./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2652444327
<...>
Warning: Permanently added '10.128.1.104' (ED25519) to the list of known hosts.
execve("./syz-executor2652444327", ["./syz-executor2652444327"], 0x7ffece07bf10 /* 10 vars */) = 0
brk(NULL) = 0x5555596d1000
brk(0x5555596d1d00) = 0x5555596d1d00
arch_prctl(ARCH_SET_FS, 0x5555596d1380) = 0
set_tid_address(0x5555596d1650) = 299
set_robust_list(0x5555596d1660, 24) = 0
rseq(0x5555596d1ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2652444327", 4096) = 28
getrandom("\xb4\x38\x3e\x01\x51\x15\x6f\x69", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x5555596d1d00
brk(0x5555596f2d00) = 0x5555596f2d00
brk(0x5555596f3000) = 0x5555596f3000
mprotect(0x7f1846aac000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
mkdir("./syzkaller.oKRLv1", 0700) = 0
chmod("./syzkaller.oKRLv1", 0777) = 0
chdir("./syzkaller.oKRLv1") = 0
mkdir("./0", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 300
./strace-static-x86_64: Process 300 attached
[pid 300] set_robust_list(0x5555596d1660, 24) = 0
[pid 300] chdir("./0") = 0
[pid 300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 300] setpgid(0, 0) = 0
[pid 300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 300] write(3, "1000", 4) = 4
[pid 300] close(3) = 0
[pid 300] symlink("/dev/binderfs", "./binderfs") = 0
[pid 300] write(1, "executing program\n", 18executing program
) = 18
[pid 300] memfd_create("syzkaller", 0) = 3
[pid 300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 300] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 300] munmap(0x7f183e5f9000, 138412032) = 0
[pid 300] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 300] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 300] close(3) = 0
[ 27.466381][ T30] audit: type=1400 audit(1734530147.609:66): avc: denied { execmem } for pid=299 comm="syz-executor265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 27.485900][ T30] audit: type=1400 audit(1734530147.619:67): avc: denied { read write } for pid=299 comm="syz-executor265" name="loop0" dev="devtmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 27.497577][ T300] loop0: detected capacity change from 0 to 512
[pid 300] close(4) = 0
[pid 300] mkdir("./file0", 0777) = 0
[ 27.516088][ T30] audit: type=1400 audit(1734530147.619:68): avc: denied { open } for pid=299 comm="syz-executor265" path="/dev/loop0" dev="devtmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 27.540399][ T30] audit: type=1400 audit(1734530147.619:69): avc: denied { ioctl } for pid=299 comm="syz-executor265" path="/dev/loop0" dev="devtmpfs" ino=112 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid 300] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 300] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 300] chdir("./file0") = 0
[pid 300] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 300] ioctl(4, LOOP_CLR_FD) = 0
[pid 300] close(4) = 0
[pid 300] chdir("./file0") = 0
[pid 300] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 300] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 300] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[ 27.580392][ T30] audit: type=1400 audit(1734530147.729:70): avc: denied { mounton } for pid=300 comm="syz-executor265" path="/root/syzkaller.oKRLv1/0/file0" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 27.583720][ T300] EXT4-fs (loop0): 1 truncate cleaned up
[ 27.610035][ T300] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 300] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[ 27.620651][ T30] audit: type=1400 audit(1734530147.769:71): avc: denied { mount } for pid=300 comm="syz-executor265" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 27.633379][ T300] ==================================================================
[ 27.644223][ T30] audit: type=1400 audit(1734530147.779:72): avc: denied { write } for pid=300 comm="syz-executor265" name="file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 27.650692][ T300] BUG: KASAN: use-after-free in ext4_insert_dentry+0x392/0x710
[ 27.650752][ T300] Write of size 254 at addr ffff888126a18f0c by task syz-executor265/300
[ 27.673367][ T30] audit: type=1400 audit(1734530147.779:73): avc: denied { add_name } for pid=300 comm="syz-executor265" name="blkio.throttle.io_serviced_recursive" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 27.680180][ T300]
[ 27.680200][ T300] CPU: 0 PID: 300 Comm: syz-executor265 Not tainted 5.15.173-syzkaller-00161-gb4bd207b0380 #0
[ 27.680224][ T300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 27.680241][ T300] Call Trace:
[ 27.689012][ T30] audit: type=1400 audit(1734530147.779:74): avc: denied { create } for pid=300 comm="syz-executor265" name="blkio.throttle.io_serviced_recursive" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 27.712244][ T300]
[ 27.712263][ T300] dump_stack_lvl+0x151/0x1c0
[ 27.712290][ T300] ? io_uring_drop_tctx_refs+0x190/0x190
[ 27.712309][ T300] ? panic+0x760/0x760
[ 27.712324][ T300] ? __ext4_handle_dirty_metadata+0x2fe/0x830
[ 27.712349][ T300] print_address_description+0x87/0x3b0
[ 27.715087][ T30] audit: type=1400 audit(1734530147.779:75): avc: denied { read append open } for pid=300 comm="syz-executor265" path="/root/syzkaller.oKRLv1/0/file0/file0/blkio.throttle.io_serviced_recursive" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 27.724654][ T300] kasan_report+0x179/0x1c0
[ 27.724680][ T300] ? ext4_insert_dentry+0x392/0x710
[ 27.827670][ T300] ? ext4_insert_dentry+0x392/0x710
[ 27.832704][ T300] kasan_check_range+0x293/0x2a0
[ 27.837495][ T300] ? ext4_insert_dentry+0x392/0x710
[ 27.842550][ T300] memcpy+0x44/0x70
[ 27.846161][ T300] ext4_insert_dentry+0x392/0x710
[ 27.851101][ T300] add_dirent_to_buf+0x384/0x7d0
[ 27.855874][ T300] ? ext4_dx_add_entry+0x1620/0x1620
[ 27.860993][ T300] ? ext4_handle_dirty_dx_node+0x41c/0x580
[ 27.866655][ T300] make_indexed_dir+0xf34/0x15a0
[ 27.871410][ T300] ? add_dirent_to_buf+0x7d0/0x7d0
[ 27.876356][ T300] ? add_dirent_to_buf+0x54e/0x7d0
[ 27.881309][ T300] ? ext4_dx_add_entry+0x1620/0x1620
[ 27.886423][ T300] ? __kasan_check_read+0x11/0x20
[ 27.891284][ T300] ? __ext4_read_dirblock+0x56f/0x8e0
[ 27.896493][ T300] ext4_add_entry+0xde2/0x12b0
[ 27.901090][ T300] ? ext4_inc_count+0x190/0x190
[ 27.905894][ T300] ? atime_needs_update+0x810/0x810
[ 27.911013][ T300] __ext4_link+0x4e9/0x790
[ 27.915268][ T300] ? ext4_update_dx_flag+0x200/0x200
[ 27.920388][ T300] ? rwsem_mark_wake+0x770/0x770
[ 27.925161][ T300] ext4_link+0x1f3/0x290
[ 27.929239][ T300] vfs_link+0x645/0x7f0
[ 27.933233][ T300] do_linkat+0x34d/0x9f0
[ 27.937511][ T300] ? fsnotify_link+0x240/0x240
[ 27.942131][ T300] ? getname_flags+0x1fd/0x520
[ 27.946694][ T300] __x64_sys_link+0x86/0x90
[ 27.951032][ T300] x64_sys_call+0x282/0x9a0
[ 27.955389][ T300] do_syscall_64+0x3b/0xb0
[ 27.959632][ T300] ? clear_bhb_loop+0x35/0x90
[ 27.964135][ T300] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 27.969865][ T300] RIP: 0033:0x7f1846a381e9
[ 27.974119][ T300] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 27.993827][ T300] RSP: 002b:00007fff6f854068 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[ 28.002070][ T300] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f1846a381e9
[ 28.010085][ T300] RDX: 0000000000000000 RSI: 0000000020000bc0 RDI: 0000000020001240
[ 28.018083][ T300] RBP: 0000000020000000 R08: 00007fff6f8540a0 R09: 00007fff6f8540a0
[ 28.025968][ T300] R10: 00007fff6f8540a0 R11: 0000000000000246 R12: 0000000000000001
[ 28.033862][ T300] R13: 0000000000000000 R14: 431bde82d7b634db R15: 00007fff6f8540c0
[ 28.041676][ T300]
[ 28.044629][ T300]
[ 28.046892][ T300] The buggy address belongs to the page:
[ 28.052368][ T300] page:ffffea00049a8600 refcount:3 mapcount:0 mapping:ffff88810928f258 index:0x3f pfn:0x126a18
[ 28.062528][ T300] memcg:ffff888100248000
[ 28.066606][ T300] aops:def_blk_aops ino:700000
[ 28.071186][ T300] flags: 0x400000000000202a(referenced|dirty|active|private|zone=1)
[ 28.079001][ T300] raw: 400000000000202a 0000000000000000 dead000000000122 ffff88810928f258
[ 28.087637][ T300] raw: 000000000000003f ffff8881222922a0 00000003ffffffff ffff888100248000
[ 28.096039][ T300] page dumped because: kasan: bad access detected
[ 28.102295][ T300] page_owner tracks the page as allocated
[ 28.107841][ T300] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 300, ts 27633205170, free_ts 0
[ 28.123814][ T300] post_alloc_hook+0x1a3/0x1b0
[ 28.128409][ T300] prep_new_page+0x1b/0x110
[ 28.132749][ T300] get_page_from_freelist+0x3550/0x35d0
[ 28.138131][ T300] __alloc_pages+0x27e/0x8f0
[ 28.142579][ T300] pagecache_get_page+0xb18/0xeb0
[ 28.147416][ T300] __getblk_gfp+0x21e/0x7c0
[ 28.151757][ T300] ext4_getblk+0x259/0x700
[ 28.156011][ T300] ext4_bread+0x2f/0x180
[ 28.160176][ T300] ext4_append+0x31f/0x5b0
[ 28.164580][ T300] make_indexed_dir+0x515/0x15a0
[ 28.169314][ T300] ext4_add_entry+0xde2/0x12b0
[ 28.174293][ T300] __ext4_link+0x4e9/0x790
[ 28.178518][ T300] ext4_link+0x1f3/0x290
[ 28.182680][ T300] vfs_link+0x645/0x7f0
[ 28.186676][ T300] do_linkat+0x34d/0x9f0
[ 28.190942][ T300] __x64_sys_link+0x86/0x90
[ 28.195532][ T300] page_owner free stack trace missing
[ 28.201206][ T300]
[ 28.203366][ T300] Memory state around the buggy address:
[ 28.208845][ T300] ffff888126a18f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 28.216830][ T300] ffff888126a18f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 28.224853][ T300] >ffff888126a19000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[pid 300] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 300] exit_group(0) = ?
[pid 300] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=300, si_uid=0, si_status=0, si_utime=0, si_stime=5} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./0/binderfs") = 0
[ 28.232747][ T300] ^
[ 28.236649][ T300] ffff888126a19080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 28.244550][ T300] ffff888126a19100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 28.252440][ T300] ==================================================================
[ 28.260348][ T300] Disabling lock debugging due to kernel taint
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./0/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./0") = 0
mkdir("./1", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 306
./strace-static-x86_64: Process 306 attached
[pid 306] set_robust_list(0x5555596d1660, 24) = 0
[pid 306] chdir("./1") = 0
[pid 306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 306] setpgid(0, 0) = 0
[pid 306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 306] write(3, "1000", 4) = 4
[pid 306] close(3) = 0
[pid 306] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 306] write(1, "executing program\n", 18) = 18
[pid 306] memfd_create("syzkaller", 0) = 3
[pid 306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 306] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 306] munmap(0x7f183e5f9000, 138412032) = 0
[pid 306] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 306] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 306] close(3) = 0
[pid 306] close(4) = 0
[pid 306] mkdir("./file0", 0777) = 0
[pid 306] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 306] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 306] chdir("./file0") = 0
[pid 306] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 306] ioctl(4, LOOP_CLR_FD) = 0
[pid 306] close(4) = 0
[pid 306] chdir("./file0") = 0
[pid 306] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 306] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 306] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 306] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 306] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 306] exit_group(0) = ?
