdir("./bus", 0777 <unfinished ...>
[pid 5248] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5249] <... mkdir resumed>) = 0
[pid 5248] <... futex resumed>) = 0
[pid 5249] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5248] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5249] +++ killed by SIGSEGV +++
[pid 5248] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5248, si_uid=0, si_status=SIGSEGV, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./62", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[ 64.584154][ T5249] loop0: detected capacity change from 0 to 4096
[ 64.594486][ T5249] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./62/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./62/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./62/binderfs") = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./62/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./62/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./62/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./62/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./62") = 0
mkdir("./63", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5250
./strace-static-x86_64: Process 5250 attached
[pid 5250] set_robust_list(0x555555b665e0, 24) = 0
[pid 5250] chdir("./63") = 0
[pid 5250] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5250] setpgid(0, 0) = 0
[pid 5250] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5250] write(3, "1000", 4) = 4
[pid 5250] close(3) = 0
[pid 5250] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5250] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5250] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5250] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5250] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5251 attached
, parent_tid=[5251], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5251
[pid 5251] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5250] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5250] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5251] <... set_robust_list resumed>) = 0
[pid 5251] memfd_create("syzkaller", 0) = 3
[pid 5251] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5251] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5251] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5251] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5251] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5251] close(3) = 0
[pid 5251] mkdir("./file0", 0777) = 0
[pid 5251] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5251] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5251] chdir("./file0") = 0
[pid 5251] ioctl(4, LOOP_CLR_FD) = 0
[pid 5251] close(4) = 0
[pid 5251] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5250] <... futex resumed>) = 0
[pid 5250] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5250] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5250] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5250] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5250] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5252], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5252
[pid 5250] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5250] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5251] <... futex resumed>) = 1
[pid 5251] mkdir("./bus", 0777./strace-static-x86_64: Process 5252 attached
<unfinished ...>
[pid 5252] set_robust_list(0x7f6f26a5d9e0, 24 <unfinished ...>
[pid 5251] <... mkdir resumed>) = 0
[pid 5252] <... set_robust_list resumed>) = 0
[pid 5252] chdir("./bus") = 0
[pid 5252] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5252] chdir("./bus" <unfinished ...>
[pid 5251] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5250] <... futex resumed>) = ?
[pid 5251] +++ killed by SIGSEGV +++
[pid 5252] <... chdir resumed>) = ?
[pid 5252] +++ killed by SIGSEGV +++
[pid 5250] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5250, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./63", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[ 64.726944][ T5251] loop0: detected capacity change from 0 to 4096
[ 64.736326][ T5251] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./63/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./63/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./63/binderfs") = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./63/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./63/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./63/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./63/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./63") = 0
mkdir("./64", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5253
./strace-static-x86_64: Process 5253 attached
[pid 5253] set_robust_list(0x555555b665e0, 24) = 0
[pid 5253] chdir("./64") = 0
[pid 5253] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5253] setpgid(0, 0) = 0
[pid 5253] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5253] write(3, "1000", 4) = 4
[pid 5253] close(3) = 0
[pid 5253] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5253] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5253] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5253] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5253] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5254], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5254
[pid 5253] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5253] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5254 attached
<unfinished ...>
[pid 5254] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5254] memfd_create("syzkaller", 0) = 3
[pid 5254] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5254] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5254] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5254] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5254] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5254] close(3) = 0
[pid 5254] mkdir("./file0", 0777) = 0
[pid 5254] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5254] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5254] chdir("./file0") = 0
[pid 5254] ioctl(4, LOOP_CLR_FD) = 0
[pid 5254] close(4) = 0
[pid 5254] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5253] <... futex resumed>) = 0
[pid 5254] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5253] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5253] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5253] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5253] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5253] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5255], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5255
[pid 5253] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5253] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5254] <... futex resumed>) = 0
[pid 5254] mkdir("./bus", 0777./strace-static-x86_64: Process 5255 attached
<unfinished ...>
[pid 5255] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5255] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5255] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5254] <... mkdir resumed>) = 0
[pid 5255] chdir("./bus" <unfinished ...>
[pid 5254] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5255] <... chdir resumed>) = 0
[pid 5255] chdir("./bus" <unfinished ...>
[pid 5253] <... futex resumed>) = ?
[pid 5254] +++ killed by SIGSEGV +++
[pid 5255] <... chdir resumed>) = ?