[pid 306] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=306, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./1/binderfs") = 0
umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./1/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./1/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./1/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./1") = 0
[ 28.380775][ T306] loop0: detected capacity change from 0 to 512
[ 28.393780][ T306] EXT4-fs (loop0): 1 truncate cleaned up
[ 28.399285][ T306] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
mkdir("./2", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 308
./strace-static-x86_64: Process 308 attached
[pid 308] set_robust_list(0x5555596d1660, 24) = 0
executing program
[pid 308] chdir("./2") = 0
[pid 308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 308] setpgid(0, 0) = 0
[pid 308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 308] write(3, "1000", 4) = 4
[pid 308] close(3) = 0
[pid 308] symlink("/dev/binderfs", "./binderfs") = 0
[pid 308] write(1, "executing program\n", 18) = 18
[pid 308] memfd_create("syzkaller", 0) = 3
[pid 308] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 308] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 308] munmap(0x7f183e5f9000, 138412032) = 0
[pid 308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 308] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 308] close(3) = 0
[pid 308] close(4) = 0
[pid 308] mkdir("./file0", 0777) = 0
[ 28.468557][ T308] loop0: detected capacity change from 0 to 512
[pid 308] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 308] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 308] chdir("./file0") = 0
[pid 308] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 308] ioctl(4, LOOP_CLR_FD) = 0
[pid 308] close(4) = 0
[pid 308] chdir("./file0") = 0
[pid 308] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 308] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 308] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 308] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 308] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 308] exit_group(0) = ?
[pid 308] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=308, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./2/binderfs") = 0
[ 28.550617][ T308] EXT4-fs (loop0): 1 truncate cleaned up
[ 28.556092][ T308] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./2/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./2/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./2/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./2") = 0
mkdir("./3", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 310
./strace-static-x86_64: Process 310 attached
[pid 310] set_robust_list(0x5555596d1660, 24) = 0
[pid 310] chdir("./3") = 0
[pid 310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 310] setpgid(0, 0) = 0
[pid 310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 310] write(3, "1000", 4) = 4
[pid 310] close(3) = 0
[pid 310] symlink("/dev/binderfs", "./binderfs") = 0
[pid 310] write(1, "executing program\n", 18executing program
) = 18
[pid 310] memfd_create("syzkaller", 0) = 3
[pid 310] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 310] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 310] munmap(0x7f183e5f9000, 138412032) = 0
[pid 310] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 310] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 310] close(3) = 0
[pid 310] close(4) = 0
[pid 310] mkdir("./file0", 0777) = 0
[pid 310] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 310] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 310] chdir("./file0") = 0
[pid 310] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 310] ioctl(4, LOOP_CLR_FD) = 0
[pid 310] close(4) = 0
[pid 310] chdir("./file0") = 0
[pid 310] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 310] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 310] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 310] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 310] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 310] exit_group(0) = ?
[pid 310] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=310, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./3/binderfs") = 0
[ 28.678076][ T310] loop0: detected capacity change from 0 to 512
[ 28.688993][ T310] EXT4-fs (loop0): 1 truncate cleaned up
[ 28.694625][ T310] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./3/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./3/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./3") = 0
mkdir("./4", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3executing program
) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 312
./strace-static-x86_64: Process 312 attached
[pid 312] set_robust_list(0x5555596d1660, 24) = 0
[pid 312] chdir("./4") = 0
[pid 312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 312] setpgid(0, 0) = 0
[pid 312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 312] write(3, "1000", 4) = 4
[pid 312] close(3) = 0
[pid 312] symlink("/dev/binderfs", "./binderfs") = 0
[pid 312] write(1, "executing program\n", 18) = 18
[pid 312] memfd_create("syzkaller", 0) = 3
[pid 312] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 312] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 312] munmap(0x7f183e5f9000, 138412032) = 0
[pid 312] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 312] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 312] close(3) = 0
[pid 312] close(4) = 0
[pid 312] mkdir("./file0", 0777) = 0
[ 28.790219][ T312] loop0: detected capacity change from 0 to 512
[pid 312] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 312] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 312] chdir("./file0") = 0
[pid 312] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 312] ioctl(4, LOOP_CLR_FD) = 0
[pid 312] close(4) = 0
[pid 312] chdir("./file0") = 0
[pid 312] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 312] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 312] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 312] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 312] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 312] exit_group(0) = ?
[pid 312] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=312, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./4/binderfs") = 0
[ 28.833544][ T312] EXT4-fs (loop0): 1 truncate cleaned up
[ 28.839184][ T312] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./4/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./4/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./4") = 0
mkdir("./5", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 315
./strace-static-x86_64: Process 315 attached
[pid 315] set_robust_list(0x5555596d1660, 24) = 0
[pid 315] chdir("./5") = 0
[pid 315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 315] setpgid(0, 0) = 0
[pid 315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 315] write(3, "1000", 4) = 4
[pid 315] close(3) = 0
[pid 315] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 315] write(1, "executing program\n", 18) = 18
[pid 315] memfd_create("syzkaller", 0) = 3
[pid 315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 315] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 315] munmap(0x7f183e5f9000, 138412032) = 0
[pid 315] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 315] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 315] close(3) = 0
[pid 315] close(4) = 0
[pid 315] mkdir("./file0", 0777) = 0
[ 28.960797][ T315] loop0: detected capacity change from 0 to 512
[pid 315] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 315] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 315] chdir("./file0") = 0
[pid 315] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 315] ioctl(4, LOOP_CLR_FD) = 0
[pid 315] close(4) = 0
[pid 315] chdir("./file0") = 0
[pid 315] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 315] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 315] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 315] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 315] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 315] exit_group(0) = ?
[pid 315] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=315, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./5/binderfs") = 0
[ 29.040904][ T315] EXT4-fs (loop0): 1 truncate cleaned up
[ 29.046956][ T315] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./5/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./5/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./5") = 0
mkdir("./6", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3executing program
) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 317
./strace-static-x86_64: Process 317 attached
[pid 317] set_robust_list(0x5555596d1660, 24) = 0
[pid 317] chdir("./6") = 0
[pid 317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 317] setpgid(0, 0) = 0
[pid 317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 317] write(3, "1000", 4) = 4
[pid 317] close(3) = 0
[pid 317] symlink("/dev/binderfs", "./binderfs") = 0
[pid 317] write(1, "executing program\n", 18) = 18
[pid 317] memfd_create("syzkaller", 0) = 3
[pid 317] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 317] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 317] munmap(0x7f183e5f9000, 138412032) = 0
[pid 317] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 317] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 317] close(3) = 0
[pid 317] close(4) = 0
[pid 317] mkdir("./file0", 0777) = 0
[pid 317] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 317] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 317] chdir("./file0") = 0
[pid 317] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 317] ioctl(4, LOOP_CLR_FD) = 0
[pid 317] close(4) = 0
[pid 317] chdir("./file0") = 0
[pid 317] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 317] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 317] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 317] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 317] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 317] exit_group(0) = ?
[pid 317] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=317, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./6/binderfs") = 0
[ 29.159912][ T317] loop0: detected capacity change from 0 to 512
[ 29.171880][ T317] EXT4-fs (loop0): 1 truncate cleaned up
[ 29.177377][ T317] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./6/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./6/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./6") = 0
mkdir("./7", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 320
./strace-static-x86_64: Process 320 attached
[pid 320] set_robust_list(0x5555596d1660, 24) = 0
[pid 320] chdir("./7") = 0
[pid 320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 320] setpgid(0, 0) = 0
[pid 320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 320] write(3, "1000", 4) = 4
[pid 320] close(3) = 0
[pid 320] symlink("/dev/binderfs", "./binderfs") = 0
[pid 320] write(1, "executing program\n", 18executing program
) = 18
[pid 320] memfd_create("syzkaller", 0) = 3
[pid 320] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 320] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 320] munmap(0x7f183e5f9000, 138412032) = 0
[pid 320] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 320] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 320] close(3) = 0
[pid 320] close(4) = 0
[pid 320] mkdir("./file0", 0777) = 0
[ 29.287253][ T320] loop0: detected capacity change from 0 to 512
[pid 320] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 320] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 320] chdir("./file0") = 0
[pid 320] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 320] ioctl(4, LOOP_CLR_FD) = 0
[pid 320] close(4) = 0
[pid 320] chdir("./file0") = 0
[pid 320] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 320] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 320] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 320] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 320] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 320] exit_group(0) = ?
[pid 320] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=320, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./7/binderfs") = 0
[ 29.360684][ T320] EXT4-fs (loop0): 1 truncate cleaned up
[ 29.366187][ T320] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./7/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./7/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./7") = 0
mkdir("./8", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 322
./strace-static-x86_64: Process 322 attached
[pid 322] set_robust_list(0x5555596d1660, 24) = 0
[pid 322] chdir("./8") = 0
[pid 322] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 322] setpgid(0, 0) = 0
[pid 322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 322] write(3, "1000", 4) = 4
[pid 322] close(3) = 0
[pid 322] symlink("/dev/binderfs", "./binderfs") = 0
[pid 322] write(1, "executing program\n", 18executing program
) = 18
[pid 322] memfd_create("syzkaller", 0) = 3
[pid 322] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 322] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 322] munmap(0x7f183e5f9000, 138412032) = 0
[pid 322] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 322] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 322] close(3) = 0
[pid 322] close(4) = 0
[pid 322] mkdir("./file0", 0777) = 0
[ 29.483404][ T322] loop0: detected capacity change from 0 to 512
[pid 322] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 322] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 322] chdir("./file0") = 0
[pid 322] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 322] ioctl(4, LOOP_CLR_FD) = 0
[pid 322] close(4) = 0
[pid 322] chdir("./file0") = 0
[pid 322] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 322] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 322] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 322] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 322] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 322] exit_group(0) = ?
[pid 322] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=322, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./8/binderfs") = 0
[ 29.580537][ T322] EXT4-fs (loop0): 1 truncate cleaned up
[ 29.586036][ T322] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./8/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./8/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./8") = 0
mkdir("./9", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3executing program
) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 324
./strace-static-x86_64: Process 324 attached
[pid 324] set_robust_list(0x5555596d1660, 24) = 0
[pid 324] chdir("./9") = 0
[pid 324] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 324] setpgid(0, 0) = 0
[pid 324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 324] write(3, "1000", 4) = 4
[pid 324] close(3) = 0
[pid 324] symlink("/dev/binderfs", "./binderfs") = 0
[pid 324] write(1, "executing program\n", 18) = 18
[pid 324] memfd_create("syzkaller", 0) = 3
[pid 324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 324] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 324] munmap(0x7f183e5f9000, 138412032) = 0
[pid 324] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 324] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 324] close(3) = 0
[pid 324] close(4) = 0
[pid 324] mkdir("./file0", 0777) = 0
[ 29.722057][ T324] loop0: detected capacity change from 0 to 512
[pid 324] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 324] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 324] chdir("./file0") = 0
[pid 324] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 324] ioctl(4, LOOP_CLR_FD) = 0
[pid 324] close(4) = 0
[pid 324] chdir("./file0") = 0
[pid 324] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 324] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 324] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 324] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 324] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 324] exit_group(0) = ?
[pid 324] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=324, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./9/binderfs") = 0
umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./9/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./9/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./9") = 0
mkdir("./10", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 326
./strace-static-x86_64: Process 326 attached
[pid 326] set_robust_list(0x5555596d1660, 24) = 0
[pid 326] chdir("./10") = 0
[pid 326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 326] setpgid(0, 0) = 0
[pid 326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 326] write(3, "1000", 4) = 4
[pid 326] close(3) = 0
[pid 326] symlink("/dev/binderfs", "./binderfs") = 0
[pid 326] write(1, "executing program\n", 18executing program
) = 18
[pid 326] memfd_create("syzkaller", 0) = 3
[pid 326] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 326] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 326] munmap(0x7f183e5f9000, 138412032) = 0
[pid 326] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 29.800525][ T324] EXT4-fs (loop0): 1 truncate cleaned up
[ 29.806013][ T324] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 326] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 326] close(3) = 0
[pid 326] close(4) = 0
[pid 326] mkdir("./file0", 0777) = 0
[ 29.857142][ T326] loop0: detected capacity change from 0 to 512
[pid 326] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 326] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 326] chdir("./file0") = 0
[pid 326] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 326] ioctl(4, LOOP_CLR_FD) = 0
[pid 326] close(4) = 0
[pid 326] chdir("./file0") = 0
[pid 326] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 326] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 326] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 326] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 326] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 326] exit_group(0) = ?
[pid 326] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=326, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./10/binderfs") = 0
umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./10/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./10/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./10") = 0
mkdir("./11", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 328
./strace-static-x86_64: Process 328 attached
[pid 328] set_robust_list(0x5555596d1660, 24) = 0
[pid 328] chdir("./11") = 0
[pid 328] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 328] setpgid(0, 0) = 0
[pid 328] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 328] write(3, "1000", 4) = 4
[pid 328] close(3) = 0
[pid 328] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 328] write(1, "executing program\n", 18) = 18
[pid 328] memfd_create("syzkaller", 0) = 3
[pid 328] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 328] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 328] munmap(0x7f183e5f9000, 138412032) = 0
[pid 328] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 29.930808][ T326] EXT4-fs (loop0): 1 truncate cleaned up
[ 29.936375][ T326] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 328] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 328] close(3) = 0
[pid 328] close(4) = 0
[pid 328] mkdir("./file0", 0777) = 0
[ 29.991173][ T328] loop0: detected capacity change from 0 to 512
[pid 328] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 328] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 328] chdir("./file0") = 0
[pid 328] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 328] ioctl(4, LOOP_CLR_FD) = 0
[pid 328] close(4) = 0
[pid 328] chdir("./file0") = 0
[pid 328] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 328] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 328] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 328] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 328] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 328] exit_group(0) = ?
[pid 328] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=328, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./11/binderfs") = 0
[ 30.060007][ T328] EXT4-fs (loop0): 1 truncate cleaned up
[ 30.065491][ T328] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./11/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./11/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./11") = 0
mkdir("./12", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 330
./strace-static-x86_64: Process 330 attached
[pid 330] set_robust_list(0x5555596d1660, 24) = 0
[pid 330] chdir("./12") = 0
[pid 330] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 330] setpgid(0, 0) = 0
[pid 330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 330] write(3, "1000", 4) = 4
[pid 330] close(3) = 0
[pid 330] symlink("/dev/binderfs", "./binderfs") = 0
[pid 330] write(1, "executing program\n", 18) = 18
executing program
[pid 330] memfd_create("syzkaller", 0) = 3
[pid 330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 330] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 330] munmap(0x7f183e5f9000, 138412032) = 0
[pid 330] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 330] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 330] close(3) = 0
[pid 330] close(4) = 0
[pid 330] mkdir("./file0", 0777) = 0
[ 30.200743][ T330] loop0: detected capacity change from 0 to 512
[pid 330] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 330] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 330] chdir("./file0") = 0
[pid 330] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 330] ioctl(4, LOOP_CLR_FD) = 0
[pid 330] close(4) = 0
[pid 330] chdir("./file0") = 0
[pid 330] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 330] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 330] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 330] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 330] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 330] exit_group(0) = ?
[pid 330] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=330, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./12/binderfs") = 0
umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./12/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./12/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./12") = 0
mkdir("./13", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 333
./strace-static-x86_64: Process 333 attached
[pid 333] set_robust_list(0x5555596d1660, 24) = 0
[pid 333] chdir("./13") = 0
[pid 333] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 333] setpgid(0, 0) = 0
[pid 333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 333] write(3, "1000", 4) = 4
[pid 333] close(3) = 0
[pid 333] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 333] write(1, "executing program\n", 18) = 18
[pid 333] memfd_create("syzkaller", 0) = 3
[pid 333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 333] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 333] munmap(0x7f183e5f9000, 138412032) = 0
[pid 333] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 30.290782][ T330] EXT4-fs (loop0): 1 truncate cleaned up
[ 30.296279][ T330] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 333] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 333] close(3) = 0
[pid 333] close(4) = 0
[pid 333] mkdir("./file0", 0777) = 0
[ 30.352193][ T333] loop0: detected capacity change from 0 to 512
[pid 333] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 333] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 333] chdir("./file0") = 0
[pid 333] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 333] ioctl(4, LOOP_CLR_FD) = 0
[pid 333] close(4) = 0
[pid 333] chdir("./file0") = 0
[pid 333] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 333] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 333] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 333] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 333] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 333] exit_group(0) = ?
[pid 333] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=333, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./13/binderfs") = 0
[ 30.430833][ T333] EXT4-fs (loop0): 1 truncate cleaned up
[ 30.436341][ T333] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./13/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./13/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./13") = 0
mkdir("./14", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 335
./strace-static-x86_64: Process 335 attached
[pid 335] set_robust_list(0x5555596d1660, 24) = 0
[pid 335] chdir("./14") = 0
[pid 335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 335] setpgid(0, 0) = 0
[pid 335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 335] write(3, "1000", 4) = 4
[pid 335] close(3) = 0
[pid 335] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 335] write(1, "executing program\n", 18) = 18
[pid 335] memfd_create("syzkaller", 0) = 3
[pid 335] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 335] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 335] munmap(0x7f183e5f9000, 138412032) = 0
[pid 335] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 335] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 335] close(3) = 0
[pid 335] close(4) = 0
[pid 335] mkdir("./file0", 0777) = 0
[ 30.540831][ T335] loop0: detected capacity change from 0 to 512
[pid 335] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 335] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 335] chdir("./file0") = 0
[pid 335] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 335] ioctl(4, LOOP_CLR_FD) = 0
[pid 335] close(4) = 0
[pid 335] chdir("./file0") = 0
[pid 335] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 335] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 335] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 335] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 335] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 335] exit_group(0) = ?
[pid 335] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=335, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./14/binderfs") = 0
[ 30.630457][ T335] EXT4-fs (loop0): 1 truncate cleaned up
[ 30.635948][ T335] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./14/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./14/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./14/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./14") = 0
mkdir("./15", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 337
./strace-static-x86_64: Process 337 attached
[pid 337] set_robust_list(0x5555596d1660, 24) = 0
[pid 337] chdir("./15") = 0
[pid 337] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 337] setpgid(0, 0) = 0
[pid 337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 337] write(3, "1000", 4) = 4
[pid 337] close(3) = 0
[pid 337] symlink("/dev/binderfs", "./binderfs") = 0
[pid 337] write(1, "executing program\n", 18executing program
) = 18
[pid 337] memfd_create("syzkaller", 0) = 3
[pid 337] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 337] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 337] munmap(0x7f183e5f9000, 138412032) = 0
[pid 337] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 337] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 337] close(3) = 0
[pid 337] close(4) = 0
[pid 337] mkdir("./file0", 0777) = 0
[ 30.767710][ T337] loop0: detected capacity change from 0 to 512
[pid 337] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 337] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 337] chdir("./file0") = 0
[pid 337] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 337] ioctl(4, LOOP_CLR_FD) = 0
[pid 337] close(4) = 0
[pid 337] chdir("./file0") = 0
[pid 337] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 337] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 337] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 337] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 337] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 337] exit_group(0) = ?
[pid 337] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=337, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./15/binderfs") = 0
[ 30.850548][ T337] EXT4-fs (loop0): 1 truncate cleaned up
[ 30.856025][ T337] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./15/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./15/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./15") = 0
mkdir("./16", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 339
./strace-static-x86_64: Process 339 attached
[pid 339] set_robust_list(0x5555596d1660, 24) = 0
[pid 339] chdir("./16") = 0
[pid 339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 339] setpgid(0, 0) = 0
[pid 339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 339] write(3, "1000", 4) = 4
[pid 339] close(3) = 0
[pid 339] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 339] write(1, "executing program\n", 18) = 18
[pid 339] memfd_create("syzkaller", 0) = 3
[pid 339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 339] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 339] munmap(0x7f183e5f9000, 138412032) = 0
[pid 339] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 339] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 339] close(3) = 0
[pid 339] close(4) = 0
[pid 339] mkdir("./file0", 0777) = 0
[ 30.960891][ T339] loop0: detected capacity change from 0 to 512
[pid 339] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 339] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 339] chdir("./file0") = 0
[pid 339] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 339] ioctl(4, LOOP_CLR_FD) = 0
[pid 339] close(4) = 0
[pid 339] chdir("./file0") = 0
[pid 339] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 339] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 339] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 339] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 339] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 339] exit_group(0) = ?
[pid 339] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=339, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./16/binderfs") = 0
[ 31.002348][ T339] EXT4-fs (loop0): 1 truncate cleaned up
[ 31.007841][ T339] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./16/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./16/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./16") = 0
mkdir("./17", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 341
./strace-static-x86_64: Process 341 attached
[pid 341] set_robust_list(0x5555596d1660, 24) = 0
[pid 341] chdir("./17") = 0
[pid 341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 341] setpgid(0, 0) = 0
[pid 341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 341] write(3, "1000", 4) = 4
[pid 341] close(3) = 0
[pid 341] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 341] write(1, "executing program\n", 18) = 18
[pid 341] memfd_create("syzkaller", 0) = 3
[pid 341] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 341] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 341] munmap(0x7f183e5f9000, 138412032) = 0
[pid 341] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 341] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 341] close(3) = 0
[ 31.121740][ T341] loop0: detected capacity change from 0 to 512
[pid 341] close(4) = 0
[pid 341] mkdir("./file0", 0777) = 0
[pid 341] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 341] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 341] chdir("./file0") = 0
[pid 341] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 341] ioctl(4, LOOP_CLR_FD) = 0
[pid 341] close(4) = 0
[pid 341] chdir("./file0") = 0
[pid 341] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 341] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 341] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 341] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 341] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 341] exit_group(0) = ?
[pid 341] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=341, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./17/binderfs") = 0
umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./17/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./17/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./17") = 0
mkdir("./18", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 344
./strace-static-x86_64: Process 344 attached
[pid 344] set_robust_list(0x5555596d1660, 24) = 0
[pid 344] chdir("./18") = 0
[pid 344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 344] setpgid(0, 0) = 0
[pid 344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 344] write(3, "1000", 4) = 4
[pid 344] close(3) = 0
[pid 344] symlink("/dev/binderfs", "./binderfs") = 0
[pid 344] write(1, "executing program\n", 18executing program
) = 18
[pid 344] memfd_create("syzkaller", 0) = 3
[pid 344] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 344] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 344] munmap(0x7f183e5f9000, 138412032) = 0
[pid 344] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 31.230874][ T341] EXT4-fs (loop0): 1 truncate cleaned up
[ 31.236444][ T341] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 344] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 344] close(3) = 0
[pid 344] close(4) = 0
[pid 344] mkdir("./file0", 0777) = 0
[pid 344] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 344] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 344] chdir("./file0") = 0
[pid 344] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 344] ioctl(4, LOOP_CLR_FD) = 0
[pid 344] close(4) = 0
[pid 344] chdir("./file0") = 0
[pid 344] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 344] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 344] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 344] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 344] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 344] exit_group(0) = ?