[pid 5255] +++ killed by SIGSEGV +++
[pid 5253] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5253, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=7 /* 0.07 s */} ---
umount2("./64", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./64/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./64/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./64/binderfs") = 0
[ 64.855396][ T5254] loop0: detected capacity change from 0 to 4096
[ 64.864459][ T5254] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./64/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./64/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./64/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./64/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./64") = 0
mkdir("./65", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5256 attached
<unfinished ...>
[pid 5256] set_robust_list(0x555555b665e0, 24) = 0
[pid 5256] chdir("./65") = 0
[pid 5256] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5072] <... clone resumed>, child_tidptr=0x555555b665d0) = 5256
[pid 5256] setpgid(0, 0) = 0
[pid 5256] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5256] write(3, "1000", 4) = 4
[pid 5256] close(3) = 0
[pid 5256] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5256] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5256] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5256] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5256] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5257 attached
, parent_tid=[5257], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5257
[pid 5257] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5257] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5256] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5257] <... futex resumed>) = 0
[pid 5256] <... futex resumed>) = 1
[pid 5256] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5257] memfd_create("syzkaller", 0) = 3
[pid 5257] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5257] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5257] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5257] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5257] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5257] close(3) = 0
[pid 5257] mkdir("./file0", 0777) = 0
[pid 5257] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5257] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5257] chdir("./file0") = 0
[pid 5257] ioctl(4, LOOP_CLR_FD) = 0
[pid 5257] close(4) = 0
[pid 5257] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5256] <... futex resumed>) = 0
[pid 5256] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5256] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5256] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5256] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5256] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5258], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5258
[pid 5256] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5256] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5257] <... futex resumed>) = 1
./strace-static-x86_64: Process 5258 attached
[pid 5258] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5258] chdir("./bus" <unfinished ...>
[pid 5257] mkdir("./bus", 0777 <unfinished ...>
[pid 5258] <... chdir resumed>) = -1 ENOENT (No such file or directory)
[pid 5258] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5258] chdir("./bus") = -1 ENOENT (No such file or directory)
[ 64.985398][ T5257] loop0: detected capacity change from 0 to 4096
[ 64.996369][ T5257] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5258] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5258] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5257] <... mkdir resumed>) = 0
[pid 5257] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5256] <... futex resumed>) = ?
[pid 5258] +++ killed by SIGSEGV +++
[pid 5257] +++ killed by SIGSEGV +++
[pid 5256] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5256, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./65", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./65/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./65/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./65/binderfs") = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./65/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./65/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./65/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./65/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./65") = 0
mkdir("./66", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5259
./strace-static-x86_64: Process 5259 attached
[pid 5259] set_robust_list(0x555555b665e0, 24) = 0
[pid 5259] chdir("./66") = 0
[pid 5259] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5259] setpgid(0, 0) = 0
[pid 5259] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5259] write(3, "1000", 4) = 4
[pid 5259] close(3) = 0
[pid 5259] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5259] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5259] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5259] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5259] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5260 attached
<unfinished ...>
[pid 5260] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5260] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5259] <... clone resumed>, parent_tid=[5260], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5260
[pid 5259] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5259] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5260] <... futex resumed>) = 0
[pid 5260] memfd_create("syzkaller", 0) = 3
[pid 5260] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5260] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5260] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5260] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5260] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5260] close(3) = 0
[pid 5260] mkdir("./file0", 0777) = 0
[pid 5260] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5260] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5260] chdir("./file0") = 0
[pid 5260] ioctl(4, LOOP_CLR_FD) = 0
[pid 5260] close(4) = 0
[pid 5260] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5259] <... futex resumed>) = 0
[pid 5260] mkdir("./bus", 0777 <unfinished ...>
[pid 5259] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5259] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5260] <... mkdir resumed>) = 0
[pid 5259] <... futex resumed>) = 0
[pid 5259] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5260] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5259] <... mmap resumed>) = 0x7f6f26a3d000
[pid 5260] +++ killed by SIGSEGV +++
[pid 5259] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5259, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./66", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./66/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./66/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./66/binderfs") = 0
[ 65.137322][ T5260] loop0: detected capacity change from 0 to 4096
[ 65.146403][ T5260] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./66/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./66/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./66/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./66/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./66") = 0
mkdir("./67", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5261
./strace-static-x86_64: Process 5261 attached
[pid 5261] set_robust_list(0x555555b665e0, 24) = 0
[pid 5261] chdir("./67") = 0
[pid 5261] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5261] setpgid(0, 0) = 0
[pid 5261] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5261] write(3, "1000", 4) = 4
[pid 5261] close(3) = 0
[pid 5261] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5261] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5261] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5261] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5261] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5262 attached
, parent_tid=[5262], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5262
[pid 5261] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5261] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5262] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5262] memfd_create("syzkaller", 0) = 3
[pid 5262] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5262] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5262] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5262] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5262] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5262] close(3) = 0
[pid 5262] mkdir("./file0", 0777) = 0
[pid 5262] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5262] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5262] chdir("./file0") = 0
[pid 5262] ioctl(4, LOOP_CLR_FD) = 0
[pid 5262] close(4) = 0
[pid 5262] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5261] <... futex resumed>) = 0
[pid 5261] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5261] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5262] mkdir("./bus", 0777 <unfinished ...>
[pid 5261] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5261] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE <unfinished ...>
[pid 5262] <... mkdir resumed>) = 0
[pid 5261] <... mprotect resumed>) = 0
[pid 5262] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5261] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID <unfinished ...>) = ?