[pid 344] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=344, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./18/binderfs") = 0
[ 31.287756][ T344] loop0: detected capacity change from 0 to 512
[ 31.297319][ T344] EXT4-fs (loop0): 1 truncate cleaned up
[ 31.302940][ T344] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./18/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./18/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./18") = 0
mkdir("./19", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 346
./strace-static-x86_64: Process 346 attached
[pid 346] set_robust_list(0x5555596d1660, 24) = 0
[pid 346] chdir("./19") = 0
[pid 346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 346] setpgid(0, 0) = 0
[pid 346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 346] write(3, "1000", 4) = 4
[pid 346] close(3) = 0
[pid 346] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 346] write(1, "executing program\n", 18) = 18
[pid 346] memfd_create("syzkaller", 0) = 3
[pid 346] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 346] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 346] munmap(0x7f183e5f9000, 138412032) = 0
[pid 346] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 346] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 346] close(3) = 0
[pid 346] close(4) = 0
[pid 346] mkdir("./file0", 0777) = 0
[pid 346] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 346] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 346] chdir("./file0") = 0
[pid 346] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 346] ioctl(4, LOOP_CLR_FD) = 0
[pid 346] close(4) = 0
[pid 346] chdir("./file0") = 0
[pid 346] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 346] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 346] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 346] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 346] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 346] exit_group(0) = ?
[pid 346] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=346, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./19/binderfs") = 0
umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./19/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./19/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./19") = 0
mkdir("./20", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 348
./strace-static-x86_64: Process 348 attached
[pid 348] set_robust_list(0x5555596d1660, 24) = 0
[pid 348] chdir("./20") = 0
[pid 348] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 348] setpgid(0, 0) = 0
[pid 348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 348] write(3, "1000", 4) = 4
[pid 348] close(3) = 0
[pid 348] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 348] write(1, "executing program\n", 18) = 18
[pid 348] memfd_create("syzkaller", 0) = 3
[pid 348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 348] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 348] munmap(0x7f183e5f9000, 138412032) = 0
[pid 348] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 31.383056][ T346] loop0: detected capacity change from 0 to 512
[ 31.394374][ T346] EXT4-fs (loop0): 1 truncate cleaned up
[ 31.400062][ T346] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 348] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 348] close(3) = 0
[pid 348] close(4) = 0
[pid 348] mkdir("./file0", 0777) = 0
[pid 348] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 348] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 348] chdir("./file0") = 0
[pid 348] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 348] ioctl(4, LOOP_CLR_FD) = 0
[pid 348] close(4) = 0
[pid 348] chdir("./file0") = 0
[pid 348] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 348] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 348] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 348] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 348] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 348] exit_group(0) = ?
[pid 348] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=348, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./20/binderfs") = 0
[ 31.447653][ T348] loop0: detected capacity change from 0 to 512
[ 31.457920][ T348] EXT4-fs (loop0): 1 truncate cleaned up
[ 31.463427][ T348] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./20/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./20/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./20/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./20") = 0
mkdir("./21", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 350 attached
[pid 350] set_robust_list(0x5555596d1660, 24) = 0
[pid 350] chdir("./21"
[pid 299] <... clone resumed>, child_tidptr=0x5555596d1650) = 350
[pid 350] <... chdir resumed>) = 0
[pid 350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 350] setpgid(0, 0) = 0
[pid 350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 350] write(3, "1000", 4) = 4
[pid 350] close(3) = 0
[pid 350] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 350] write(1, "executing program\n", 18) = 18
[pid 350] memfd_create("syzkaller", 0) = 3
[pid 350] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 350] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 350] munmap(0x7f183e5f9000, 138412032) = 0
[pid 350] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 350] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 350] close(3) = 0
[pid 350] close(4) = 0
[pid 350] mkdir("./file0", 0777) = 0
[ 31.562115][ T350] loop0: detected capacity change from 0 to 512
[pid 350] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 350] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 350] chdir("./file0") = 0
[pid 350] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 350] ioctl(4, LOOP_CLR_FD) = 0
[pid 350] close(4) = 0
[pid 350] chdir("./file0") = 0
[pid 350] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 350] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 350] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 350] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 350] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 350] exit_group(0) = ?
[pid 350] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=350, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./21/binderfs") = 0
[ 31.650960][ T350] EXT4-fs (loop0): 1 truncate cleaned up
[ 31.656480][ T350] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./21/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./21/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./21/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./21") = 0
mkdir("./22", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x5555596d1650) = 352
./strace-static-x86_64: Process 352 attached
[pid 352] set_robust_list(0x5555596d1660, 24) = 0
[pid 352] chdir("./22") = 0
[pid 352] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 352] setpgid(0, 0) = 0
[pid 352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 352] write(3, "1000", 4) = 4
[pid 352] close(3) = 0
[pid 352] symlink("/dev/binderfs", "./binderfs") = 0
[pid 352] write(1, "executing program\n", 18) = 18
[pid 352] memfd_create("syzkaller", 0) = 3
[pid 352] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 352] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 352] munmap(0x7f183e5f9000, 138412032) = 0
[pid 352] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 352] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 352] close(3) = 0
[pid 352] close(4) = 0
[pid 352] mkdir("./file0", 0777) = 0
[ 31.759073][ T352] loop0: detected capacity change from 0 to 512
[pid 352] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 352] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 352] chdir("./file0") = 0
[pid 352] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 352] ioctl(4, LOOP_CLR_FD) = 0
[pid 352] close(4) = 0
[pid 352] chdir("./file0") = 0
[pid 352] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 352] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 352] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 352] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 352] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 352] exit_group(0) = ?
[pid 352] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=352, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./22/binderfs") = 0
[ 31.811686][ T352] EXT4-fs (loop0): 1 truncate cleaned up
[ 31.817151][ T352] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./22/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./22/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./22/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./22/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./22") = 0
mkdir("./23", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 354
./strace-static-x86_64: Process 354 attached
[pid 354] set_robust_list(0x5555596d1660, 24) = 0
[pid 354] chdir("./23") = 0
[pid 354] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 354] setpgid(0, 0) = 0
[pid 354] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 354] write(3, "1000", 4) = 4
[pid 354] close(3) = 0
[pid 354] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 354] write(1, "executing program\n", 18) = 18
[pid 354] memfd_create("syzkaller", 0) = 3
[pid 354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 354] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 354] munmap(0x7f183e5f9000, 138412032) = 0
[pid 354] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 354] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 354] close(3) = 0
[pid 354] close(4) = 0
[pid 354] mkdir("./file0", 0777) = 0
[pid 354] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 354] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 354] chdir("./file0") = 0
[pid 354] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 354] ioctl(4, LOOP_CLR_FD) = 0
[pid 354] close(4) = 0
[pid 354] chdir("./file0") = 0
[pid 354] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 354] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 354] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 354] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 354] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 354] exit_group(0) = ?
[pid 354] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=354, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./23/binderfs") = 0
[ 31.888083][ T354] loop0: detected capacity change from 0 to 512
[ 31.898685][ T354] EXT4-fs (loop0): 1 truncate cleaned up
[ 31.904162][ T354] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./23/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./23/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./23/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./23/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./23") = 0
mkdir("./24", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x5555596d1650) = 356
./strace-static-x86_64: Process 356 attached
[pid 356] set_robust_list(0x5555596d1660, 24) = 0
[pid 356] chdir("./24") = 0
[pid 356] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 356] setpgid(0, 0) = 0
[pid 356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 356] write(3, "1000", 4) = 4
[pid 356] close(3) = 0
[pid 356] symlink("/dev/binderfs", "./binderfs") = 0
[pid 356] write(1, "executing program\n", 18) = 18
[pid 356] memfd_create("syzkaller", 0) = 3
[pid 356] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 356] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 356] munmap(0x7f183e5f9000, 138412032) = 0
[pid 356] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 356] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 356] close(3) = 0
[pid 356] close(4) = 0
[pid 356] mkdir("./file0", 0777) = 0
[pid 356] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 356] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 356] chdir("./file0") = 0
[pid 356] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 356] ioctl(4, LOOP_CLR_FD) = 0
[pid 356] close(4) = 0
[pid 356] chdir("./file0") = 0
[pid 356] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 356] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 356] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 356] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 356] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 356] exit_group(0) = ?
[pid 356] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=356, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./24/binderfs") = 0
[ 31.997680][ T356] loop0: detected capacity change from 0 to 512
[ 32.030904][ T356] EXT4-fs (loop0): 1 truncate cleaned up
[ 32.036436][ T356] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./24/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./24/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./24/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./24/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./24") = 0
mkdir("./25", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 358
./strace-static-x86_64: Process 358 attached
[pid 358] set_robust_list(0x5555596d1660, 24) = 0
[pid 358] chdir("./25") = 0
[pid 358] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 358] setpgid(0, 0) = 0
executing program
[pid 358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 358] write(3, "1000", 4) = 4
[pid 358] close(3) = 0
[pid 358] symlink("/dev/binderfs", "./binderfs") = 0
[pid 358] write(1, "executing program\n", 18) = 18
[pid 358] memfd_create("syzkaller", 0) = 3
[pid 358] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 358] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 358] munmap(0x7f183e5f9000, 138412032) = 0
[pid 358] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 358] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 358] close(3) = 0
[pid 358] close(4) = 0
[pid 358] mkdir("./file0", 0777) = 0
[ 32.161956][ T358] loop0: detected capacity change from 0 to 512
[pid 358] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 358] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 358] chdir("./file0") = 0
[pid 358] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 358] ioctl(4, LOOP_CLR_FD) = 0
[pid 358] close(4) = 0
[pid 358] chdir("./file0") = 0
[pid 358] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 358] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 358] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 358] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 358] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 358] exit_group(0) = ?
[pid 358] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=358, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./25", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./25/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./25/binderfs") = 0
[ 32.251046][ T358] EXT4-fs (loop0): 1 truncate cleaned up
[ 32.256613][ T358] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./25/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./25/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./25/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./25/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./25") = 0
mkdir("./26", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 361
./strace-static-x86_64: Process 361 attached
[pid 361] set_robust_list(0x5555596d1660, 24) = 0
[pid 361] chdir("./26") = 0
[pid 361] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 361] setpgid(0, 0) = 0
[pid 361] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 361] write(3, "1000", 4) = 4
[pid 361] close(3) = 0
[pid 361] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 361] write(1, "executing program\n", 18) = 18
[pid 361] memfd_create("syzkaller", 0) = 3
[pid 361] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 361] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 361] munmap(0x7f183e5f9000, 138412032) = 0
[pid 361] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 361] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 361] close(3) = 0
[pid 361] close(4) = 0
[pid 361] mkdir("./file0", 0777) = 0
[ 32.360601][ T361] loop0: detected capacity change from 0 to 512
[pid 361] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 361] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 361] chdir("./file0") = 0
[pid 361] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 361] ioctl(4, LOOP_CLR_FD) = 0
[pid 361] close(4) = 0
[pid 361] chdir("./file0") = 0
[pid 361] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 361] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 361] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 361] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 361] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 361] exit_group(0) = ?
[pid 361] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=361, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./26", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./26/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./26/binderfs") = 0
[ 32.440797][ T361] EXT4-fs (loop0): 1 truncate cleaned up
[ 32.446284][ T361] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./26/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./26/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./26/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./26/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./26") = 0
mkdir("./27", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 363
./strace-static-x86_64: Process 363 attached
[pid 363] set_robust_list(0x5555596d1660, 24) = 0
[pid 363] chdir("./27") = 0
[pid 363] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 363] setpgid(0, 0) = 0
[pid 363] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 363] write(3, "1000", 4) = 4
[pid 363] close(3) = 0
[pid 363] symlink("/dev/binderfs", "./binderfs") = 0
[pid 363] write(1, "executing program\n", 18executing program
) = 18
[pid 363] memfd_create("syzkaller", 0) = 3
[pid 363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 363] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 363] munmap(0x7f183e5f9000, 138412032) = 0
[pid 363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 363] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 363] close(3) = 0
[pid 363] close(4) = 0
[pid 363] mkdir("./file0", 0777) = 0
[ 32.602287][ T363] loop0: detected capacity change from 0 to 512
[pid 363] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 363] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 363] chdir("./file0") = 0
[pid 363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 363] ioctl(4, LOOP_CLR_FD) = 0
[pid 363] close(4) = 0
[pid 363] chdir("./file0") = 0
[pid 363] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 363] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 363] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 363] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 363] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 363] exit_group(0) = ?