[pid 5262] +++ killed by SIGSEGV +++
[pid 5261] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5261, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
umount2("./67", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./67/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./67/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./67/binderfs") = 0
[ 65.268040][ T5262] loop0: detected capacity change from 0 to 4096
[ 65.277106][ T5262] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./67/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./67/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./67/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./67/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./67") = 0
mkdir("./68", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5264
./strace-static-x86_64: Process 5264 attached
[pid 5264] set_robust_list(0x555555b665e0, 24) = 0
[pid 5264] chdir("./68") = 0
[pid 5264] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5264] setpgid(0, 0) = 0
[pid 5264] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5264] write(3, "1000", 4) = 4
[pid 5264] close(3) = 0
[pid 5264] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5264] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5264] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5264] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5264] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5265], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5265
[pid 5264] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5264] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000}./strace-static-x86_64: Process 5265 attached
<unfinished ...>
[pid 5265] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5265] memfd_create("syzkaller", 0) = 3
[pid 5265] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5265] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5265] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5265] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5265] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5265] close(3) = 0
[pid 5265] mkdir("./file0", 0777) = 0
[pid 5265] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5265] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5265] chdir("./file0") = 0
[pid 5265] ioctl(4, LOOP_CLR_FD) = 0
[pid 5265] close(4) = 0
[pid 5265] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5264] <... futex resumed>) = 0
[pid 5265] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5264] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5265] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5264] <... futex resumed>) = 0
[pid 5265] mkdir("./bus", 0777 <unfinished ...>
[pid 5264] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5265] <... mkdir resumed>) = 0
[pid 5264] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5265] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5264] <... mmap resumed>) = ? <unavailable>
[pid 5265] +++ killed by SIGSEGV +++
[pid 5264] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5264, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./68", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
[ 65.406957][ T5265] loop0: detected capacity change from 0 to 4096
[ 65.418124][ T5265] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
openat(AT_FDCWD, "./68", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./68/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./68/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./68/binderfs") = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./68/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./68/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./68/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./68/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./68") = 0
mkdir("./69", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5266
./strace-static-x86_64: Process 5266 attached
[pid 5266] set_robust_list(0x555555b665e0, 24) = 0
[pid 5266] chdir("./69") = 0
[pid 5266] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5266] setpgid(0, 0) = 0
[pid 5266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5266] write(3, "1000", 4) = 4
[pid 5266] close(3) = 0
[pid 5266] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5266] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5266] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5266] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5266] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5267], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5267
./strace-static-x86_64: Process 5267 attached
[pid 5266] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5266] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5267] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5267] memfd_create("syzkaller", 0) = 3
[pid 5267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5267] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5267] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5267] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5267] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5267] close(3) = 0
[pid 5267] mkdir("./file0", 0777) = 0
[pid 5267] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5267] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5267] chdir("./file0") = 0
[pid 5267] ioctl(4, LOOP_CLR_FD) = 0
[pid 5267] close(4) = 0
[pid 5267] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5266] <... futex resumed>) = 0
[pid 5266] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5266] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5266] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5266] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5266] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5268], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5268
[pid 5266] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5266] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5267] <... futex resumed>) = 1
[pid 5267] mkdir("./bus", 0777) = 0
[pid 5267] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5268 attached
[pid 5266] <... futex resumed>) = ?