[pid 363] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=363, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./27", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./27/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./27/binderfs") = 0
[ 32.680594][ T363] EXT4-fs (loop0): 1 truncate cleaned up
[ 32.686074][ T363] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./27/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./27/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./27/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./27/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./27") = 0
mkdir("./28", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 365
./strace-static-x86_64: Process 365 attached
[pid 365] set_robust_list(0x5555596d1660, 24) = 0
[pid 365] chdir("./28") = 0
[pid 365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 365] setpgid(0, 0) = 0
executing program
[pid 365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 365] write(3, "1000", 4) = 4
[pid 365] close(3) = 0
[pid 365] symlink("/dev/binderfs", "./binderfs") = 0
[pid 365] write(1, "executing program\n", 18) = 18
[pid 365] memfd_create("syzkaller", 0) = 3
[pid 365] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 365] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 365] munmap(0x7f183e5f9000, 138412032) = 0
[pid 365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 365] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 365] close(3) = 0
[pid 365] close(4) = 0
[pid 365] mkdir("./file0", 0777) = 0
[ 32.800199][ T365] loop0: detected capacity change from 0 to 512
[pid 365] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 365] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 365] chdir("./file0") = 0
[pid 365] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 365] ioctl(4, LOOP_CLR_FD) = 0
[pid 365] close(4) = 0
[pid 365] chdir("./file0") = 0
[pid 365] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 365] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 365] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 365] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 365] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 365] exit_group(0) = ?
[pid 365] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=365, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./28", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./28/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./28/binderfs") = 0
[ 32.881114][ T365] EXT4-fs (loop0): 1 truncate cleaned up
[ 32.886733][ T365] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./28/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./28/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./28/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./28/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./28") = 0
mkdir("./29", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3executing program
) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 368
./strace-static-x86_64: Process 368 attached
[pid 368] set_robust_list(0x5555596d1660, 24) = 0
[pid 368] chdir("./29") = 0
[pid 368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 368] setpgid(0, 0) = 0
[pid 368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 368] write(3, "1000", 4) = 4
[pid 368] close(3) = 0
[pid 368] symlink("/dev/binderfs", "./binderfs") = 0
[pid 368] write(1, "executing program\n", 18) = 18
[pid 368] memfd_create("syzkaller", 0) = 3
[pid 368] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 368] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 368] munmap(0x7f183e5f9000, 138412032) = 0
[pid 368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 368] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 368] close(3) = 0
[pid 368] close(4) = 0
[pid 368] mkdir("./file0", 0777) = 0
[ 33.002234][ T368] loop0: detected capacity change from 0 to 512
[pid 368] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 368] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 368] chdir("./file0") = 0
[pid 368] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 368] ioctl(4, LOOP_CLR_FD) = 0
[pid 368] close(4) = 0
[pid 368] chdir("./file0") = 0
[pid 368] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 368] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 368] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 368] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 368] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 368] exit_group(0) = ?
[pid 368] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=368, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./29", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./29/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./29/binderfs") = 0
umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./29/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./29/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./29/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./29/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./29") = 0
mkdir("./30", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 370
./strace-static-x86_64: Process 370 attached
[pid 370] set_robust_list(0x5555596d1660, 24) = 0
[pid 370] chdir("./30") = 0
[pid 370] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 370] setpgid(0, 0) = 0
[pid 370] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 370] write(3, "1000", 4) = 4
[pid 370] close(3) = 0
[pid 370] symlink("/dev/binderfs", "./binderfs") = 0
[pid 370] write(1, "executing program\n", 18executing program
) = 18
[pid 370] memfd_create("syzkaller", 0) = 3
[pid 370] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 370] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 370] munmap(0x7f183e5f9000, 138412032) = 0
[ 33.090627][ T368] EXT4-fs (loop0): 1 truncate cleaned up
[ 33.096193][ T368] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 370] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 370] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 370] close(3) = 0
[pid 370] close(4) = 0
[pid 370] mkdir("./file0", 0777) = 0
[ 33.153108][ T370] loop0: detected capacity change from 0 to 512
[pid 370] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 370] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 370] chdir("./file0") = 0
[pid 370] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 370] ioctl(4, LOOP_CLR_FD) = 0
[pid 370] close(4) = 0
[pid 370] chdir("./file0") = 0
[pid 370] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 370] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 370] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 370] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 370] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 370] exit_group(0) = ?
[pid 370] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=370, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./30", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./30/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./30/binderfs") = 0
umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./30/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./30/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./30/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./30/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./30") = 0
mkdir("./31", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
[ 33.221501][ T370] EXT4-fs (loop0): 1 truncate cleaned up
[ 33.226982][ T370] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x5555596d1650) = 373
./strace-static-x86_64: Process 373 attached
[pid 373] set_robust_list(0x5555596d1660, 24) = 0
[pid 373] chdir("./31") = 0
[pid 373] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 373] setpgid(0, 0) = 0
[pid 373] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 373] write(3, "1000", 4) = 4
[pid 373] close(3) = 0
[pid 373] symlink("/dev/binderfs", "./binderfs") = 0
[pid 373] write(1, "executing program\n", 18) = 18
[pid 373] memfd_create("syzkaller", 0) = 3
[pid 373] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 373] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 373] munmap(0x7f183e5f9000, 138412032) = 0
[pid 373] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 373] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 373] close(3) = 0
[pid 373] close(4) = 0
[pid 373] mkdir("./file0", 0777) = 0
[ 33.287985][ T373] loop0: detected capacity change from 0 to 512
[pid 373] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 373] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 373] chdir("./file0") = 0
[pid 373] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 373] ioctl(4, LOOP_CLR_FD) = 0
[pid 373] close(4) = 0
[pid 373] chdir("./file0") = 0
[pid 373] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 373] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 373] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 373] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 373] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 373] exit_group(0) = ?
[pid 373] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=373, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./31", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./31/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./31/binderfs") = 0
[ 33.370642][ T373] EXT4-fs (loop0): 1 truncate cleaned up
[ 33.376221][ T373] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./31/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./31/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./31/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./31/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./31") = 0
mkdir("./32", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 375
./strace-static-x86_64: Process 375 attached
[pid 375] set_robust_list(0x5555596d1660, 24) = 0
[pid 375] chdir("./32") = 0
[pid 375] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 375] setpgid(0, 0) = 0
[pid 375] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 375] write(3, "1000", 4) = 4
[pid 375] close(3) = 0
[pid 375] symlink("/dev/binderfs", "./binderfs") = 0
[pid 375] write(1, "executing program\n", 18executing program
) = 18
[pid 375] memfd_create("syzkaller", 0) = 3
[pid 375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 375] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 375] munmap(0x7f183e5f9000, 138412032) = 0
[pid 375] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 375] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 375] close(3) = 0
[pid 375] close(4) = 0
[pid 375] mkdir("./file0", 0777) = 0
[ 33.485180][ T375] loop0: detected capacity change from 0 to 512
[pid 375] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 375] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 375] chdir("./file0") = 0
[pid 375] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 375] ioctl(4, LOOP_CLR_FD) = 0
[pid 375] close(4) = 0
[pid 375] chdir("./file0") = 0
[pid 375] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 375] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 375] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 375] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 375] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 375] exit_group(0) = ?
[pid 375] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=375, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./32", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./32/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./32/binderfs") = 0
umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./32/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./32/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./32/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./32/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./32") = 0
mkdir("./33", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 377
./strace-static-x86_64: Process 377 attached
[pid 377] set_robust_list(0x5555596d1660, 24) = 0
[pid 377] chdir("./33") = 0
[pid 377] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 377] setpgid(0, 0) = 0
[pid 377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 377] write(3, "1000", 4) = 4
[pid 377] close(3) = 0
[pid 377] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 377] write(1, "executing program\n", 18) = 18
[pid 377] memfd_create("syzkaller", 0) = 3
[pid 377] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 377] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 377] munmap(0x7f183e5f9000, 138412032) = 0
[pid 377] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 33.560857][ T375] EXT4-fs (loop0): 1 truncate cleaned up
[ 33.566334][ T375] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 377] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 377] close(3) = 0
[pid 377] close(4) = 0
[pid 377] mkdir("./file0", 0777) = 0
[pid 377] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 377] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 377] chdir("./file0") = 0
[pid 377] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 377] ioctl(4, LOOP_CLR_FD) = 0
[pid 377] close(4) = 0
[pid 377] chdir("./file0") = 0
[pid 377] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 377] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 377] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 377] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 377] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 377] exit_group(0) = ?
[pid 377] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=377, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./33", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./33/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./33/binderfs") = 0
umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
[ 33.618030][ T377] loop0: detected capacity change from 0 to 512
[ 33.627100][ T377] EXT4-fs (loop0): 1 truncate cleaned up
[ 33.632618][ T377] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./33/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./33/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./33/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./33/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./33") = 0
mkdir("./34", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 379
./strace-static-x86_64: Process 379 attached
[pid 379] set_robust_list(0x5555596d1660, 24) = 0
[pid 379] chdir("./34") = 0
[pid 379] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 379] setpgid(0, 0) = 0
[pid 379] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 379] write(3, "1000", 4) = 4
executing program
[pid 379] close(3) = 0
[pid 379] symlink("/dev/binderfs", "./binderfs") = 0
[pid 379] write(1, "executing program\n", 18) = 18
[pid 379] memfd_create("syzkaller", 0) = 3
[pid 379] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 379] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 379] munmap(0x7f183e5f9000, 138412032) = 0
[pid 379] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 379] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 379] close(3) = 0
[pid 379] close(4) = 0
[pid 379] mkdir("./file0", 0777) = 0
[ 33.694265][ T379] loop0: detected capacity change from 0 to 512
[pid 379] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 379] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 379] chdir("./file0") = 0
[pid 379] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 379] ioctl(4, LOOP_CLR_FD) = 0
[pid 379] close(4) = 0
[pid 379] chdir("./file0") = 0
[pid 379] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 379] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 379] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 379] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 379] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 379] exit_group(0) = ?
[pid 379] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=379, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./34", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./34/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./34/binderfs") = 0
[ 33.800710][ T379] EXT4-fs (loop0): 1 truncate cleaned up
[ 33.806295][ T379] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./34/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./34/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./34/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./34/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./34") = 0
mkdir("./35", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x5555596d1650) = 381
./strace-static-x86_64: Process 381 attached
[pid 381] set_robust_list(0x5555596d1660, 24) = 0
[pid 381] chdir("./35") = 0
[pid 381] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 381] setpgid(0, 0) = 0
[pid 381] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 381] write(3, "1000", 4) = 4
[pid 381] close(3) = 0
[pid 381] symlink("/dev/binderfs", "./binderfs") = 0
[pid 381] write(1, "executing program\n", 18) = 18
[pid 381] memfd_create("syzkaller", 0) = 3
[pid 381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 381] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 381] munmap(0x7f183e5f9000, 138412032) = 0
[pid 381] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 381] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 381] close(3) = 0
[pid 381] close(4) = 0
[pid 381] mkdir("./file0", 0777) = 0
[ 33.911551][ T381] loop0: detected capacity change from 0 to 512
[pid 381] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 381] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 381] chdir("./file0") = 0
[pid 381] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 381] ioctl(4, LOOP_CLR_FD) = 0
[pid 381] close(4) = 0
[pid 381] chdir("./file0") = 0
[pid 381] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 381] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 381] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 381] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 381] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 381] exit_group(0) = ?