[pid 5268] +++ killed by SIGSEGV +++
[pid 5267] +++ killed by SIGSEGV +++
[pid 5266] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5266, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./69", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./69", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./69/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./69/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./69/binderfs") = 0
[ 65.551607][ T5267] loop0: detected capacity change from 0 to 4096
[ 65.562020][ T5267] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./69/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./69/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./69/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./69/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./69") = 0
mkdir("./70", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5269
./strace-static-x86_64: Process 5269 attached
[pid 5269] set_robust_list(0x555555b665e0, 24) = 0
[pid 5269] chdir("./70") = 0
[pid 5269] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5269] setpgid(0, 0) = 0
[pid 5269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5269] write(3, "1000", 4) = 4
[pid 5269] close(3) = 0
[pid 5269] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5269] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5269] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5269] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5269] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5270], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5270
[pid 5269] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
./strace-static-x86_64: Process 5270 attached
[pid 5270] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5269] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5270] <... set_robust_list resumed>) = 0
[pid 5270] memfd_create("syzkaller", 0) = 3
[pid 5270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5270] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5270] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5270] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5270] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5270] close(3) = 0
[pid 5270] mkdir("./file0", 0777) = 0
[pid 5270] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5270] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5270] chdir("./file0") = 0
[pid 5270] ioctl(4, LOOP_CLR_FD) = 0
[pid 5270] close(4) = 0
[pid 5270] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5269] <... futex resumed>) = 0
[pid 5269] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5269] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5269] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5270] mkdir("./bus", 0777 <unfinished ...>
[pid 5269] <... mmap resumed>) = 0x7f6f26a3d000
[pid 5269] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5269] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5271], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5271
[pid 5269] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5269] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5270] <... mkdir resumed>) = 0
[pid 5270] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5269] <... futex resumed>) = ?
./strace-static-x86_64: Process 5271 attached
[pid 5270] +++ killed by SIGSEGV +++
[pid 5271] +++ killed by SIGSEGV +++
[pid 5269] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5269, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=2 /* 0.02 s */} ---
[ 65.690663][ T5270] loop0: detected capacity change from 0 to 4096
[ 65.699719][ T5270] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./70", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./70", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./70/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./70/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./70/binderfs") = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./70/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./70/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./70/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./70/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./70") = 0
mkdir("./71", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5272
./strace-static-x86_64: Process 5272 attached
[pid 5272] set_robust_list(0x555555b665e0, 24) = 0
[pid 5272] chdir("./71") = 0
[pid 5272] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5272] setpgid(0, 0) = 0
[pid 5272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5272] write(3, "1000", 4) = 4
[pid 5272] close(3) = 0
[pid 5272] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5272] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5272] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5272] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5273 attached
, parent_tid=[5273], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5273
[pid 5272] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5273] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5273] memfd_create("syzkaller", 0) = 3
[pid 5273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5273] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5273] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5273] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5273] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5273] close(3) = 0
[pid 5273] mkdir("./file0", 0777) = 0
[pid 5273] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5273] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5273] chdir("./file0") = 0
[pid 5273] ioctl(4, LOOP_CLR_FD) = 0
[pid 5273] close(4) = 0
[pid 5273] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5272] <... futex resumed>) = 0
[pid 5272] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5273] mkdir("./bus", 0777 <unfinished ...>
[pid 5272] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5272] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5272] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5274 attached
, parent_tid=[5274], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5274
[pid 5272] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5272] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5274] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5273] <... mkdir resumed>) = 0
[pid 5274] chdir("./bus") = 0
[pid 5274] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5274] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5274] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5274] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5273] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5274] ???() = ?
[pid 5272] <... futex resumed>) = ?
[pid 5274] +++ killed by SIGSEGV +++
[pid 5273] +++ killed by SIGSEGV +++
[pid 5272] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5272, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./71", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./71", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
[ 65.822713][ T5273] loop0: detected capacity change from 0 to 4096
[ 65.831907][ T5273] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./71/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./71/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./71/binderfs") = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./71/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./71/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./71/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./71/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./71") = 0
mkdir("./72", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5275
./strace-static-x86_64: Process 5275 attached
[pid 5275] set_robust_list(0x555555b665e0, 24) = 0
[pid 5275] chdir("./72") = 0
[pid 5275] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5275] setpgid(0, 0) = 0
[pid 5275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5275] write(3, "1000", 4) = 4
[pid 5275] close(3) = 0
[pid 5275] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5275] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5275] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5275] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5275] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5276 attached
, parent_tid=[5276], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5276
[pid 5275] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5276] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5275] <... futex resumed>) = 0
[pid 5276] <... set_robust_list resumed>) = 0
[pid 5275] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5276] memfd_create("syzkaller", 0) = 3
[pid 5276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5276] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5276] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5276] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5276] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5276] close(3) = 0
[pid 5276] mkdir("./file0", 0777) = 0
[pid 5276] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5276] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5276] chdir("./file0") = 0
[pid 5276] ioctl(4, LOOP_CLR_FD) = 0
[pid 5276] close(4) = 0
[pid 5276] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5275] <... futex resumed>) = 0
[pid 5275] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5275] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5275] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 5276] mkdir("./bus", 0777 <unfinished ...>
[pid 5275] <... mmap resumed>) = 0x7f6f26a3d000
[pid 5275] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5275] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5277], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5277
[pid 5275] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5275] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5277 attached
<unfinished ...>
[pid 5277] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus" <unfinished ...>
[pid 5276] <... mkdir resumed>) = 0
[pid 5277] <... chdir resumed>) = 0
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5277] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5276] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[pid 5277] ???() = ?
[ 65.959134][ T5276] loop0: detected capacity change from 0 to 4096
[ 65.969534][ T5276] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5275] <... futex resumed>) = ?
[pid 5277] +++ killed by SIGSEGV +++
[pid 5276] +++ killed by SIGSEGV +++
[pid 5275] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5275, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
umount2("./72", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./72", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./72/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./72/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
unlink("./72/binderfs") = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./72/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./72/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./72/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./72/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./72") = 0
mkdir("./73", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5278
./strace-static-x86_64: Process 5278 attached
[pid 5278] set_robust_list(0x555555b665e0, 24) = 0
[pid 5278] chdir("./73") = 0
[pid 5278] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5278] setpgid(0, 0) = 0
[pid 5278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5278] write(3, "1000", 4) = 4
[pid 5278] close(3) = 0
[pid 5278] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5278] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5278] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5278] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5278] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5279 attached
<unfinished ...>
[pid 5279] set_robust_list(0x7f6f2ec7e9e0, 24) = 0
[pid 5279] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5278] <... clone resumed>, parent_tid=[5279], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5279
[pid 5278] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5279] <... futex resumed>) = 0
[pid 5278] <... futex resumed>) = 1
[pid 5278] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5279] memfd_create("syzkaller", 0) = 3
[pid 5279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5279] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5279] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5279] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5279] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5279] close(3) = 0
[pid 5279] mkdir("./file0", 0777) = 0
[pid 5279] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5279] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5279] chdir("./file0") = 0
[pid 5279] ioctl(4, LOOP_CLR_FD) = 0
[pid 5279] close(4) = 0
[pid 5279] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5278] <... futex resumed>) = 0
[pid 5278] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5279] mkdir("./bus", 0777 <unfinished ...>
[pid 5278] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5278] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5278] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5278] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5280], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5280
[pid 5278] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5278] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} <unfinished ...>
[pid 5279] <... mkdir resumed>) = 0
[pid 5279] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
./strace-static-x86_64: Process 5280 attached
[pid 5278] <... futex resumed>) = ?