[pid 381] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=381, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./35", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./35/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./35/binderfs") = 0
umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./35/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./35/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./35/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./35/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./35") = 0
mkdir("./36", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 383
./strace-static-x86_64: Process 383 attached
[pid 383] set_robust_list(0x5555596d1660, 24) = 0
[pid 383] chdir("./36") = 0
[pid 383] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 383] setpgid(0, 0) = 0
[pid 383] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 383] write(3, "1000", 4) = 4
[pid 383] close(3) = 0
[pid 383] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 383] write(1, "executing program\n", 18) = 18
[pid 383] memfd_create("syzkaller", 0) = 3
[pid 383] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 383] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 383] munmap(0x7f183e5f9000, 138412032) = 0
[pid 383] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 33.980934][ T381] EXT4-fs (loop0): 1 truncate cleaned up
[ 33.986607][ T381] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 383] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 383] close(3) = 0
[pid 383] close(4) = 0
[pid 383] mkdir("./file0", 0777) = 0
[pid 383] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 383] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 383] chdir("./file0") = 0
[pid 383] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 383] ioctl(4, LOOP_CLR_FD) = 0
[pid 383] close(4) = 0
[pid 383] chdir("./file0") = 0
[pid 383] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 383] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 383] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 383] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 383] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 383] exit_group(0) = ?
[pid 383] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=383, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./36", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./36/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./36/binderfs") = 0
umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./36/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./36/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./36/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./36/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./36") = 0
mkdir("./37", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 385
./strace-static-x86_64: Process 385 attached
[pid 385] set_robust_list(0x5555596d1660, 24) = 0
[pid 385] chdir("./37") = 0
[pid 385] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 385] setpgid(0, 0) = 0
executing program
[pid 385] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 385] write(3, "1000", 4) = 4
[pid 385] close(3) = 0
[pid 385] symlink("/dev/binderfs", "./binderfs") = 0
[pid 385] write(1, "executing program\n", 18) = 18
[pid 385] memfd_create("syzkaller", 0) = 3
[pid 385] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 385] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 385] munmap(0x7f183e5f9000, 138412032) = 0
[pid 385] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 34.038046][ T383] loop0: detected capacity change from 0 to 512
[ 34.047554][ T383] EXT4-fs (loop0): 1 truncate cleaned up
[ 34.053068][ T383] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 385] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 385] close(3) = 0
[pid 385] close(4) = 0
[pid 385] mkdir("./file0", 0777) = 0
[pid 385] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 385] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 385] chdir("./file0") = 0
[pid 385] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 385] ioctl(4, LOOP_CLR_FD) = 0
[pid 385] close(4) = 0
[pid 385] chdir("./file0") = 0
[pid 385] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 385] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 385] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 385] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 385] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 385] exit_group(0) = ?
[pid 385] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=385, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./37", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./37/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./37/binderfs") = 0
[ 34.107696][ T385] loop0: detected capacity change from 0 to 512
[ 34.118116][ T385] EXT4-fs (loop0): 1 truncate cleaned up
[ 34.123615][ T385] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./37/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./37/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./37/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./37/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./37") = 0
mkdir("./38", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 387
./strace-static-x86_64: Process 387 attached
[pid 387] set_robust_list(0x5555596d1660, 24) = 0
[pid 387] chdir("./38") = 0
[pid 387] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 387] setpgid(0, 0) = 0
[pid 387] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 387] write(3, "1000", 4) = 4
[pid 387] close(3) = 0
[pid 387] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 387] write(1, "executing program\n", 18) = 18
[pid 387] memfd_create("syzkaller", 0) = 3
[pid 387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 387] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 387] munmap(0x7f183e5f9000, 138412032) = 0
[pid 387] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 387] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 387] close(3) = 0
[pid 387] close(4) = 0
[pid 387] mkdir("./file0", 0777) = 0
[ 34.227536][ T387] loop0: detected capacity change from 0 to 512
[pid 387] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 387] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 387] chdir("./file0") = 0
[pid 387] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 387] ioctl(4, LOOP_CLR_FD) = 0
[pid 387] close(4) = 0
[pid 387] chdir("./file0") = 0
[pid 387] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 387] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 387] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 387] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 387] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 387] exit_group(0) = ?
[pid 387] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=387, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./38", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./38/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./38/binderfs") = 0
umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./38/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./38/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./38/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
[ 34.310677][ T387] EXT4-fs (loop0): 1 truncate cleaned up
[ 34.316592][ T387] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./38/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./38") = 0
mkdir("./39", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 390
./strace-static-x86_64: Process 390 attached
[pid 390] set_robust_list(0x5555596d1660, 24) = 0
[pid 390] chdir("./39") = 0
[pid 390] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 390] setpgid(0, 0) = 0
[pid 390] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 390] write(3, "1000", 4) = 4
[pid 390] close(3) = 0
[pid 390] symlink("/dev/binderfs", "./binderfs") = 0
[pid 390] write(1, "executing program\n", 18executing program
) = 18
[pid 390] memfd_create("syzkaller", 0) = 3
[pid 390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 390] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 390] munmap(0x7f183e5f9000, 138412032) = 0
[pid 390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 390] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 390] close(3) = 0
[pid 390] close(4) = 0
[pid 390] mkdir("./file0", 0777) = 0
[ 34.384779][ T390] loop0: detected capacity change from 0 to 512
[pid 390] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 390] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 390] chdir("./file0") = 0
[pid 390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 390] ioctl(4, LOOP_CLR_FD) = 0
[pid 390] close(4) = 0
[pid 390] chdir("./file0") = 0
[pid 390] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 390] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 390] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 390] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 390] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 390] exit_group(0) = ?
[pid 390] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=390, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./39", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./39/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./39/binderfs") = 0
[ 34.480515][ T390] EXT4-fs (loop0): 1 truncate cleaned up
[ 34.486016][ T390] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./39/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./39/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./39/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./39/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./39") = 0
mkdir("./40", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 392
./strace-static-x86_64: Process 392 attached
[pid 392] set_robust_list(0x5555596d1660, 24) = 0
[pid 392] chdir("./40") = 0
[pid 392] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 392] setpgid(0, 0) = 0
[pid 392] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 392] write(3, "1000", 4) = 4
[pid 392] close(3) = 0
[pid 392] symlink("/dev/binderfs", "./binderfs") = 0
[pid 392] write(1, "executing program\n", 18executing program
) = 18
[pid 392] memfd_create("syzkaller", 0) = 3
[pid 392] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 392] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 392] munmap(0x7f183e5f9000, 138412032) = 0
[pid 392] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 392] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 392] close(3) = 0
[pid 392] close(4) = 0
[pid 392] mkdir("./file0", 0777) = 0
[ 34.564490][ T392] loop0: detected capacity change from 0 to 512
[pid 392] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 392] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 392] chdir("./file0") = 0
[pid 392] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 392] ioctl(4, LOOP_CLR_FD) = 0
[pid 392] close(4) = 0
[pid 392] chdir("./file0") = 0
[pid 392] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 392] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 392] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 392] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 392] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 392] exit_group(0) = ?
[pid 392] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=392, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./40", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./40/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./40/binderfs") = 0
[ 34.604648][ T392] EXT4-fs (loop0): 1 truncate cleaned up
[ 34.610253][ T392] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./40/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./40/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./40/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./40/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./40") = 0
mkdir("./41", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 394
./strace-static-x86_64: Process 394 attached
[pid 394] set_robust_list(0x5555596d1660, 24) = 0
[pid 394] chdir("./41") = 0
[pid 394] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 394] setpgid(0, 0) = 0
[pid 394] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 394] write(3, "1000", 4) = 4
[pid 394] close(3) = 0
[pid 394] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 394] write(1, "executing program\n", 18) = 18
[pid 394] memfd_create("syzkaller", 0) = 3
[pid 394] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 394] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 394] munmap(0x7f183e5f9000, 138412032) = 0
[pid 394] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 394] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 394] close(3) = 0
[pid 394] close(4) = 0
[pid 394] mkdir("./file0", 0777) = 0
[ 34.699815][ T394] loop0: detected capacity change from 0 to 512
[pid 394] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 394] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 394] chdir("./file0") = 0
[pid 394] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 394] ioctl(4, LOOP_CLR_FD) = 0
[pid 394] close(4) = 0
[pid 394] chdir("./file0") = 0
[pid 394] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 394] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 394] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 394] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 394] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 394] exit_group(0) = ?
[pid 394] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=394, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./41", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./41/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./41/binderfs") = 0
umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./41/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./41/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./41/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./41/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./41") = 0
mkdir("./42", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 34.780830][ T394] EXT4-fs (loop0): 1 truncate cleaned up
[ 34.786831][ T394] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 396
./strace-static-x86_64: Process 396 attached
[pid 396] set_robust_list(0x5555596d1660, 24) = 0
[pid 396] chdir("./42") = 0
[pid 396] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 396] setpgid(0, 0) = 0
[pid 396] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 396] write(3, "1000", 4) = 4
[pid 396] close(3) = 0
[pid 396] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 396] write(1, "executing program\n", 18) = 18
[pid 396] memfd_create("syzkaller", 0) = 3
[pid 396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 396] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 396] munmap(0x7f183e5f9000, 138412032) = 0
[pid 396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 396] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 396] close(3) = 0
[pid 396] close(4) = 0
[pid 396] mkdir("./file0", 0777) = 0
[pid 396] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 396] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 396] chdir("./file0") = 0
[pid 396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 396] ioctl(4, LOOP_CLR_FD) = 0
[pid 396] close(4) = 0
[pid 396] chdir("./file0") = 0
[pid 396] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 396] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 396] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 396] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 396] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 396] exit_group(0) = ?
[pid 396] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=396, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./42", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./42/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./42/binderfs") = 0
[ 34.848016][ T396] loop0: detected capacity change from 0 to 512
[ 34.857285][ T396] EXT4-fs (loop0): 1 truncate cleaned up
[ 34.862879][ T396] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./42/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./42/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./42/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./42/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./42") = 0
mkdir("./43", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 398
./strace-static-x86_64: Process 398 attached
[pid 398] set_robust_list(0x5555596d1660, 24) = 0
[pid 398] chdir("./43") = 0
[pid 398] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 398] setpgid(0, 0) = 0
[pid 398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 398] write(3, "1000", 4) = 4
[pid 398] close(3) = 0
[pid 398] symlink("/dev/binderfs", "./binderfs") = 0
[pid 398] write(1, "executing program\n", 18executing program
) = 18
[pid 398] memfd_create("syzkaller", 0) = 3
[pid 398] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 398] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 398] munmap(0x7f183e5f9000, 138412032) = 0
[pid 398] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 398] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 398] close(3) = 0
[pid 398] close(4) = 0
[pid 398] mkdir("./file0", 0777) = 0
[pid 398] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 398] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 398] chdir("./file0") = 0
[pid 398] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 398] ioctl(4, LOOP_CLR_FD) = 0
[pid 398] close(4) = 0
[pid 398] chdir("./file0") = 0
[pid 398] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 398] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 398] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 398] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 398] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 398] exit_group(0) = ?
[pid 398] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=398, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./43", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./43/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./43/binderfs") = 0
umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./43/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./43/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./43/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./43/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./43") = 0
mkdir("./44", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x5555596d1650) = 400
./strace-static-x86_64: Process 400 attached
[pid 400] set_robust_list(0x5555596d1660, 24) = 0
[pid 400] chdir("./44") = 0
[pid 400] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 400] setpgid(0, 0) = 0
[pid 400] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 400] write(3, "1000", 4) = 4
[pid 400] close(3) = 0
[pid 400] symlink("/dev/binderfs", "./binderfs") = 0
[pid 400] write(1, "executing program\n", 18) = 18
[pid 400] memfd_create("syzkaller", 0) = 3
[pid 400] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 400] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 400] munmap(0x7f183e5f9000, 138412032) = 0
[pid 400] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 34.969402][ T398] loop0: detected capacity change from 0 to 512
[ 34.982451][ T398] EXT4-fs (loop0): 1 truncate cleaned up
[ 34.988050][ T398] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 400] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 400] close(3) = 0
[pid 400] close(4) = 0
[pid 400] mkdir("./file0", 0777) = 0
[ 35.038051][ T400] loop0: detected capacity change from 0 to 512
[pid 400] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 400] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 400] chdir("./file0") = 0
[pid 400] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 400] ioctl(4, LOOP_CLR_FD) = 0
[pid 400] close(4) = 0
[pid 400] chdir("./file0") = 0
[pid 400] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 400] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 400] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 400] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 400] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 400] exit_group(0) = ?