[pid 5280] +++ killed by SIGSEGV +++
[pid 5279] +++ killed by SIGSEGV +++
[pid 5278] +++ killed by SIGSEGV +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5278, si_uid=0, si_status=SIGSEGV, si_utime=0, si_stime=5 /* 0.05 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./73", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./73", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(3, 0x555555b67620 /* 4 entries */, 32768) = 112
umount2("./73/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./73/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0
[ 66.100485][ T5279] loop0: detected capacity change from 0 to 4096
[ 66.109472][ T5279] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
unlink("./73/binderfs") = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
lstat("./73/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
umount2("./73/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./73/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
getdents64(4, 0x555555b6f660 /* 2 entries */, 32768) = 48
getdents64(4, 0x555555b6f660 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./73/file0") = 0
getdents64(3, 0x555555b67620 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./73") = 0
mkdir("./74", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b665d0) = 5281
./strace-static-x86_64: Process 5281 attached
[pid 5281] set_robust_list(0x555555b665e0, 24) = 0
[pid 5281] chdir("./74") = 0
[pid 5281] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5281] setpgid(0, 0) = 0
[pid 5281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5281] write(3, "1000", 4) = 4
[pid 5281] close(3) = 0
[pid 5281] symlink("/dev/binderfs", "./binderfs") = 0
[pid 5281] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5281] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f2ec5e000
[pid 5281] mprotect(0x7f6f2ec5f000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5281] clone(child_stack=0x7f6f2ec7e3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID./strace-static-x86_64: Process 5282 attached
<unfinished ...>
[pid 5282] set_robust_list(0x7f6f2ec7e9e0, 24 <unfinished ...>
[pid 5281] <... clone resumed>, parent_tid=[5282], tls=0x7f6f2ec7e700, child_tidptr=0x7f6f2ec7e9d0) = 5282
[pid 5282] <... set_robust_list resumed>) = 0
[pid 5282] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5281] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5282] <... futex resumed>) = 0
[pid 5281] <... futex resumed>) = 1
[pid 5281] futex(0x7f6f2ed7678c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} <unfinished ...>
[pid 5282] memfd_create("syzkaller", 0) = 3
[pid 5282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6f2685e000
[pid 5282] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152
[pid 5282] munmap(0x7f6f2685e000, 2097152) = 0
[pid 5282] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 5282] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 5282] close(3) = 0
[pid 5282] mkdir("./file0", 0777) = 0
[pid 5282] mount("/dev/loop0", "./file0", "ntfs3", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_MANDLOCK|MS_REC|MS_LAZYTIME, "showmeta,") = 0
[pid 5282] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 5282] chdir("./file0") = 0
[pid 5282] ioctl(4, LOOP_CLR_FD) = 0
[pid 5282] close(4) = 0
[pid 5282] futex(0x7f6f2ed7678c, FUTEX_WAKE_PRIVATE, 1000000) = 1
[pid 5281] <... futex resumed>) = 0
[pid 5282] futex(0x7f6f2ed76788, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 5281] futex(0x7f6f2ed76788, FUTEX_WAKE_PRIVATE, 1000000 <unfinished ...>
[pid 5282] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable)
[pid 5281] <... futex resumed>) = 0
[pid 5282] mkdir("./bus", 0777 <unfinished ...>
[pid 5281] futex(0x7f6f2ed7679c, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5281] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6f26a3d000
[pid 5281] mprotect(0x7f6f26a3e000, 131072, PROT_READ|PROT_WRITE) = 0
[pid 5281] clone(child_stack=0x7f6f26a5d3f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[5283], tls=0x7f6f26a5d700, child_tidptr=0x7f6f26a5d9d0) = 5283
[pid 5281] futex(0x7f6f2ed76798, FUTEX_WAKE_PRIVATE, 1000000) = 0
[pid 5281] futex(0x7f6f2ed7679c, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}./strace-static-x86_64: Process 5283 attached
<unfinished ...>
[pid 5283] set_robust_list(0x7f6f26a5d9e0, 24) = 0
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = -1 ENOENT (No such file or directory)
[pid 5283] chdir("./bus") = 0
[pid 5283] chdir("./bus" <unfinished ...>
[pid 5282] <... mkdir resumed>) = 0
[ 66.223260][ T5282] loop0: detected capacity change from 0 to 4096
[ 66.232340][ T5282] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[pid 5282] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=NULL} ---
[ 66.273480][ T5283] ------------[ cut here ]------------
[ 66.279446][ T5283] DEBUG_RWSEMS_WARN_ON(!is_rwsem_reader_owned(sem)): count = 0x0, magic = 0xffff8880725a36d0, owner = 0x0, curr 0xffff888028060000, list empty
[ 66.294592][ T5283] WARNING: CPU: 1 PID: 5283 at kernel/locking/rwsem.c:1336 __up_read+0x5ff/0x690
[ 66.304013][ T5283] Modules linked in:
[ 66.308060][ T5283] CPU: 0 PID: 5283 Comm: syz-executor217 Not tainted 6.1.0-syzkaller-11674-g84e57d292203 #0
[ 66.318224][ T5283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 66.328585][ T5283] RIP: 0010:__up_read+0x5ff/0x690
[ 66.333621][ T5283] Code: 44 d8 48 c7 c7 a0 ab ed 8a 48 c7 c6 40 ac ed 8a 48 8b 54 24 20 4c 89 f1 4d 89 f8 4d 89 e9 31 c0 53 e8 85 61 e8 ff 48 83 c4 08 <0f> 0b 48 bb 00 00 00 00 00 fc ff df 4c 8b 6c 24 18 e9 53 fb ff ff
[ 66.353343][ T5283] RSP: 0018:ffffc90003fffa60 EFLAGS: 00010296
[ 66.359548][ T5283] RAX: 9113eee468a99100 RBX: ffffffff8aedac80 RCX: ffff888028060000
[ 66.367993][ T5283] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 66.375992][ T5283] RBP: ffffc90003fffb38 R08: ffffffff816f274d R09: fffff520007fff05
[ 66.384363][ T5283] R10: fffff520007fff05 R11: 1ffff920007fff04 R12: ffff8880725a3728
[ 66.392572][ T5283] R13: ffff888028060000 R14: ffff8880725a36d0 R15: 0000000000000000
[ 66.400738][ T5283] FS: 00007f6f26a5d700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[ 66.409958][ T5283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 66.416810][ T5283] CR2: 00007f6f26a5d718 CR3: 000000001d340000 CR4: 00000000003506f0
[ 66.424796][ T5283] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 66.432851][ T5283] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 66.440924][ T5283] Call Trace:
[ 66.444214][ T5283] <TASK>
[ 66.447261][ T5283] ? __lock_acquire+0x1f60/0x1f60
[ 66.452322][ T5283] ? up_read+0x20/0x20
[ 66.456474][ T5283] ? __down_read_common+0x156/0x2a0
[ 66.461691][ T5283] lookup_slow+0x5e/0x70
[ 66.465955][ T5283] walk_component+0x2e1/0x410
[ 66.470726][ T5283] ? path_lookupat+0x16f/0x450
[ 66.475513][ T5283] path_lookupat+0x17d/0x450
[ 66.480413][ T5283] filename_lookup+0x274/0x650
[ 66.485198][ T5283] ? hashlen_string+0x120/0x120
[ 66.490435][ T5283] ? check_heap_object+0x244/0x810
[ 66.495565][ T5283] ? __phys_addr_symbol+0x2b/0x70
[ 66.501077][ T5283] ? 0xffffffff81000000
[ 66.505253][ T5283] ? __check_object_size+0x15a/0x210
[ 66.510875][ T5283] ? strncpy_from_user+0x1d6/0x330
[ 66.516501][ T5283] ? getname_flags+0x1ea/0x4e0
[ 66.521299][ T5283] user_path_at_empty+0x40/0x1a0
[ 66.526619][ T5283] __se_sys_chdir+0xb8/0x210
[ 66.531225][ T5283] ? __x64_sys_chdir+0x40/0x40
[ 66.535976][ T5283] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 66.542378][ T5283] ? syscall_enter_from_user_mode+0x86/0x1d0
[ 66.548572][ T5283] do_syscall_64+0x3d/0xb0
[ 66.552990][ T5283] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 66.559114][ T5283] RIP: 0033:0x7f6f2ecd2659
[ 66.563524][ T5283] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 66.583411][ T5283] RSP: 002b:00007f6f26a5d2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
[ 66.592044][ T5283] RAX: ffffffffffffffda RBX: 0000000000000032 RCX: 00007f6f2ecd2659
[ 66.600232][ T5283] RDX: 00007f6f2ecd2659 RSI: ffffffffffffffb8 RDI: 0000000020000380