[pid 400] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=400, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./44", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./44/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./44/binderfs") = 0
umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./44/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./44/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./44/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./44/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./44") = 0
mkdir("./45", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
[ 35.120889][ T400] EXT4-fs (loop0): 1 truncate cleaned up
[ 35.126712][ T400] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 402
./strace-static-x86_64: Process 402 attached
[pid 402] set_robust_list(0x5555596d1660, 24) = 0
[pid 402] chdir("./45") = 0
[pid 402] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 402] setpgid(0, 0) = 0
executing program
[pid 402] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 402] write(3, "1000", 4) = 4
[pid 402] close(3) = 0
[pid 402] symlink("/dev/binderfs", "./binderfs") = 0
[pid 402] write(1, "executing program\n", 18) = 18
[pid 402] memfd_create("syzkaller", 0) = 3
[pid 402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 402] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 402] munmap(0x7f183e5f9000, 138412032) = 0
[pid 402] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 402] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 402] close(3) = 0
[pid 402] close(4) = 0
[pid 402] mkdir("./file0", 0777) = 0
[ 35.188490][ T402] loop0: detected capacity change from 0 to 512
[pid 402] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 402] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 402] chdir("./file0") = 0
[pid 402] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 402] ioctl(4, LOOP_CLR_FD) = 0
[pid 402] close(4) = 0
[pid 402] chdir("./file0") = 0
[pid 402] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 402] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 402] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 402] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 402] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 402] exit_group(0) = ?
[pid 402] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=402, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
umount2("./45", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./45/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./45/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./45/binderfs") = 0
umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./45/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./45/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./45/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./45/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./45") = 0
mkdir("./46", 0777) = 0
[ 35.250598][ T402] EXT4-fs (loop0): 1 truncate cleaned up
[ 35.256074][ T402] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 405
./strace-static-x86_64: Process 405 attached
[pid 405] set_robust_list(0x5555596d1660, 24) = 0
[pid 405] chdir("./46") = 0
[pid 405] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 405] setpgid(0, 0) = 0
[pid 405] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 405] write(3, "1000", 4) = 4
[pid 405] close(3) = 0
[pid 405] symlink("/dev/binderfs", "./binderfs") = 0
[pid 405] write(1, "executing program\n", 18executing program
) = 18
[pid 405] memfd_create("syzkaller", 0) = 3
[pid 405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 405] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 405] munmap(0x7f183e5f9000, 138412032) = 0
[pid 405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 405] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 405] close(3) = 0
[pid 405] close(4) = 0
[pid 405] mkdir("./file0", 0777) = 0
[ 35.359658][ T405] loop0: detected capacity change from 0 to 512
[pid 405] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 405] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 405] chdir("./file0") = 0
[pid 405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 405] ioctl(4, LOOP_CLR_FD) = 0
[pid 405] close(4) = 0
[pid 405] chdir("./file0") = 0
[pid 405] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 405] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 405] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 405] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 405] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 405] exit_group(0) = ?
[pid 405] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=405, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./46", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./46/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./46/binderfs") = 0
umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./46/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./46/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./46/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./46/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./46") = 0
mkdir("./47", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 407
./strace-static-x86_64: Process 407 attached
[pid 407] set_robust_list(0x5555596d1660, 24) = 0
[pid 407] chdir("./47") = 0
[pid 407] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 407] setpgid(0, 0) = 0
[pid 407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 407] write(3, "1000", 4) = 4
[pid 407] close(3) = 0
[pid 407] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 407] write(1, "executing program\n", 18) = 18
[pid 407] memfd_create("syzkaller", 0) = 3
[pid 407] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 407] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 407] munmap(0x7f183e5f9000, 138412032) = 0
[pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 35.404658][ T405] EXT4-fs (loop0): 1 truncate cleaned up
[ 35.410185][ T405] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 407] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 407] close(3) = 0
[pid 407] close(4) = 0
[pid 407] mkdir("./file0", 0777) = 0
[pid 407] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 407] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 407] chdir("./file0") = 0
[pid 407] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 407] ioctl(4, LOOP_CLR_FD) = 0
[pid 407] close(4) = 0
[pid 407] chdir("./file0") = 0
[pid 407] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 407] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 407] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 407] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 407] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 407] exit_group(0) = ?
[pid 407] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=407, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./47", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./47/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./47/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./47/binderfs") = 0
[ 35.457808][ T407] loop0: detected capacity change from 0 to 512
[ 35.468279][ T407] EXT4-fs (loop0): 1 truncate cleaned up
[ 35.473779][ T407] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./47/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./47/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./47/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./47/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./47") = 0
mkdir("./48", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x5555596d1650) = 409
./strace-static-x86_64: Process 409 attached
[pid 409] set_robust_list(0x5555596d1660, 24) = 0
[pid 409] chdir("./48") = 0
[pid 409] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 409] setpgid(0, 0) = 0
[pid 409] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 409] write(3, "1000", 4) = 4
[pid 409] close(3) = 0
[pid 409] symlink("/dev/binderfs", "./binderfs") = 0
[pid 409] write(1, "executing program\n", 18) = 18
[pid 409] memfd_create("syzkaller", 0) = 3
[pid 409] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 409] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 409] munmap(0x7f183e5f9000, 138412032) = 0
[pid 409] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 409] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 409] close(3) = 0
[pid 409] close(4) = 0
[pid 409] mkdir("./file0", 0777) = 0
[pid 409] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 409] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 409] chdir("./file0") = 0
[pid 409] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 409] ioctl(4, LOOP_CLR_FD) = 0
[pid 409] close(4) = 0
[pid 409] chdir("./file0") = 0
[pid 409] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 409] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 409] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 409] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 409] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 409] exit_group(0) = ?
[pid 409] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=409, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./48", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./48/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./48/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./48/binderfs") = 0
[ 35.597545][ T409] loop0: detected capacity change from 0 to 512
[ 35.606828][ T409] EXT4-fs (loop0): 1 truncate cleaned up
[ 35.612380][ T409] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./48/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./48/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./48/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./48/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./48") = 0
mkdir("./49", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 411
./strace-static-x86_64: Process 411 attached
[pid 411] set_robust_list(0x5555596d1660, 24) = 0
[pid 411] chdir("./49") = 0
[pid 411] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 411] setpgid(0, 0) = 0
[pid 411] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 411] write(3, "1000", 4) = 4
[pid 411] close(3) = 0
[pid 411] symlink("/dev/binderfs", "./binderfs") = 0
[pid 411] write(1, "executing program\n", 18executing program
) = 18
[pid 411] memfd_create("syzkaller", 0) = 3
[pid 411] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 411] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 411] munmap(0x7f183e5f9000, 138412032) = 0
[pid 411] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 411] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 411] close(3) = 0
[ 35.726338][ T411] loop0: detected capacity change from 0 to 512
[pid 411] close(4) = 0
[pid 411] mkdir("./file0", 0777) = 0
[pid 411] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 411] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 411] chdir("./file0") = 0
[pid 411] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 411] ioctl(4, LOOP_CLR_FD) = 0
[pid 411] close(4) = 0
[pid 411] chdir("./file0") = 0
[pid 411] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 411] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 411] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 411] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 411] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 411] exit_group(0) = ?
[pid 411] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=411, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./49", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./49/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./49/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./49/binderfs") = 0
[ 35.840722][ T411] EXT4-fs (loop0): 1 truncate cleaned up
[ 35.846344][ T411] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./49/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./49/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./49/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./49/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./49") = 0
mkdir("./50", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 413
./strace-static-x86_64: Process 413 attached
[pid 413] set_robust_list(0x5555596d1660, 24) = 0
[pid 413] chdir("./50") = 0
[pid 413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 413] setpgid(0, 0) = 0
[pid 413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 413] write(3, "1000", 4) = 4
[pid 413] close(3) = 0
[pid 413] symlink("/dev/binderfs", "./binderfs") = 0
[pid 413] write(1, "executing program\n", 18executing program
) = 18
[pid 413] memfd_create("syzkaller", 0) = 3
[pid 413] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 413] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 413] munmap(0x7f183e5f9000, 138412032) = 0
[pid 413] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 413] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 413] close(3) = 0
[pid 413] close(4) = 0
[pid 413] mkdir("./file0", 0777) = 0
[ 35.924753][ T413] loop0: detected capacity change from 0 to 512
[pid 413] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 413] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 413] chdir("./file0") = 0
[pid 413] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 413] ioctl(4, LOOP_CLR_FD) = 0
[pid 413] close(4) = 0
[pid 413] chdir("./file0") = 0
[pid 413] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 413] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 413] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 413] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 413] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 413] exit_group(0) = ?
[pid 413] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=413, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./50", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./50/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./50/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./50/binderfs") = 0
[ 35.990883][ T413] EXT4-fs (loop0): 1 truncate cleaned up
[ 35.996366][ T413] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./50/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./50/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./50/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./50/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./50") = 0
mkdir("./51", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 415
./strace-static-x86_64: Process 415 attached
[pid 415] set_robust_list(0x5555596d1660, 24) = 0
[pid 415] chdir("./51") = 0
[pid 415] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 415] setpgid(0, 0) = 0
[pid 415] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 415] write(3, "1000", 4) = 4
[pid 415] close(3) = 0
[pid 415] symlink("/dev/binderfs", "./binderfs") = 0
[pid 415] write(1, "executing program\n", 18executing program
) = 18
[pid 415] memfd_create("syzkaller", 0) = 3
[pid 415] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 415] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 415] munmap(0x7f183e5f9000, 138412032) = 0
[pid 415] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 415] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 415] close(3) = 0
[pid 415] close(4) = 0
[pid 415] mkdir("./file0", 0777) = 0
[ 36.115648][ T415] loop0: detected capacity change from 0 to 512
[pid 415] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 415] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 415] chdir("./file0") = 0
[pid 415] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 415] ioctl(4, LOOP_CLR_FD) = 0
[pid 415] close(4) = 0
[pid 415] chdir("./file0") = 0
[pid 415] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 415] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 415] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 415] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 415] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 415] exit_group(0) = ?
[pid 415] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=415, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./51", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./51/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./51/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./51/binderfs") = 0
[ 36.200611][ T415] EXT4-fs (loop0): 1 truncate cleaned up
[ 36.206369][ T415] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./51/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./51/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./51/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./51/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./51") = 0
mkdir("./52", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 417
./strace-static-x86_64: Process 417 attached
[pid 417] set_robust_list(0x5555596d1660, 24) = 0
[pid 417] chdir("./52") = 0
[pid 417] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 417] setpgid(0, 0) = 0
[pid 417] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 417] write(3, "1000", 4) = 4
[pid 417] close(3) = 0
[pid 417] symlink("/dev/binderfs", "./binderfs") = 0
[pid 417] write(1, "executing program\n", 18executing program
) = 18
[pid 417] memfd_create("syzkaller", 0) = 3
[pid 417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 417] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 417] munmap(0x7f183e5f9000, 138412032) = 0
[pid 417] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 417] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 417] close(3) = 0
[pid 417] close(4) = 0
[pid 417] mkdir("./file0", 0777) = 0
[ 36.284370][ T417] loop0: detected capacity change from 0 to 512
[pid 417] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 417] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 417] chdir("./file0") = 0
[pid 417] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 417] ioctl(4, LOOP_CLR_FD) = 0
[pid 417] close(4) = 0
[pid 417] chdir("./file0") = 0
[pid 417] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 417] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 417] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 417] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 417] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 417] exit_group(0) = ?
[pid 417] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=417, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./52", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./52/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./52/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./52/binderfs") = 0
[ 36.360801][ T417] EXT4-fs (loop0): 1 truncate cleaned up
[ 36.366279][ T417] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./52/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./52/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./52/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./52/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./52") = 0
mkdir("./53", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 420
./strace-static-x86_64: Process 420 attached
[pid 420] set_robust_list(0x5555596d1660, 24) = 0
[pid 420] chdir("./53") = 0
[pid 420] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 420] setpgid(0, 0) = 0
[pid 420] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 420] write(3, "1000", 4) = 4
[pid 420] close(3) = 0
[pid 420] symlink("/dev/binderfs", "./binderfs") = 0
[pid 420] write(1, "executing program\n", 18executing program
) = 18
[pid 420] memfd_create("syzkaller", 0) = 3
[pid 420] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 420] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 420] munmap(0x7f183e5f9000, 138412032) = 0
[pid 420] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 420] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 420] close(3) = 0
[pid 420] close(4) = 0
[pid 420] mkdir("./file0", 0777) = 0
[ 36.442105][ T420] loop0: detected capacity change from 0 to 512
[pid 420] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 420] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 420] chdir("./file0") = 0
[pid 420] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 420] ioctl(4, LOOP_CLR_FD) = 0
[pid 420] close(4) = 0
[pid 420] chdir("./file0") = 0
[pid 420] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 420] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 420] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 420] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 420] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 420] exit_group(0) = ?
[pid 420] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=420, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./53", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./53/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./53/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./53/binderfs") = 0
[ 36.530753][ T420] EXT4-fs (loop0): 1 truncate cleaned up
[ 36.536823][ T420] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./53/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./53/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./53/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./53/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./53") = 0
mkdir("./54", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 422
./strace-static-x86_64: Process 422 attached
[pid 422] set_robust_list(0x5555596d1660, 24) = 0
[pid 422] chdir("./54") = 0
[pid 422] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 422] setpgid(0, 0) = 0
[pid 422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 422] write(3, "1000", 4) = 4
[pid 422] close(3) = 0
[pid 422] symlink("/dev/binderfs", "./binderfs") = 0
[pid 422] write(1, "executing program\n", 18executing program
) = 18
[pid 422] memfd_create("syzkaller", 0) = 3
[pid 422] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 422] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 422] munmap(0x7f183e5f9000, 138412032) = 0
[pid 422] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 422] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 422] close(3) = 0
[pid 422] close(4) = 0
[pid 422] mkdir("./file0", 0777) = 0
[ 36.624396][ T422] loop0: detected capacity change from 0 to 512
[pid 422] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 422] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 422] chdir("./file0") = 0
[pid 422] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 422] ioctl(4, LOOP_CLR_FD) = 0
[pid 422] close(4) = 0
[pid 422] chdir("./file0") = 0
[pid 422] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 422] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 422] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 422] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 422] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 422] exit_group(0) = ?
[pid 422] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=422, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./54", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./54/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./54/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./54/binderfs") = 0
[ 36.710492][ T422] EXT4-fs (loop0): 1 truncate cleaned up
[ 36.715974][ T422] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./54/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./54/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./54/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./54/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./54") = 0
mkdir("./55", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3executing program
) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 424
./strace-static-x86_64: Process 424 attached
[pid 424] set_robust_list(0x5555596d1660, 24) = 0
[pid 424] chdir("./55") = 0
[pid 424] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 424] setpgid(0, 0) = 0
[pid 424] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 424] write(3, "1000", 4) = 4
[pid 424] close(3) = 0
[pid 424] symlink("/dev/binderfs", "./binderfs") = 0
[pid 424] write(1, "executing program\n", 18) = 18
[pid 424] memfd_create("syzkaller", 0) = 3
[pid 424] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 424] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 424] munmap(0x7f183e5f9000, 138412032) = 0
[pid 424] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 424] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 424] close(3) = 0
[pid 424] close(4) = 0
[pid 424] mkdir("./file0", 0777) = 0
[ 36.839943][ T424] loop0: detected capacity change from 0 to 512
[pid 424] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 424] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 424] chdir("./file0") = 0
[pid 424] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 424] ioctl(4, LOOP_CLR_FD) = 0
[pid 424] close(4) = 0
[pid 424] chdir("./file0") = 0
[pid 424] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 424] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 424] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 424] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 424] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 424] exit_group(0) = ?
[pid 424] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=424, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./55", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./55/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./55/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./55/binderfs") = 0
umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./55/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./55/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./55/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./55/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./55") = 0
mkdir("./56", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 426
./strace-static-x86_64: Process 426 attached
[pid 426] set_robust_list(0x5555596d1660, 24) = 0
[pid 426] chdir("./56") = 0
[pid 426] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 426] setpgid(0, 0) = 0
[pid 426] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 426] write(3, "1000", 4) = 4
[pid 426] close(3) = 0
[pid 426] symlink("/dev/binderfs", "./binderfs") = 0
executing program
[pid 426] write(1, "executing program\n", 18) = 18
[pid 426] memfd_create("syzkaller", 0) = 3
[pid 426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 426] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 426] munmap(0x7f183e5f9000, 138412032) = 0
[pid 426] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 36.910548][ T424] EXT4-fs (loop0): 1 truncate cleaned up
[ 36.916027][ T424] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 426] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 426] close(3) = 0
[pid 426] close(4) = 0
[pid 426] mkdir("./file0", 0777) = 0
[pid 426] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 426] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 426] chdir("./file0") = 0
[pid 426] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 426] ioctl(4, LOOP_CLR_FD) = 0
[pid 426] close(4) = 0
[pid 426] chdir("./file0") = 0
[pid 426] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 426] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 426] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 426] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 426] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 426] exit_group(0) = ?
[pid 426] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=426, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./56", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./56/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./56/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./56/binderfs") = 0
umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./56/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./56/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./56/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./56/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./56") = 0
mkdir("./57", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 428
./strace-static-x86_64: Process 428 attached
[pid 428] set_robust_list(0x5555596d1660, 24) = 0
[pid 428] chdir("./57") = 0
[pid 428] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 428] setpgid(0, 0) = 0
[pid 428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 428] write(3, "1000", 4) = 4
[pid 428] close(3) = 0
[pid 428] symlink("/dev/binderfs", "./binderfs") = 0
[pid 428] write(1, "executing program\n", 18executing program
) = 18
[pid 428] memfd_create("syzkaller", 0) = 3
[pid 428] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 428] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 428] munmap(0x7f183e5f9000, 138412032) = 0
[pid 428] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[ 36.967731][ T426] loop0: detected capacity change from 0 to 512
[ 36.978085][ T426] EXT4-fs (loop0): 1 truncate cleaned up
[ 36.983642][ T426] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[pid 428] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 428] close(3) = 0
[pid 428] close(4) = 0
[pid 428] mkdir("./file0", 0777) = 0
[ 37.043830][ T428] loop0: detected capacity change from 0 to 512
[pid 428] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 428] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 428] chdir("./file0") = 0
[pid 428] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 428] ioctl(4, LOOP_CLR_FD) = 0
[pid 428] close(4) = 0
[pid 428] chdir("./file0") = 0
[pid 428] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 428] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 428] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 428] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 428] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 428] exit_group(0) = ?
[pid 428] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=428, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./57", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./57/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./57/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./57/binderfs") = 0
[ 37.130998][ T428] EXT4-fs (loop0): 1 truncate cleaned up
[ 37.136475][ T428] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./57/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./57/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./57/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./57/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./57") = 0
mkdir("./58", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 430
./strace-static-x86_64: Process 430 attached
[pid 430] set_robust_list(0x5555596d1660, 24) = 0
[pid 430] chdir("./58") = 0
[pid 430] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 430] setpgid(0, 0) = 0
[pid 430] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 430] write(3, "1000", 4) = 4
[pid 430] close(3) = 0
[pid 430] symlink("/dev/binderfs", "./binderfs"executing program
) = 0
[pid 430] write(1, "executing program\n", 18) = 18
[pid 430] memfd_create("syzkaller", 0) = 3
[pid 430] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 430] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 430] munmap(0x7f183e5f9000, 138412032) = 0
[pid 430] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 430] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 430] close(3) = 0
[pid 430] close(4) = 0
[pid 430] mkdir("./file0", 0777) = 0
[ 37.237971][ T430] loop0: detected capacity change from 0 to 512
[pid 430] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 430] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 430] chdir("./file0") = 0
[pid 430] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 430] ioctl(4, LOOP_CLR_FD) = 0
[pid 430] close(4) = 0
[pid 430] chdir("./file0") = 0
[pid 430] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 430] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 430] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 430] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 430] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 430] exit_group(0) = ?
[pid 430] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=430, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./58", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./58/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./58/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
unlink("./58/binderfs") = 0
[ 37.310473][ T430] EXT4-fs (loop0): 1 truncate cleaned up
[ 37.315954][ T430] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./58/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./58/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./58/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./58/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./58") = 0
mkdir("./59", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
, child_tidptr=0x5555596d1650) = 433
./strace-static-x86_64: Process 433 attached
[pid 433] set_robust_list(0x5555596d1660, 24) = 0
[pid 433] chdir("./59") = 0
[pid 433] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 433] setpgid(0, 0) = 0
[pid 433] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 433] write(3, "1000", 4) = 4
[pid 433] close(3) = 0
[pid 433] symlink("/dev/binderfs", "./binderfs") = 0
[pid 433] write(1, "executing program\n", 18) = 18
[pid 433] memfd_create("syzkaller", 0) = 3
[pid 433] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 433] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 433] munmap(0x7f183e5f9000, 138412032) = 0
[pid 433] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 433] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 433] close(3) = 0
[pid 433] close(4) = 0
[pid 433] mkdir("./file0", 0777) = 0
[ 37.388995][ T433] loop0: detected capacity change from 0 to 512
[pid 433] mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0
[pid 433] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 433] chdir("./file0") = 0
[pid 433] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 433] ioctl(4, LOOP_CLR_FD) = 0
[pid 433] close(4) = 0
[pid 433] chdir("./file0") = 0
[pid 433] openat(AT_FDCWD, "blkio.throttle.io_serviced_recursive", O_RDWR|O_CREAT|O_NOCTTY|O_TRUNC|O_APPEND|FASYNC|0x18, 000) = 4
[pid 433] symlink("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 433] creat("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 5
[pid 433] mknod("./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 0
[pid 433] link("./file0", "./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0
[pid 433] exit_group(0) = ?
[pid 433] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=433, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
umount2("./59", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(3, 0x5555596d26f0 /* 4 entries */, 32768) = 112
umount2("./59/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./59/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0
[ 37.470548][ T433] EXT4-fs (loop0): 1 truncate cleaned up
[ 37.476034][ T433] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
unlink("./59/binderfs") = 0
umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = 0
umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
newfstatat(AT_FDCWD, "./59/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0
umount2("./59/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument)
openat(AT_FDCWD, "./59/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0
getdents64(4, 0x5555596da730 /* 2 entries */, 32768) = 48
getdents64(4, 0x5555596da730 /* 0 entries */, 32768) = 0
close(4) = 0
rmdir("./59/file0") = 0
getdents64(3, 0x5555596d26f0 /* 0 entries */, 32768) = 0
close(3) = 0
rmdir("./59") = 0
mkdir("./60", 0777) = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555596d1650) = 435
./strace-static-x86_64: Process 435 attached
[pid 435] set_robust_list(0x5555596d1660, 24) = 0
[pid 435] chdir("./60") = 0
[pid 435] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 435] setpgid(0, 0) = 0
[pid 435] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 435] write(3, "1000", 4) = 4
[pid 435] close(3) = 0
[pid 435] symlink("/dev/binderfs", "./binderfs") = 0
[pid 435] write(1, "executing program\n", 18executing program
) = 18
[pid 435] memfd_create("syzkaller", 0) = 3
[pid 435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f183e5f9000
[pid 435] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144
[pid 435] munmap(0x7f183e5f9000, 138412032) = 0
[pid 435] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 435] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 435] close(3) = 0
[pid 435] close(4) = 0
[pid 435] mkdir("./file0", 0777) = 0
[ 37.605352][ T435] loop0: detected capacity change from 0 to 512