[ 66.608380][ T5283] RBP: 00007f6f2ed76798 R08: 0000000000000000 R09: 0000000000000000
[ 66.616715][ T5283] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6f2ed76790
[ 66.624690][ T5283] R13: 00007f6f2ed7679c R14: 6174656d776f6873 R15: 0030656c69662f2e
[ 66.632735][ T5283] </TASK>
[ 66.635768][ T5283] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 66.643034][ T5283] CPU: 0 PID: 5283 Comm: syz-executor217 Not tainted 6.1.0-syzkaller-11674-g84e57d292203 #0
[ 66.653098][ T5283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 66.663152][ T5283] Call Trace:
[ 66.666421][ T5283] <TASK>
[ 66.669341][ T5283] dump_stack_lvl+0x1b1/0x290
[ 66.674023][ T5283] ? nf_tcp_handle_invalid+0x630/0x630
[ 66.679488][ T5283] ? panic+0x710/0x710
[ 66.683572][ T5283] ? vscnprintf+0x59/0x80
[ 66.687924][ T5283] ? __up_read+0x540/0x690
[ 66.692348][ T5283] panic+0x2d6/0x710
[ 66.696245][ T5283] ? __warn+0x16d/0x2d0
[ 66.700420][ T5283] ? memcpy_page_flushcache+0x100/0x100
[ 66.706001][ T5283] ? __up_read+0x5ff/0x690
[ 66.710422][ T5283] __warn+0x284/0x2d0
[ 66.714428][ T5283] ? __up_read+0x5ff/0x690
[ 66.718844][ T5283] report_bug+0x1b3/0x2d0
[ 66.723173][ T5283] handle_bug+0x3d/0x70
[ 66.727324][ T5283] exc_invalid_op+0x16/0x40
[ 66.731816][ T5283] asm_exc_invalid_op+0x16/0x20
[ 66.736661][ T5283] RIP: 0010:__up_read+0x5ff/0x690
[ 66.741680][ T5283] Code: 44 d8 48 c7 c7 a0 ab ed 8a 48 c7 c6 40 ac ed 8a 48 8b 54 24 20 4c 89 f1 4d 89 f8 4d 89 e9 31 c0 53 e8 85 61 e8 ff 48 83 c4 08 <0f> 0b 48 bb 00 00 00 00 00 fc ff df 4c 8b 6c 24 18 e9 53 fb ff ff
[ 66.761274][ T5283] RSP: 0018:ffffc90003fffa60 EFLAGS: 00010296
[ 66.767336][ T5283] RAX: 9113eee468a99100 RBX: ffffffff8aedac80 RCX: ffff888028060000
[ 66.775299][ T5283] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 66.783257][ T5283] RBP: ffffc90003fffb38 R08: ffffffff816f274d R09: fffff520007fff05
[ 66.791215][ T5283] R10: fffff520007fff05 R11: 1ffff920007fff04 R12: ffff8880725a3728
[ 66.799178][ T5283] R13: ffff888028060000 R14: ffff8880725a36d0 R15: 0000000000000000
[ 66.807144][ T5283] ? __wake_up_klogd+0xcd/0x100
[ 66.812002][ T5283] ? __lock_acquire+0x1f60/0x1f60
[ 66.817024][ T5283] ? up_read+0x20/0x20
[ 66.821095][ T5283] ? __down_read_common+0x156/0x2a0
[ 66.826286][ T5283] lookup_slow+0x5e/0x70
[ 66.830534][ T5283] walk_component+0x2e1/0x410
[ 66.835198][ T5283] ? path_lookupat+0x16f/0x450
[ 66.839960][ T5283] path_lookupat+0x17d/0x450
[ 66.844547][ T5283] filename_lookup+0x274/0x650
[ 66.849312][ T5283] ? hashlen_string+0x120/0x120
[ 66.854161][ T5283] ? check_heap_object+0x244/0x810
[ 66.859273][ T5283] ? __phys_addr_symbol+0x2b/0x70
[ 66.864293][ T5283] ? 0xffffffff81000000
[ 66.868434][ T5283] ? __check_object_size+0x15a/0x210
[ 66.873717][ T5283] ? strncpy_from_user+0x1d6/0x330
[ 66.878850][ T5283] ? getname_flags+0x1ea/0x4e0
[ 66.883640][ T5283] user_path_at_empty+0x40/0x1a0
[ 66.888592][ T5283] __se_sys_chdir+0xb8/0x210
[ 66.893201][ T5283] ? __x64_sys_chdir+0x40/0x40
[ 66.897985][ T5283] ? syscall_enter_from_user_mode+0x2e/0x1d0
[ 66.903975][ T5283] ? syscall_enter_from_user_mode+0x86/0x1d0
[ 66.909950][ T5283] do_syscall_64+0x3d/0xb0
[ 66.914366][ T5283] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 66.920252][ T5283] RIP: 0033:0x7f6f2ecd2659
[ 66.924659][ T5283] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 66.944290][ T5283] RSP: 002b:00007f6f26a5d2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
[ 66.952719][ T5283] RAX: ffffffffffffffda RBX: 0000000000000032 RCX: 00007f6f2ecd2659
[ 66.960712][ T5283] RDX: 00007f6f2ecd2659 RSI: ffffffffffffffb8 RDI: 0000000020000380
[ 66.968675][ T5283] RBP: 00007f6f2ed76798 R08: 0000000000000000 R09: 0000000000000000
[ 66.976635][ T5283] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6f2ed76790
[ 66.984594][ T5283] R13: 00007f6f2ed7679c R14: 6174656d776f6873 R15: 0030656c69662f2e
[ 66.992575][ T5283] </TASK>
[ 66.995731][ T5283] Kernel Offset: disabled
[ 67.000095][ T5283] Rebooting in 86400 seconds..